Many of today’s internet users are not aware of the different layers of the internet. The surface level of the internet that employees browse through consists of social media platforms such as Facebook, and websites for shopping, and multimedia variations like news and educational videos. These surface level internet sites which are indexed can be accessed using a search engine such as Google. Additionally, there is the Deep Web, where a search engine cannot access the web pages, as they are not indexed. In other words, these sites are difficult to search for or stumble upon, but they can be accessed if one knows their exact web address. What may surprise people is that most of the internet today is actually considered part of the Deep Web.
Lastly, there is the Dark Web, a part of the Deep Web, which provides complete privacy and anonymity to its users. While it is used for legitimate purposes, this setting can also be exploited for illegal purposes, such as drug and human trafficking. Employers and their IT professionals need to be aware of all the facets of the Dark Web. An employee accessing the Dark Web can lower the shields of his/her companies’ network and make it vulnerable to cyber attacks against the company. Recruiting “insiders” at several companies has been another strategy that some sources on the Dark Web use, to legitimately access company information and take advantage of it. Many IT security programs today focus on outside threats, but companies are now realizing the importance of increasing the security against insider threats as well.
IT and Security personnel must continue to evolve based on the threats posed by the Dark Web and insider activity. Monitoring for suspicious activity such as downloading specific browsers, investing in insider threat protection, and educating your workforce about the risks and penalties with accessing company information for nefarious purposes can decrease the possibility of the Dark Web creating havoc in an organization.