Steeping oneself in Inside the Dark Web is akin to planning a first attempt at mountain climbing. A rising fear of a dangerous adventure yields to a growing appreciation for the Sherpas. The book’s two authors acquit themselves as experienced guides to the cyber underworld and the field’s relevance to law enforcement.
Although well-organized, the book is not an easy read, with sometimes unexplained technical jargon, often choppy sentence structure, and frequently overlapping and repetitive flow of material. Notably lacking is a glossary of significant cyber terms.
Still, the complexity of the territory may excuse such obstacles, and the reader soon encounters the various dimensions of the dark web. Of great use to students of cybersecurity are conclusions and summary sections, as well as questions at the end of most chapters.
Early in the book, readers are introduced to the dark web’s threat landscape, the familiar range of narcotics trafficking, child pornography, terrorism, weapons, unconventional currency marketing, and other illegal activity. The authors explain where to find the dark web. It’s not in the visible Web (about 4 percent of the World Wide Web) but in the deep web (the other 96 percent), which houses medical records, government files, and other sites that must be kept away from public eyes. The dark web is a subset of the deep web that is entirely made up of dark sites.
Dark websites are not indexed by search engines like Google; they are accessible only through special browsers such as Tor. The authors argue that Tor’s original objective—to protect users’ privacy and anonymity—was blighted by criminal exploitation of it.
The authors discuss content analysis, exploiting content logs, and forensics among other things. Like Sherpas, they lead the reader on an inside tour of a crime and threat target that is largely unfamiliar to security professionals. Much of the book may require a second or third reading, but the volume is an excellent reference.
James T. Dunne, CPP, is a member of the ASIS Communities for Global Terrorism, Political Instability, and International Crime, and for Information Technology Security. He is a senior analyst in the State Department’s Bureau of Diplomatic Security. The views expressed here are those of the reviewer, and do not necessarily reflect those of the U.S. Department of State or the U.S. government.