When trying to determine if you should begin a dark web investigation, ask yourself these three questions concerning content, risk and precautions.

For online investigators, many are used to leaving no stone unturned. Yet when it comes to exploring the dark web, there are inherent risks that come along with looking below. To determine whether or not you should pursue dark web investigations, start by asking yourself these questions:

  1. Can you find the information anywhere else? 
  2. Do you understand all the possible risks? 
  3. Will you be able to access it safely? 

And if the answer to these considerations leads you to pursue a dark web investigation, there are additional resources to consider in order to protect yourself and your company.

Is a dark web investigation necessary for your investigation?

The first way to determine if accessing the dark web is for you is simple — is it the only place that offers the information you need? The dark web itself only accounts for a small amount of all internet data, just 0.01% according to Britannica. That means, when determining where you need to look, statistics are on  the side of what you already have available. Most of the data you seek is likely on the surface web most people are familiar with or the deep web.

Learn more on what’s the difference between the surface, deep and dark web >

The deep web, residing just below the surface, requires login credentials to access. Many investigators use tools from the deep web, such as academic journals, crime databases or members-only social media sites and blog forums to aid in their research.

With so much of the internet freely available, you may not even need to take on the risks of trying to access a darknet. The simple answer is always the best answer — if you don’t need to access it, you shouldn’t. However, if the leads you chase are constantly dipping below the surface, there are ways to protect yourself and your company while following your investigation in every direction it may take you.

Don’t be afraid of the dark

The dark web is most notorious for illicit activity and nefarious figures (although this isn’t its only purpose). Figuratively waltzing into a hotbed of criminal activity is reasonably intimidating and there are legitimate risks associated that we’ll outline below.

However when conducting an investigation, one of the most efficient tools at your disposal is to go where the crime, fraud or illicit activity is taking place. If you need to learn more about a specific suspect or a leak, taking your investigation to where the bad actors commonly reide seems simply makes sense. With the right understanding of risks and precautions, you can enter the dark web to the benefit your mission without compromising your security.

Do you fully understand the risks of dark web investigations?

If you have already determined that what you are looking for can only be located on the dark web, you need to understand the risks before diving in. Many dark web services — including the largest, Tor — have risks involved just with signing on. Those may include both risks to you personally and risks to your employer. Before you begin, make sure you fully understand what’s at stake.

The dark web, like anywhere on the internet, comes with cyber risks. Just clicking on a link or visiting a site could introduce malicious content to your machine and network. And due to the dark web’s more unscrupulous users looking to ward off any unwanted attention, it may be particularly rife with cyberthreats. Simply logging in with your main work computer or with your personal laptop without any additional precautions could introduce risk to your environment or reveal company secrets or personal information.

The next thing to consider is your digital fingerprint. Your IP address, your browser history and cookies are all giving away information about you that you may not want to be found out. Even the language your device is set to or what browser you choose may give away important context that could tip off investigative targets as to who you are and why you’re on their site. This could lead not only to retaliation (cyber or physical) but disrupt the investigation due to disinformation or a target going into hiding.

Beyond malware and hacking risks, there are still other issues to consider. For instance, if accessing blogs or marketplaces known for criminal activity, you yourself might be assumed to be a criminal by law enforcement officials. You also need to be sure dark web investigations are covered in your organization’s IT policies and any necessary monitoring and auditing are in place.

Before accessing the darknet, make sure both you and your company are familiar with all risks involved and have created a detailed game plan for how to mitigate them.

Will you be able to conduct dark web investigations safely?

With all the risks in mind that go along with logging on to the dark web, it’s important to ask if you will be able to protect yourself and your employer properly before you begin. Do you have a process in mind? Has legal counsel been consulted? And do you have a resource for concealing your identity and protecting yourself from malware?

To mitigate risks, there are a few things to consider — security, anonymity, legality and compliance.

Security through web isolation

Ensuring your browsing is 100-percent isolated from your corporate device and network is the only way to be certain that cyber risks are completely eliminated. Using a cloud-based browser allows for safe browsing of the internet while providing users with a familiar experience and much-needed protection against cyberthreats. By isolating a user’s session on cloud infrastructure, clicking on a malicious link from a web search or visiting a malicious website doesn’t put their organization at risk — the code from that website is never executed on the computer being used.

Instead, the user is merely seeing and interacting with a benign video display of the web code rendered in the cloud.

Anonymity through managed attribution

If you’re under the assumption the dark web is anonymous, think again. There are still plenty of ways darknets track users and relay information to webmasters. To conceal your identity and the purpose of your dark web investigation, researchers need to manipulate the details of their digital fingerprint.

There are ways to achieve managed attribution without needing to create a fake persona (which most social media companies are apt at finding these days) or using a burner device. Managed attribution allows you to control what can be learned about you as you conduct your dark web investigation, providing anonymity without making you appear suspicious to algorithms or your subject.

Learn more: Why online investigators need managed attribution >

Legal and compliance considerations for dark web investigations

Work with your company’s legal counsel to create a protocol for when and how to access the dark web. Create a detailed process to work as a guide for investigators. Be sure to document each step of your investigation and keep notes about how your activity is in line with the company policy. Purpose-built online investigation solutions like Silo for Research come with policy and audit features — as well as the needed security, managed attribution and workflow capabilities — baked in.

What may be seemingly obvious is still worth stating — even when communicating in forums where criminal activity may be taking place, be sure to stay on the right side of the law. Again, documentation can go a long way in protecting you should any questions of legality arise. Luckily the same programs that protect your digital security can also help assist in this area.

Only after you’ve determined whether you need to access the dark web, you understand the risks and can do so safely, should you begin to venture into the dark.

For secure, anonymous access to conduct dark web investigations, use a solution like Silo for Research: Dark Web to protect yourself and your employer when researching.


More from our dark web blog series

Dark web basics Dark web research