What is the deep web?
Existing between the surface web and dark web, the deep web consists of sites that require login or subscription to access, such as academic journals, court record databases or even services like Netflix. The deep web is not as easily searchable as the surface web — sites are not indexed — and the content is often hidden behind a paywall.
It is typically accessed via the same browsers as used for the service web, unlike the dark web which can only be accessed using specific software.
How the deep web works?
The pages on the deep web are not centralized or indexed, and common search engines can’t see them. But it doesn’t mean that they contain illicit or illegal content. Plenty of deep web pages house legitimate, noncriminal information, that is either personalized for a certain category of users or hidden behind a paywall or privacy settings. Deep web content may include sensitive personal data, such as individuals’ medical records, corporate account statements, legal files or private messages. News outlets and content providers also put their content on the deep web, requiring users to subscribe to their services before they can access the content.
What type of information can be found on the deep web?
To browse the content of the deep web, online investigators must employ a variety of tools, including specialized search engines, as well as purpose-built services to help collect and catalog relevant information for each topic, field of study or document type. Depending on the nature of their research, investigators may find a plethora of useful information hidden inside the private databases or messaging accounts. Naturally, when accessing private and potentially sensitive information, researchers must exercise extreme caution, and be mindful of areas of the deep web that offer “side doors” to bypass local restrictions and security walls.
Is it dangerous to investigate on the deep web?
Although not as dangerous as the dark web, the deep web has its share of potentially harmful content and activity. Because it's accessible using a traditional browser, bad actors can plant malicious content, as well as find ways to exploit tracking mechanisms and fingerprinting to uncover investigators’ identities. Researchers should use specialized tools to:
- Protect their devices from infection
- Conduct investigations without revealing their identity or intent
- Preserve chain of custody for documents, especially those containing sensitive information
How to safely investigate on the deep web
To help mitigate the risks of accessing the deep web, security experts recommend using a dedicated browser for online investigations that is completely isolated from the researcher’s device and network. A cloud-based browser allows for safe browsing of the internet while providing users with a familiar experience and much-needed protection against cyberthreats. By using segregated, single-use browsers, analysts can also ensure their browsing history doesn’t give away their identity and compromise the investigation
Investigating on the deep web — how do get started
Deep websites are an essential part of OSINT (open source intelligence gathering), but unlike the surface web, these hidden layers of the internet contain additional threats that investigators need to be aware of. Investigators need to protect themselves, their organizations and their research by controlling the details they disclose to sites in the course of their investigation. For the best protection when using the dark web, investigators should use a purpose-built research platform. Proper tools can help protect researchers from tipping off investigative targets, track activity and seamlessly integrate with their companies' IT networks and policies.
For more information on how to investigate safely on the deep web, see: