As more folks talk about “the dark web” and questions build, it may be helpful to return to a basic explanation of what makes the dark web, also known as deep web, work: the Onion Router.

RELATED: What is the Deep Web? 

Known by many as simply TOR, this anonymous network has allowed secret organizations and criminals to conduct daily activities in relative obscurity. About 7000 different (voluntary) relay servers provide the relays that complicate tracking efforts. Combined with encryption, this goes a long way toward masking who is using the network.


While there are exotic stories about government spies and criminal gangs trading on illicit websites using TOR, there is a more serious concern for commercial businesses. Employees may use TOR to either sell corporate secrets, or trade insider information. Using TOR was initially a fairly complicated and technical process. Efforts have grown in recent years that make TOR an ever more accessible resource.

Simple add-ons like Firefox’s Tor Flashproxy Badge can allow users to begin their way to the anonymous web. For network admins and IT security managers, policies and restrictions should be put in place to keep these vulnerable points from compromising the company. Tor doesn’t make it easier to get into a network, but it does make it easier to get sensitive information out of the network.

A standard Acceptable Use Policy (AUP) should be updated to reflect the current realities of Internet usage. Far beyond restricting access to unacceptable websites, AUPs need to explicitly define activities such as bitcoin mining and trading. There are cases where unsuspecting corporate networks have had computers used for bitcoin mining operations.

Corporate networks do not need to be a liability. They do not need to be a “necessary evil”. They DO need to be watched. Your IT department needs to have detailed logging capabilities and monitoring systems in place to help guard the resources that should be used for the business. Rattan Consulting can provide answers, expertise, and recommend solutions that will help your company avoid being the next news story.

RELATED: Stop employees from touring the Deep Web.

TOR is a network that lured many into becoming regular users. They came to TOR thinking it was safe from those wanting to spy on them. TOR has turned out to be almost the exact opposite. The now famous exit nodes continue to be a trap. While Internet traffic is encrypted and sent anonymously through relay nodes, eventually, they have to exit the TOR and rejoin the regular Internet. Those exit nodes actually decrypt traffic in the process and offer points of vulnerability. Dan Egerstand demonstrated as far back as 2007 that foreign ministries were exposing their email traffic at the exit node. If the ending connection is not a secure web address (using the https protocol), the exit nodes strip away any protection put in place. They create the perfect man-in-the-middle intercept scenario. Usernames and passwords can be gathered in bulk and sold to black market connections.

RELATED: Can you trust TOR’s exit nodes?

Recently from Rattan - Subscribe to get insight direct to your inbox.


Christoper Watson is an Information Technology professional with success in both public and private sector businesses. Technical and business experience is complimented with operational and strategic planning, international contracting work, leadership development and team building competency in challenging physical and political environments. Experience leverages strengths with technology services and providing timely and relevant information to senior executive leadership. Christopher is based out of the Oklahoma City office.