The dark web is a part of the Internet you may not know about. After all, 8% of U.S. adults have never even heard of the dark web, and 23% have heard of it but don’t know what it is, according to a 2022 survey. The dark web is so dark that it allows you to view content that search engines haven't even indexed. And you can only access it through a Tor browser.
So…who uses it?
The dark web is used by the media, the intelligence community, whistleblowers, and citizens seeking assurance that their Internet use won’t be restricted or monitored. However, as the name implies, this more secretive part of the web has a darker side, filled with crime and illegal activity.
In this blog post, we’re going to look at some dark web statistics and trends that shed light on what really goes on there. We’ll also explore the types of criminal activity it attracts and explain how to protect you and your data from breaches and other attacks.
Top dark web statistics
Let’s look at some of the key stats and trends that illustrate what the dark web is today, including its rate of growth and in which countries much of its activity takes place.
- The deep web and dark web comprise 96% of the Internet, although the dark web is believed to be a far smaller share than the deep web.
- There were more than 2.5 million daily visitors to the dark web on average in 2023. However, that number was increasingly growing, with an average of 2.7 million daily users in April 2023.
- Germany had the highest daily users of Tor in 2023, taking the top spot from the United States for the first time in years. The U.S. now ranks second, followed by Finland, India, and Russia.
- Nearly 57% of the dark web is illegal as of 2020, with content related to violence, extremist platforms, illegal marketplaces, drugs and cybercrime forums.
- The most lucrative illegal digital products available to buy on the dark web include crypto accounts, online banking, and e-wallets, as of April 2023.
- The U.S. currently ranks number one when it comes to data breach cost, with an average of $9.44 million per breach.
- Cybercriminals could purchase the details of a credit card with a $5,000 balance for just $110 as of April 2023.
- DDoS and malware attacks are part of a thriving market on the dark web. A cybercriminal can buy 1,000 threat installs for $1,800.
- Ransomware cryptocurrency-based crimes on the dark web saw a nearly $176 million increase in 2023 compared to 2022.
- There was a 38% increase in global cyberattacks in 2022 compared to 2021.
Global dark web usage trends
Activity on the dark web is continually rising. In 2023, there were more than 2.5 million visitors on the dark web per day on average. By July, that figure increased closer to 5 million users, with spikes of over 7.5 million daily users in October 2023, according to The Tor Project.
Unfortunately, dark web usage includes stolen credentials trading for credential-based and malware codes for ransomware attacks. In fact, ransomware cryptocurrency-based crimes saw a year-over-year increase of almost $176 million in 2023. Recent data breaches show the results can be disastrous. But where is all this cybercrime growth coming from?
Top 10 countries using the dark web: Directly and indirectly
According to data from Tor, the following countries had the highest number of directly connecting daily dark web users in 2023.
- United States
- United Kingdom
Meanwhile, the following countries had the highest mean daily number of dark web users connecting via bridges (undisclosed servers) in 2023:
- United States
- United Kingdom
Dark Web user demographics
By the very nature of the dark web, getting data on its users can be difficult. However, a 2019 survey from Cornell University revealed some interesting statistics:
- 84.7% of dark web users identify as males, while only 9.4% identify as female.
- The majority (23.5%) of users were between 36 and 45 years old, 11.8% between 18 and 25 years old, and 5.9% were between 46 and 55 years old.
The dark web is always evolving, and that goes for the types of users it attracts. Below are some of the nefarious characters found roaming the dark web hallways today, according to ID Agent.
- Malicious employees dealing with information such as passwords.
- Cybercrime gangs, such as ransomware groups, that recruit others to join their network.
- Hacktivists releasing data from governments or organizations they morally or politically oppose.
- Initial access brokers selling compromised network access.
- Advanced Persistent Threat (APT) groups and Nation-State threat actors performing operations that harm other countries or finance their activities.
Dark web marketplaces
Recorded Future found 8,400 active sites on the dark web in 2019. There are thousands of products and services sold on these sites every day—here are some of the most popular items available:
- Cryptocurrency verified accounts. These accounts are often used for money laundering and other illegal activities.
- Credit card numbers. These are often sold in bulk at a discounted rate. Like traditional marketers, cybercriminals like to generate increased traffic and buzz by offering discounts. As of April 2023, cybercriminals have the opportunity to buy information for a credit card with a $5,000 balance for a mere $110.
- Employee login information: These can include company names, addresses, employee numbers, email addresses, and phone numbers.
- Zoom account and meeting details. These links are available to buy on auction and include meeting IDs, email addresses, passwords, names, and host keys.
- Fake identities and passports. Criminals use these fake documents for identity theft and fraud.
- Drugs. The dark web is known for its thriving drug market, where users can purchase a variety of illegal substances.
Some of the most well-known dark web marketplaces have been shut down, including Silk Road (closed in 2013), AlphaBay (taken down in 2017, although it reportedly resurfaced in 2022) and Hydra Market (shut down in 2022). Despite efforts from law enforcement agencies to shut down these illegal marketplaces, new ones continuously pop up on the dark web. As of early 2024, popular dark web marketplaces include InTheBox, Genesis Market, and 2Easy. The anonymity of the dark web makes it difficult for authorities to track down the owners and operators of these sites.
One product that attracts much activity on the dark web is cryptocurrency. A recent report from Chain Analysis found that, along with ransomware, the dark web is the main vehicle for crypto crime, which saw an increase in 2023 revenue. The increase came after a decline in the previous year due to the closure of Hydra.
Deep-dive on dark web attacks
Hackers on the dark web use various advanced techniques to perform security breaches and compromise data.
Types of dark web attacks
1. Malware attacks
Malware is any software that is designed to harm or exploit a computer system. Dark web hackers often use malware such as keyloggers, ransomware, and trojan horses to access sensitive information and cause damage.
2. DDoS attacks
Distributed Denial of Service (DDoS) attacks overwhelm a target’s network or system with vast amounts of traffic, which makes them inaccessible to users. Dark web hackers often use botnets to carry out DDoS attacks, causing disruption and financial loss for their targets.
3. Password cracking
Criminals on the dark web have various methods in their playbook to crack stolen or weak passwords, which allow them to access accounts or entire systems. Among the more common ways this is done are:
- Dictionary attacks
- Credential stuffing
4. Social engineering
Hackers take advantage of human vulnerabilities to trick people into handing over their personal data or giving them unauthorized access to something they shouldn’t have access to. Social engineering dark web attack tactics include:
- Phishing emails
- Phone calls
- Social media messages
Industries most vulnerable to dark web attacks
While all businesses and individuals can fall victim to a dark web attack, certain industries find themselves more vulnerable. According to a Cybersecurity Insiders report, the five industries most targeted by hackers (in no particular order) are:
- Education and research
- Finance and insurance
- Healthcare and pharmaceuticals
- Public administration
Schools and other educational institutions were the number-one most attacked market in 2022 according to Check Point Research, seeing a 43% increase compared to 2021. The same report found that the healthcare industry also saw a growing number of attacks in 2022, an 86% increase year over year.
The above dark web statistics help to emphasize the importance of essential cybersecurity practices. The below graph provides an insight into the kind of data compromised in these industries. It highlights the cost of assets found on the dark web, based on data from a BDO Australia report. The currency is in Australian dollars.
Dark web trend outlook for 2024
The dark web isn’t going anywhere anytime soon, and in order to protect yourself online, it’s important you become aware of what to expect. Today’s biggest cyber threats aren’t exactly the same as they were yesterday or will be tomorrow.
For now, let’s go back in time by exploring the evolution of the dark web before looking at predictions for 2024 and beyond.
Evolution of dark web technologies
The dark web has largely relied on privacy and security over the years. Here’s a brief timeline of its biggest evolutions.
- 2002: The biggest thing that ever happened to the dark web was the release of Tor. The anonymous web browser helped people surf the Internet without leaving behind any trace of activity. While there was no bad intention behind this development, cybercriminals took advantage and began to conduct business there.
- 2008: The first version of Tor was too complex, with numerous accessibility issues and technical restrictions. This resulted in developers releasing a more user-friendly version.
- 2009: With the number of illegal dark web attacks rising, remaining anonymous in the dark web became tricky. After all, PayPal transactions and bank transfers weren’t private. The solution? Cryptocurrency. Many of these virtual coins became available to use, with Bitcoin becoming the most popular.
Evolution of cybercrime
Another evolution in cybercrime is the motivation of the cybercriminal. While a threat actor doesn’t generally care about the type or size of the organization they target, their motivation generally, although not always, points to the victim. Understanding these motivations helps to plan effective cybersecurity strategies.
Hackers have evolved over time, which has made defending cybercrime a challenging task. It used to be that technological advancements were the main factor that motivated hackers.
Now that there are organizations that employ trained and certified cybersecurity experts to detect vulnerabilities and gaps, hackers have other motivations. The evolution of these motivations really goes hand-in-hand with the evolution of hacking, in general.
- In the 1980s, people started to buy personal computers that connected through their phone networks. However, technology also helped hackers up their game, as they broke into networks and computers. A new motivation transpired when they realized they could monetize their skills.
- In the 2000s, Microsoft started paying hackers to infiltrate Windows. This ethical hacking found vulnerabilities and fixes before more ill-motivated hackers came along and took advantage.
- In the 2010s, hacking became even more lucrative with the rise of ransomware attacks. While ransomware was a problem throughout the decade, it really stepped up its game in 2019 when “big game hunting” was used in a big way. The term refers to ransomware gangs aiming high, targeting the likes of compare networks, as opposed to the individual.
- Today, hackers use AI and machine learning technologies to expedite their cyberattacks. They constantly find new and sophisticated ways to exploit system weaknesses and steal valuable information.
As technology advances, so do the methods used by hackers to breach networks and steal sensitive information.
The future of the dark web
While dark web trends have undergone major evolutions over the years, cybercriminals have also evolved their tactics, and they aren’t done yet. In 2022, an HP Wolf Security report predicts the following threats for the future of the dark web:
- Cybercriminals will perform more efficient attacks. We’ve already started to see this happen. Cybercrime has been broken down into repeatable, step-by-step actions, creating opportunities for increased efficiency and automation. The number of dark web hackers is only predicted to rise, as they could turn to AI to automate post-exploration actions, such as choosing targets from a victim’s contact book.
- More targeted and professional intrusions. To get more out of intrusions, hackers will continue to use APT tactics, like establishing long-term access with networks and increasing the time spent on target reconnaissance.
- Attacks could result in even more damage. As businesses integrate IoT and undergo digital transformation, attacks will likely use the resultant attack surfaces to their advantage. We may see more extortion attacks using the threat of data destruction in those sectors that rely on IoT devices.
Unfortunately, the dark web provides a platform for hackers to network and collaborate by inspiring one another and sharing tactics. This can result in the development of more advanced attack methods in the future.
Dark web trend impact on businesses and individuals
With the increasing reliance on digital platforms for business operations, cybersecurity has become an integral part of any person’s or organization's strategy. The threat landscape is constantly evolving, making it essential for individuals and businesses to invest in certified cybersecurity practices to detect vulnerabilities and gaps before they are exploited by malicious actors.
Business risks and vulnerabilities
While the dark web doesn’t directly affect the daily activities of most SMBs, the effects shouldn’t be ignored. Here are some of the biggest impacts that the dark web can have on SMBs.
- Financial loss and data breaches. When sensitive information makes its way onto the dark web, it can result in substantial financial losses. Criminals can use this data to extort businesses, drain accounts, or commit fraud.
- Reputational damage. A company’s data existing on the dark web can harm that company’s reputation, resulting in a reduction of customer trust and a loss of business.
- Operational disruption. A cyberattack that results in a data leak can disrupt business operations, affecting services and internal processes.
- Legal and compliance issues. SMBs in regulated industries could face compliance issues and legal fines if their customer data has been compromised.
Strategies for businesses to mitigate dark web attack risks
There are steps that businesses can take in order to fight back and protect their data from cyber threats. Here are some actions that can help you counter some of the dark web statistics seen in this post.
When it comes to a business or an individual, traditional methods of tracking the dark web can be inefficient and time-consuming. Fortunately, we live in an age where technology is more than capable of helping us out. Here are some of the tools and practices that businesses can use to avoid falling foul of cybercriminals on the dark web.
- AI and machine learning. With so much data living on the dark web, AI and machine learning are essential for analyzing and coming to meaningful conclusions. These technologies can detect trends, patterns, and threats far faster than humans can, which is of great help when it comes to investigation.
- Crypto trackers. Crypto (or virtual) coins are the main currency used on the dark web, due to their anonymity. A crypto tracker can identify the movement of these coins, which helps investigators connect them to specific entities.
- Regular surveillance. Regular and consistent surveillance helps to detect potential threats early. Once a threat has been identified, an individual or a business can take prompt action in order to mitigate risk. These actions could be improving security measures, tackling vulnerabilities, or simply securing compromised accounts.
- Employee awareness and training. Having an informed staff is crucial to the defense against cybercrime. Training your employees on safe cyber practices, password hygiene, and phishing scams is essential.
- Strong infrastructure. Businesses need to invest in secure VPNs, antivirus software, and firewalls to defend themselves against cyber threats.
- Incident response planning. A plan for how to respond to a data breach can greatly reduce its effect.
Individual security protection
Whether you’re a business owner or not, you should look to protect yourself from cybercrime on the dark web. Here are some steps you can take to help prevent your personal information from being accessed and shared online.
- Create strong passwords for your online accounts. Make sure to also choose a password unique to each account. That way, if a cybercriminal manages to steal one of your passwords, they won’t be able to access your other accounts. If you receive a notification that your data has been leaked, change your login details immediately.
- Use password managers on your mobile devices and computers. A password manager can not only make it easier for you to track all of your different passwords but also make it harder for hackers to access your data.
- Consider a dark web monitoring service. This can scan the dark web to locate your personal data and inform you if any has been found.
Don’t be the next dark web statistic: Protect yourself against cybercrime
If the above dark web statistics and trends have alarmed you in any way, that’s perfectly valid. But that doesn’t mean there isn’t something you can do about it. By following the tips and recommendations outlined in this blog post, you’ll be in a far better position than most to defend yourself against cybercrime on the dark web.
Also, make sure to remain informed of any updated recommendations to protect yourself against cybercrime on the dark web. That will help you remain alert to the most commonly used techniques used by hackers at any given time.
For added security, sign up for a free 14-day trial from Prey Project. Prey will help keep your digital assets and identity safely away from the dark web. The protection will apply to all your devices so you can browse and send communications without fear of your data being compromised. Take advantage of Prey’s no-risk, 14-day trial and give you and your business the protection it deserves.