The dark web is a part of the Internet you may not know about. After all, 8% of U.S. adults have never even heard of the dark web, and 23% have heard of it but don’t know what it is, according to a 2022 survey. The dark web is so dark that it allows you to view content that search engines haven't even indexed, and it can’t be reached on traditional web browsers . And you can only access it through a Tor browser.
So…who uses it?
The dark web is used by the media, the intelligence community, whistleblowers, and citizens seeking assurance that their Internet use won’t be restricted or monitored. However, as the name implies, this more secretive part of the web has a darker side, filled with threats and illegal activity.
In this blog post, we’ll examine some dark web statistics and trends that shed light on what really happens there. We’ll also explore the types of criminal activity it attracts and explain how to protect yourself and your data from breaches and other dark web attacks.
Top dark web statistics
Let’s look at some of the key stats and trends that illustrate what the dark web is today, including its rate of growth and in which countries much of its activity takes place.
- The deep web and dark web comprise 96% of the Internet, although the dark web is believed to be a far smaller share than the deep web.
- There were more than 2.5 million daily visitors to the dark web on average in 2023. However, that number was increasingly growing, with an average of 2.7 million daily users in April 2023.
- Germany had the highest daily users of Tor in 2023, taking the top spot from the United States for the first time in years. The U.S. now ranks second, followed by Finland, India, and Russia.
- Nearly 57% of the dark web is illegal as of 2020, with content related to violence, extremist platforms, illegal marketplaces, drugs and cybercrime forums.
- The most lucrative illegal digital products available to buy on the dark web include crypto accounts, online banking, and e-wallets, as of April 2023.
- The U.S. currently ranks number one when it comes to data breach cost, with an average of $9.44 million per breach.
- Cybercriminals could purchase the details of a credit card with a $5,000 balance for just $110 as of April 2023.
- DDoS and malware attacks are part of a thriving market on the dark web. A cybercriminal can buy 1,000 threat installs for $1,800.
- Ransomware cryptocurrency-based crimes on the dark web saw a nearly $176 million increase in 2023 compared to 2022.
- There was a 38% increase in global cyberattacks in 2022 compared to 2021.
Dark Web user demographics
By the very nature of the dark net, getting data on its users can be difficult. However, a 2019 survey from Cornell University revealed some interesting statistics:
- 84.7% of dark web users identify as males, while only 9.4% identify as female.
- The majority (23.5%) of users were between 36 and 45 years old, 11.8% between 18 and 25 years old, and 5.9% were between 46 and 55 years old.
The dark web is always evolving, and that goes for the types of users it attracts. Below are some of the nefarious characters found roaming the dark web hallways today, according to ID Agent.
- Malicious employees dealing with information such as passwords.
- Cybercrime gangs, such as ransomware groups, that recruit others to join their network.
- Hacktivists releasing data from governments or organizations they morally or politically oppose.
- Initial access brokers selling compromised network access.
- Advanced Persistent Threat (APT) groups and Nation-State threat actors performing operations that harm other countries or finance their activities.
Dark web marketplaces
Recorded Future found 8,400 active sites on the dark web in 2019. There are thousands of products and services sold on dark web forums every day—here are some of the most popular items available:
- Cryptocurrency verified accounts. These Bitcoin accounts are often used for money laundering and other illicit activities.
- Credit card numbers. These are often sold in bulk at a discounted rate. Like traditional marketers, cybercriminals like to generate increased traffic and buzz by offering discounts. As of April 2023, cybercriminals have the opportunity to buy information for a credit card with a $5,000 balance for a mere $110.
- Employee login information: These stolen credentials include company names, addresses, employee numbers, email addresses, compromised passwords, and phone numbers.
- Zoom account and meeting details. These links are available to buy on auction and include meeting IDs, email addresses, passwords, names, and host keys.
- Fake identities and passports. Criminals use these fake documents for identity theft and fraud.
- Illegal Drugs. The dark web is known for its thriving drug market, where users can purchase a variety of illegal substances.
Some of the most well-known dark web marketplaces have been shut down, including Silk Road (closed in 2013), AlphaBay (taken down in 2017, although it reportedly resurfaced in 2022) and Hydra Market (shut down in 2022). Despite efforts from law enforcement agencies to shut down these illegal marketplaces, new ones continuously pop up on the dark web. As of early 2024, popular dark web marketplaces include InTheBox, Genesis Market, and 2Easy. The anonymity of the dark web makes it difficult for authorities to track down the owners and operators of these sites.
Deep-dive on dark web attacks
Hackers on the dark web use various advanced techniques to perform security breaches and compromise data.
Malware attacks
Malware is any software that is designed to harm or exploit a computer system. Dark web hackers often use malware such as keyloggers, ransomware, and trojan horses to access sensitive information and cause damage.
DDoS attacks
Distributed Denial of Service (DDoS) attacks overwhelm a target’s network or system with vast amounts of traffic, which makes them inaccessible to users. Dark web hackers often use botnets to carry out DDoS attacks, causing disruption and financial loss for their targets.
Social engineering
Hackers take advantage of human vulnerabilities to trick people into handing over their personal data or giving them unauthorized access to something they shouldn’t have access to. Social engineering dark web attack tactics include:
- Phishing emails
- Phone calls
- Pretexting
- Baiting
- Social media messages
Credential-Based Attacks
Credential-based attacks are a form of cyber threat where attackers use stolen or forged credentials to gain unauthorized access to systems and data. These attacks are particularly dangerous as they can bypass many traditional security measures, allowing attackers to impersonate legitimate users and exploit internal systems.
Industries most vulnerable to dark web attacks
While all businesses and individuals can fall victim to a dark web attack, certain industries find themselves more vulnerable. According to a Cybersecurity Insiders report, the five industries most targeted by hackers (in no particular order) are:
- Education and research
- Finance and insurance
- Healthcare and pharmaceuticals
- Public administration
- Retail
Schools and other educational institutions were the number-one most attacked market in 2022 according to Check Point Research, seeing a 43% increase compared to 2021. The same report found that the healthcare industry also saw a growing number of attacks in 2022, an 86% increase year over year.
Dark web trend outlook for 2024
The dark web isn’t going anywhere anytime soon, and in order to protect yourself online, it’s important you become aware of what to expect. Today’s biggest cyber threats aren’t exactly the same as they were yesterday or will be tomorrow.
For now, let’s go back in time by exploring the evolution of the dark web before looking at predictions for 2024 and beyond.
Evolution of cybercrime
Another evolution in cybercrime is the motivation of the cybercriminal. While a threat actor doesn’t generally care about the type or size of the organization they target, their motivation generally, although not always, points to the victim. Understanding these motivations helps to plan effective cybersecurity strategies.
Hackers have evolved over time, which has made defending cybercrime a challenging task. It used to be that technological advancements were the main factor that motivated hackers.
Now that there are organizations that employ trained and certified cybersecurity experts to detect vulnerabilities and gaps, hackers have other motivations. The evolution of these motivations really goes hand-in-hand with the evolution of hacking, in general.
- In the 1980s, people started to buy personal computers that connected through their phone networks. However, technology also helped hackers up their game, as they broke into networks and computers. A new motivation transpired when they realized they could monetize their skills.
- In the 2000s, Microsoft started paying hackers to infiltrate Windows. This ethical hacking found vulnerabilities and fixes before more ill-motivated hackers came along and took advantage.
- In the 2010s, hacking became even more lucrative with the rise of ransomware attacks. While ransomware was a problem throughout the decade, it really stepped up its game in 2019 when “big game hunting” was used in a big way. The term refers to ransomware gangs aiming high, targeting the likes of compare networks, as opposed to the individual.
- Today, hackers use AI and machine learning technologies to expedite their cyberattacks. They constantly find new and sophisticated ways to exploit system weaknesses and steal valuable information.
As technology advances, so do the methods used by hackers to breach networks and steal sensitive information.
The future of the dark web
While dark web trends have undergone major evolutions over the years, cybercriminals have also evolved their tactics, and they aren’t done yet. In 2022, an HP Wolf Security report predicts the following threats for the future of the dark web:
- Cybercriminals will perform more efficient attacks. We’ve already started to see this happen. Cybercrime has been broken down into repeatable, step-by-step actions, creating opportunities for increased efficiency and automation. The number of dark web hackers is only predicted to rise, as they could turn to AI to automate post-exploration actions, such as choosing targets from a victim’s contact book.
- More targeted and professional intrusions. To get more out of intrusions, hackers will continue to use APT tactics, like establishing long-term access with networks and increasing the time spent on target reconnaissance.
- Attacks could result in even more damage. As businesses integrate IoT and undergo digital transformation, attacks will likely use the resultant attack surfaces to their advantage. We may see more extortion attacks using the threat of data destruction in those sectors that rely on IoT devices.
Unfortunately, the dark web provides a platform for hackers to network and collaborate by inspiring one another and sharing tactics and data breaches. This can result in the development of more advanced attack methods in the future.
Dark web trend impact on businesses and individuals
With the increasing reliance on digital platforms for business operations, cybersecurity has become an integral part of any person’s or organization's strategy. The threat landscape is constantly evolving, making it essential for individuals and businesses to invest in certified cybersecurity practices to detect data breaches and vulnerabilities and gaps before malicious actors exploit them.
Business risks and vulnerabilities
While the dark web doesn’t directly affect the daily activities of most SMBs, the effects shouldn’t be ignored. Here are some of the biggest impacts that the dark web can have on SMBs.
- Financial loss and data breaches. When sensitive information makes its way onto the dark web, it can result in substantial financial losses. Criminals can use this data to extort businesses, drain accounts, or commit fraud.
- Reputational damage. A company’s data existing on the dark web can harm that company’s reputation, resulting in a reduction of customer trust and a loss of business.
- Operational disruption. A cyberattack that results in a data leak can disrupt business operations, affecting services and internal processes.
- Legal and compliance issues. SMBs in regulated industries could face compliance issues and legal fines if their customer data has been compromised.
Strategies for businesses to mitigate dark web attack risks
There are steps that businesses can take in order to fight back and protect their data from cyber threats. Here are some actions that can help you counter some of the dark web statistics seen in this post.
When it comes to a business or an individual, traditional methods of tracking the dark web can be inefficient and time-consuming. Fortunately, we live in an age where technology is more than capable of helping us out. Here are some of the tools and practices that businesses can use to avoid falling foul of cybercriminals on the dark web.
- Dark Web Surveillance: Dark web monitoring tool is a vital solution in your cybersecurity arsenal. By continuously scanning the dark web for leaked or stolen credentials, organizations can identify breaches early. Upon detection of compromised credentials, companies can prompt users to create new, more secure passwords, significantly reducing the window of opportunity for cybercriminals to exploit stolen data.
- Employee awareness and training. Having an informed staff is crucial to the defense against cybercrime. Training your employees on safe cyber practices, password hygiene, and phishing scams is essential.
- Strong infrastructure. Businesses need to invest in secure VPNs, antivirus software, and firewalls to defend themselves against cyber threats.
- Incident response planning. A plan for how to respond to a data breach can greatly reduce its effect.
Individual security protection
Whether you’re a business owner or not, you should look to protect yourself from cybercrime on the dark web. Here are some steps you can take to help prevent your personal information from being accessed and shared online.
- Create strong passwords for your online accounts. Make sure to also choose a password unique to each account. That way, if a cybercriminal manages to steal one of your passwords, they won’t be able to access your other accounts. If you receive a notification that your data has been leaked, change your login details immediately.
- Use password managers on your mobile devices and computers. A password manager can not only make it easier for you to track all of your different passwords but also make it harder for hackers to access your data.
- Consider a dark web monitoring service. This can scan the dark web to locate your personal data and inform you if any has been found.
Don’t be the next dark web statistic: Protect yourself against cybercrime
If the above dark web statistics and trends have alarmed you in any way, that’s perfectly valid. But that doesn’t mean there isn’t something you can do about it. By following the tips and recommendations outlined in this blog post, you’ll be in a far better position than most to defend yourself against cybercrime on the dark web.
Also, make sure to remain informed of any updated recommendations to protect yourself against cybercrime on the dark web. That will help you remain alert to the most commonly used techniques used by hackers at any given time.
For added security, sign up for a free 14-day trial from Prey Project. Prey will help keep your digital assets and identity safely away from the dark web. The protection will apply to all your devices so you can browse and send communications without fear of your data being compromised. Take advantage of Prey’s no-risk, 14-day trial and give you and your business the protection it deserves.
Juan is Prey's Content Specialist. He researches interesting and relevant information related to cybersecurity, and explains it in a way that everyone can understand it and make use of it.