Cybersecurity Today: Inside the Dark Web – Exploring Cybercrime with Expert David Décary-Hétu

Guest: Dr. David Décary-Hétu, criminologist at the University of Montreal
Host: Jim Love
Date: December 31, 2025

Overview

In this episode, host Jim Love sits down with Dr. David Décary-Hétu, a leading expert in criminology and the dark web, to demystify what the dark web really is, how cybercrime thrives in its shadows, and why law enforcement faces such challenges combating criminal activity online. The conversation explores the structure and purpose of the dark web, the players and markets within, how trust and recruitment work among criminals, and the ever-shifting landscape as law enforcement tries to keep up. They also discuss trends in policy, cryptocurrency, and practical advice for organizations.

Key Discussion Points & Insights

1. Understanding the Dark Web

[05:15]

The dark web isn’t a place, but a communication channel enabling anonymous interaction.
- “Many people think it's a place that you go to, but it's really not. You really have to see it as a communication channel.” – Dr. Décary-Hétu [05:15]
Its strength lies in mutual anonymity: visitors don’t know site owners, and vice versa.
Technology: Mainly powered by the Tor network; also includes others like I2P.

2. Origins of the Tor Network

[06:39, 08:37]

Tor’s genesis: US government funded it for secure anonymous communication for their military and intelligence.
- “This network was developed so that the US Military and the Navy could communicate with their spies all over the world anonymously.” – Dr. Décary-Hétu [08:37]
To avoid making it only for spies (thus easily flagged), Tor was opened to the public to provide “cover.”

3. How the Technology Works

[10:11]

Explanation of “onion routing”: multi-layer encryption and relays.
- “When I send my request to the first relay, all they know is they have to forward my request to someone else, but they have no idea what my packets contain because that's all encrypted.” – Dr. Décary-Hétu [11:14]

4. Navigating the Dark Web & “Directories”

[11:47]

No centralized search engines; directories or word of mouth dominate.
- “It's the good old days of the directories that have to be maintained and just taken care of by individuals...” – Dr. Décary-Hétu [12:50]
URLs are not registered through traditional means, making site ownership untraceable.

5. Criminal Markets: Structure & Content

[15:49, 16:00]

The dark web hosts various illicit markets: drugs, weapons, child pornography, ransomware blogs.
- “I would not be surprised if a large portion of the network was dedicated, used by people who want to exchange child pornography...” – Dr. Décary-Hétu [17:05]
Many ‘dark web’ sites can also be accessed from the normal web, with anonymity as the main difference.

6. Trust and Reputation Among Criminals

[21:48]

Building trust is incremental: small transactions build up credibility.
- “I'll trust you for $5 of illicit drugs, then I'll trust you for $20... and then maybe I'll trust you for $100 if everything goes well.” – Dr. Décary-Hétu [22:34]

7. Cybercrime Recruitment

[24:02]

Criminals, especially ransomware gangs, actively recruit young, technically literate, often unemployed people.
Recruitment sometimes happens on legitimate freelancer platforms—sometimes participants don't fully understand they are being recruited for criminal endeavors.
- “In some cases, either people turn a blind eye, they don't ask too many questions. They'll be recruited to develop malware, develop graphics for certain things. So they'll be enlisted into these criminal gangs...” – Dr. Décary-Hétu [24:16]

8. Organization: Divided by Activity and Locale

[26:03]

Distinct communities form around specific crimes (e.g., drugs, malware), and often by geography/language.
- “If you put me in a room with German hackers, we don't speak the same language, we're not going to be online at the same hours, and we don't have the same culture...” – Dr. Décary-Hétu [26:50]

9. Law Enforcement Challenges and Strategies

[27:32, 32:07, 33:47]

Tech solutions aren’t enough; criminals rely on human connections.
- “No one is able to hack into a large organization alone. You need to get malware from other people. ...Network crime is probably the most social activity in the whole world.” – Dr. Décary-Hétu [32:18]
Law enforcement sometimes runs undercover sites to gather intelligence (“conditional deterrence”).
- “We were actually running this platform. And while we were doing it, we were collecting all this information on you all.” – Dr. Décary-Hétu [34:15]
Creating distrust among criminals (e.g., silently intercepting drugs in the mail) can disrupt markets.

10. Anonymity vs. Utility: Evolution of the Dark Web

[37:04]

As law enforcement monitors the dark web more, some criminals migrate to other platforms. The dark web is becoming less central to cybercrime.
- “I think that the most surprising thing is how unimportant in many ways the dark web has become.” – Dr. Décary-Hétu [37:21]
Discord, Telegram, and other communication channels are new frontiers, but also have weaknesses.

11. Role and Impact of Cryptocurrencies

[39:38, 40:26]

Cryptocurrency has revolutionized cybercrime by providing a frictionless way to transfer value and evade authorities.
- “Cryptocurrencies are perhaps... one of the few technologies that have very few useful use cases and a lot of problematic use cases.” – Dr. Décary-Hétu [40:19]
If quantum computing breaks blockchain security, a massive shift in cybercrime will follow.

12. Legal and Regulatory Gaps – The Need for New Laws

[41:24, 42:43]

Dr. Décary-Hétu recounts “gray areas” in digital crime, e.g., theft by copying—old laws often don’t fit.
- “We will need new laws, that's for sure. Because the reality is just different.” – Dr. Décary-Hétu [42:33]

13. Advice for Policymakers and Regulators

[43:56, 45:21]

Two key points:
- Focus regulation on tracking cryptocurrency transactions to make it harder for criminals to hide profits.
- Avoid outlawing technology or mandating backdoors, which often damages the good more than the bad.
- “If you say Tor is illegal, all the bad guys are going to use it. And people who would actually benefit from using it... lose that ability.” – Dr. Décary-Hétu [45:35]

14. Corporate Security Advice

[47:14]

Companies must monitor chatter about themselves and their sectors to stay ahead of evolving threats—not just comply with standards but understand trends and patterns.

15. Where to Learn More

[48:54, 50:03]

Leverage conferences (like BSides), podcasts, and free online material for security awareness.
Montreal’s BSides conference is highlighted as an accessible, grassroots learning opportunity.

Notable Quotes & Memorable Moments

On anonymity and trust:
“Network crime is probably the most social activity in the whole world. So these offenders are, in most cases, going to connect with each other.” – Dr. Décary-Hétu [32:18]
On the myth of the faraway hacker:
“I wouldn't be surprised if there was more people in the States just hacking into the States rather than Russian hacking into the United States.” – Dr. Décary-Hétu [29:24]
On recruitment and AI:
“Today, with AI, you don't even need to know how to code. You can just vibe code your malware or yourself into an organization.” – Dr. Décary-Hétu [24:42]
On the evolution of criminal forums:
“Telegram seemed to be the new place where everyone was, but then the French people ruined everything by arresting the owner of the Telegram.” – Dr. Décary-Hétu [38:49]

Timestamps for Key Sections

| Segment | Timestamp | |-----------------------------------------|-----------| | Defining the Dark Web | 05:15 | | Tor and Onion Routing Explained | 06:39-11:26| | How to Find Dark Web Content | 11:47 | | Main Criminal Activities | 15:49-18:44| | Building Trust Among Criminals | 21:48 | | Recruitment and Structure | 24:02-26:03| | Corporate Security and Threat Intel | 47:14 | | Where to Learn More (BSides & Podcasts) | 48:54-50:03|

Final Thoughts

This episode offers a rare “inside the tent” perspective on the dark web, combining technical clarity, sociological insight, and pragmatic advice. Dr. Décary-Hétu highlights how the battle between criminals and law enforcement may be driven more by social trust and new technologies like cryptocurrency than the platforms themselves—and why regulators and businesses alike need to focus on awareness, adaptation, and nuanced policy.

For continued learning:

Look for local BSides events, listen to security podcasts, and follow academic and practitioner-led cybersecurity discussions to build threat awareness, adapt, and connect.

Cybersecurity Today: Inside the Dark Web – Exploring Cybercrime with Expert David Décary-Hétu

Guest: Dr. David Décary-Hétu, criminologist at the University of Montreal
Host: Jim Love
Date: December 31, 2025

Overview

Key Discussion Points & Insights

1. Understanding the Dark Web

[05:15]

The dark web isn’t a place, but a communication channel enabling anonymous interaction.
- “Many people think it's a place that you go to, but it's really not. You really have to see it as a communication channel.” – Dr. Décary-Hétu [05:15]
Its strength lies in mutual anonymity: visitors don’t know site owners, and vice versa.
Technology: Mainly powered by the Tor network; also includes others like I2P.

2. Origins of the Tor Network

[06:39, 08:37]

Tor’s genesis: US government funded it for secure anonymous communication for their military and intelligence.
- “This network was developed so that the US Military and the Navy could communicate with their spies all over the world anonymously.” – Dr. Décary-Hétu [08:37]
To avoid making it only for spies (thus easily flagged), Tor was opened to the public to provide “cover.”

3. How the Technology Works

[10:11]

Explanation of “onion routing”: multi-layer encryption and relays.
- “When I send my request to the first relay, all they know is they have to forward my request to someone else, but they have no idea what my packets contain because that's all encrypted.” – Dr. Décary-Hétu [11:14]

4. Navigating the Dark Web & “Directories”

[11:47]

No centralized search engines; directories or word of mouth dominate.
- “It's the good old days of the directories that have to be maintained and just taken care of by individuals...” – Dr. Décary-Hétu [12:50]
URLs are not registered through traditional means, making site ownership untraceable.

5. Criminal Markets: Structure & Content

[15:49, 16:00]

The dark web hosts various illicit markets: drugs, weapons, child pornography, ransomware blogs.
- “I would not be surprised if a large portion of the network was dedicated, used by people who want to exchange child pornography...” – Dr. Décary-Hétu [17:05]
Many ‘dark web’ sites can also be accessed from the normal web, with anonymity as the main difference.

6. Trust and Reputation Among Criminals

[21:48]

Building trust is incremental: small transactions build up credibility.
- “I'll trust you for $5 of illicit drugs, then I'll trust you for $20... and then maybe I'll trust you for $100 if everything goes well.” – Dr. Décary-Hétu [22:34]

7. Cybercrime Recruitment

[24:02]

Criminals, especially ransomware gangs, actively recruit young, technically literate, often unemployed people.
Recruitment sometimes happens on legitimate freelancer platforms—sometimes participants don't fully understand they are being recruited for criminal endeavors.
- “In some cases, either people turn a blind eye, they don't ask too many questions. They'll be recruited to develop malware, develop graphics for certain things. So they'll be enlisted into these criminal gangs...” – Dr. Décary-Hétu [24:16]

8. Organization: Divided by Activity and Locale

[26:03]

Distinct communities form around specific crimes (e.g., drugs, malware), and often by geography/language.
- “If you put me in a room with German hackers, we don't speak the same language, we're not going to be online at the same hours, and we don't have the same culture...” – Dr. Décary-Hétu [26:50]

9. Law Enforcement Challenges and Strategies

[27:32, 32:07, 33:47]

Tech solutions aren’t enough; criminals rely on human connections.
- “No one is able to hack into a large organization alone. You need to get malware from other people. ...Network crime is probably the most social activity in the whole world.” – Dr. Décary-Hétu [32:18]
Law enforcement sometimes runs undercover sites to gather intelligence (“conditional deterrence”).
- “We were actually running this platform. And while we were doing it, we were collecting all this information on you all.” – Dr. Décary-Hétu [34:15]
Creating distrust among criminals (e.g., silently intercepting drugs in the mail) can disrupt markets.

10. Anonymity vs. Utility: Evolution of the Dark Web

[37:04]

As law enforcement monitors the dark web more, some criminals migrate to other platforms. The dark web is becoming less central to cybercrime.
- “I think that the most surprising thing is how unimportant in many ways the dark web has become.” – Dr. Décary-Hétu [37:21]
Discord, Telegram, and other communication channels are new frontiers, but also have weaknesses.

11. Role and Impact of Cryptocurrencies

[39:38, 40:26]

Cryptocurrency has revolutionized cybercrime by providing a frictionless way to transfer value and evade authorities.
- “Cryptocurrencies are perhaps... one of the few technologies that have very few useful use cases and a lot of problematic use cases.” – Dr. Décary-Hétu [40:19]
If quantum computing breaks blockchain security, a massive shift in cybercrime will follow.

12. Legal and Regulatory Gaps – The Need for New Laws

[41:24, 42:43]

Dr. Décary-Hétu recounts “gray areas” in digital crime, e.g., theft by copying—old laws often don’t fit.
- “We will need new laws, that's for sure. Because the reality is just different.” – Dr. Décary-Hétu [42:33]

13. Advice for Policymakers and Regulators

[43:56, 45:21]

Two key points:
- Focus regulation on tracking cryptocurrency transactions to make it harder for criminals to hide profits.
- Avoid outlawing technology or mandating backdoors, which often damages the good more than the bad.
- “If you say Tor is illegal, all the bad guys are going to use it. And people who would actually benefit from using it... lose that ability.” – Dr. Décary-Hétu [45:35]

14. Corporate Security Advice

[47:14]

Companies must monitor chatter about themselves and their sectors to stay ahead of evolving threats—not just comply with standards but understand trends and patterns.

15. Where to Learn More

[48:54, 50:03]

Leverage conferences (like BSides), podcasts, and free online material for security awareness.
Montreal’s BSides conference is highlighted as an accessible, grassroots learning opportunity.

Notable Quotes & Memorable Moments

On anonymity and trust:
“Network crime is probably the most social activity in the whole world. So these offenders are, in most cases, going to connect with each other.” – Dr. Décary-Hétu [32:18]
On the myth of the faraway hacker:
“I wouldn't be surprised if there was more people in the States just hacking into the States rather than Russian hacking into the United States.” – Dr. Décary-Hétu [29:24]
On recruitment and AI:
“Today, with AI, you don't even need to know how to code. You can just vibe code your malware or yourself into an organization.” – Dr. Décary-Hétu [24:42]
On the evolution of criminal forums:
“Telegram seemed to be the new place where everyone was, but then the French people ruined everything by arresting the owner of the Telegram.” – Dr. Décary-Hétu [38:49]

Timestamps for Key Sections

Final Thoughts

For continued learning:

Look for local BSides events, listen to security podcasts, and follow academic and practitioner-led cybersecurity discussions to build threat awareness, adapt, and connect.

Inside the Dark Web: Exploring Cybercrime with Expert David Décary-Hétu

Powered by Wave AI

Summary

Cybersecurity Today: Inside the Dark Web – Exploring Cybercrime with Expert David Décary-Hétu

Overview

Key Discussion Points & Insights

1. Understanding the Dark Web

2. Origins of the Tor Network

3. How the Technology Works

4. Navigating the Dark Web & “Directories”

5. Criminal Markets: Structure & Content

6. Trust and Reputation Among Criminals

7. Cybercrime Recruitment

8. Organization: Divided by Activity and Locale

9. Law Enforcement Challenges and Strategies

10. Anonymity vs. Utility: Evolution of the Dark Web

11. Role and Impact of Cryptocurrencies

12. Legal and Regulatory Gaps – The Need for New Laws

13. Advice for Policymakers and Regulators

14. Corporate Security Advice

15. Where to Learn More

Notable Quotes & Memorable Moments

Timestamps for Key Sections

Final Thoughts

Summary

Cybersecurity Today: Inside the Dark Web – Exploring Cybercrime with Expert David Décary-Hétu

Overview

Key Discussion Points & Insights

1. Understanding the Dark Web

2. Origins of the Tor Network

3. How the Technology Works

4. Navigating the Dark Web & “Directories”

5. Criminal Markets: Structure & Content

6. Trust and Reputation Among Criminals

7. Cybercrime Recruitment

8. Organization: Divided by Activity and Locale

9. Law Enforcement Challenges and Strategies

10. Anonymity vs. Utility: Evolution of the Dark Web

11. Role and Impact of Cryptocurrencies

12. Legal and Regulatory Gaps – The Need for New Laws

13. Advice for Policymakers and Regulators

14. Corporate Security Advice

15. Where to Learn More

Notable Quotes & Memorable Moments

Timestamps for Key Sections

Final Thoughts