In the NCC’s bunker-like room surrounded by giant TV monitors—a mini version of NASA mission control—NCC officials prowl the dark net, the anonymous network used for illegal peer-to-peer file sharing. In these murky corners, the spoils of a data breach are offered for sale.

“The dark web is essentially anything on a computer network that’s not indexed for location by typical Internet search engines like Google, Bing and Yahoo,” explains Ed Rios, CEO of the National Cybersecurity Center. Many sites on the dark web use the Onion Router, often called TOR, a tool designed to keep location and users anonymous.

According to Wired, TOR works by having your traffic bounce through a series of routers until it gets to an end router, which then gets the requested web page and sends it back through the tubes, but none of the individual routers know or remember the IP address of the original requester.

“TOR was originally created for legitimate purposes by the U.S. military. In defense, it’s preferable to keep location and identities secret,” Rios says. “However, TOR is also now used for nefarious criminal activities to include the sale of black market items, services and stolen information. Everything from hacking services to personal information and beyond can be found on the dark net if one has the system and knowledge of how to access it.”

What’s the NCC doing there? “It uses the dark net in support of customers for hack validation and consequence management,” Rios says. “It is also used for cyber defense research, training and general situational awareness.”