In-depth

Are you ready to launch IPv6 securely?

Davey Winder says that despite the unnecessary scare stories, businesses need to think about migrating to IPv6 securely now.

Did you know that 6 June 2012 is IPv6 launch day?

Nope me neither, but according to the Internet Society it is and everyone, it says, should be thinking about making the permanent move from their current IPv4 network to the new whizz-bang IPv6 one.

So will you be one of them? More to the point, are there any pressing security reasons why you shouldn't?

Advertisement - Article continues below

Arbor Networks has published the results of some research into the first wave of Distributed Denial of Service (DDoS) attacks on IPv6 networks, and the good news is that the figure is pretty damn low with just four per cent of those operating such networks reporting DDoS activity.

Time and research has shown that IPv6 is not more secure than IPv4.

In fact, the chances are high that these are not actually the first DDoS attacks against IPv6 networks at all, but rather the first ones that have been detected and reported. Which is also good news. It means that, at long last, we are starting to see discussions on this kind of threat in relation to IPv6.

But in less good news, the reports of DDoS attacks targeting IPv6 networks do suggest that as adoption amongst organisations picks up pace, so does the value to the bad guys.

Advertisement
Advertisement - Article continues below

Indeed, the fact that these attacks are happening at all suggests that the bad guys are also adopting IPv6 as they need a platform from which to launch them, and that platform has to be an IPv6 endpoint. That they have managed to compromise enough of these to launch DDoS attacks at all is worrying, and raises questions about how well those networks are being secured against such an eventuality.

Advertisement - Article continues below

"More than six years ago, one of the frequent rallying points for IPv6 was that it was more secure than IPv4... Time and research has shown that IPv6 is not more secure than IPv4," said Arbor Networks engineer Bill Cerveny.

Many security experts with an engineering bent seem to readily agree, with the consensus of opinion being that the notion of greater security was based around the time at which IPv6 was being developed (mid-nineties) when the internet had not yet experienced the growth we have seen since. That growth had a knock-on effect of creating masses of fresh security threats.

While IPv6 may well have been 'more secure' in terms of the earliest threats, there is really no great body of evidence to suggest it has any real advantage over IPv4 when it comes to the current threatscape. The truth is that it's just as exposed, and possibly more so. We have already seen evidence of old IPv4 threats surfacing on IPv6 and there will be IPv6 specific vulnerabilities to throw into the risk assessment mix as well.

Advertisement - Article continues below

So is that reason enough to think that the Internet Society has jumped too soon with the IPv6 launch day idea? Certainly not. IPv6 has been around for what seems like forever (especially given the never-ending media obsession with reporting how many IP addresses it can support) and DNS use within IPv6 was given the go-ahead in 2008 to coincide with the Olympic Games of that year, which made good use of it. Today some three per cent of domain names and 12 per cent of internet connected networks support IPv6 according to the Global IPv6 Deployment Progress Report.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement
Advertisement

Most Popular

Visit/security/cyber-crime/355171/fbi-warns-of-zoom-bombing-hackers-amidst-coronavirus-usage-spike
cyber crime

FBI warns of ‘Zoom-bombing’ hackers amid coronavirus usage spike

31 Mar 2020
Visit/security/data-breaches/355173/marriott-hit-by-data-breach-exposing-personal-data-of-52-million
data breaches

Marriott data breach exposes personal data of 5.2 million guests

31 Mar 2020
Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020