In-depth

Are you ready to launch IPv6 securely?

Davey Winder says that despite the unnecessary scare stories, businesses need to think about migrating to IPv6 securely now.

Did you know that 6 June 2012 is IPv6 launch day?

Nope me neither, but according to the Internet Society it is and everyone, it says, should be thinking about making the permanent move from their current IPv4 network to the new whizz-bang IPv6 one.

So will you be one of them? More to the point, are there any pressing security reasons why you shouldn't?

Arbor Networks has published the results of some research into the first wave of Distributed Denial of Service (DDoS) attacks on IPv6 networks, and the good news is that the figure is pretty damn low with just four per cent of those operating such networks reporting DDoS activity.

Time and research has shown that IPv6 is not more secure than IPv4.

In fact, the chances are high that these are not actually the first DDoS attacks against IPv6 networks at all, but rather the first ones that have been detected and reported. Which is also good news. It means that, at long last, we are starting to see discussions on this kind of threat in relation to IPv6.

But in less good news, the reports of DDoS attacks targeting IPv6 networks do suggest that as adoption amongst organisations picks up pace, so does the value to the bad guys.

Indeed, the fact that these attacks are happening at all suggests that the bad guys are also adopting IPv6 as they need a platform from which to launch them, and that platform has to be an IPv6 endpoint. That they have managed to compromise enough of these to launch DDoS attacks at all is worrying, and raises questions about how well those networks are being secured against such an eventuality.

"More than six years ago, one of the frequent rallying points for IPv6 was that it was more secure than IPv4... Time and research has shown that IPv6 is not more secure than IPv4," said Arbor Networks engineer Bill Cerveny.

Many security experts with an engineering bent seem to readily agree, with the consensus of opinion being that the notion of greater security was based around the time at which IPv6 was being developed (mid-nineties) when the internet had not yet experienced the growth we have seen since. That growth had a knock-on effect of creating masses of fresh security threats.

While IPv6 may well have been 'more secure' in terms of the earliest threats, there is really no great body of evidence to suggest it has any real advantage over IPv4 when it comes to the current threatscape. The truth is that it's just as exposed, and possibly more so. We have already seen evidence of old IPv4 threats surfacing on IPv6 and there will be IPv6 specific vulnerabilities to throw into the risk assessment mix as well.

So is that reason enough to think that the Internet Society has jumped too soon with the IPv6 launch day idea? Certainly not. IPv6 has been around for what seems like forever (especially given the never-ending media obsession with reporting how many IP addresses it can support) and DNS use within IPv6 was given the go-ahead in 2008 to coincide with the Olympic Games of that year, which made good use of it. Today some three per cent of domain names and 12 per cent of internet connected networks support IPv6 according to the Global IPv6 Deployment Progress Report.

Featured Resources

Virtual desktops and apps for dummies

An easy guide to virtual desktop infrastructure, end-user computing, and more

Download now

The total economic impact of optimising and managing your hybrid multi-cloud

Cost savings and business benefits of accelerating the cloud journey

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

What’s next for the education sector?

A new learning experience

Download now

Recommended

Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
Data breaches increase by a third as staff continue to work from home
cyber security

Data breaches increase by a third as staff continue to work from home

17 May 2021
What is phishing?
phishing

What is phishing?

17 May 2021
Cisco to acquire threat intelligence provider Kenna Security
Acquisition

Cisco to acquire threat intelligence provider Kenna Security

14 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021