DDoS attackers start targeting IPv6 networks
2011 brought the first DDoS attacks against IPv6 networks, but their number remains insignificant
IDG News Service - Cybercriminals have started launching distributed denial-of-service (DDoS) attacks against networks that transmit data over IPv6 (Internet Protocol version 6), according to a report published recently by DDoS mitigation vendor Arbor Networks.
Even though 2011 was the first year when IPv6 DDoS attacks were recorded, such incidents remain rare because they are not economically relevant for Internet criminals, said Bill Cerveny, a senior software quality assurance engineer at Arbor.
Some companies have projected increases of more than 100 percent for their IPv6 traffic volumes over the next 12 months, but the changes will be insignificant compared to the overall traffic volume.
The majority of organizations remain reluctant to switch to the new IP protocol version because their network security and traffic analysis equipment is not fully compatible with it.
Sixty-five percent of respondents to Arbor Network's 7th annual Worldwide Infrastructure Security Report said that their main concern is the lack of feature parity between IPv4 and IPv6, while 60 percent expressed concerns that they cannot properly analyze IPv6 traffic.
"Many infrastructure solutions currently do not offer the same features and functionality for IPv6 as they do for IPv4," Cerveny said via email. "This lack of feature parity means that security teams do not have the same visibility and mitigation capabilities when trying to identify and block IPv6-based attacks against targets."
"We see IPv6 attacks as an emerging threat," said Neal Quinn, vice president of operations at DDoS mitigation vendor Prolexic, in a phone interview. Quinn believes that the current IPv6 DDoS attacks are most likely tests performed by malware writers who want to be prepared when large Internet service providers will start switching their subscribers to IPv6.
Prolexic is investigating what issues could arise on routers that support both IPv6 and IPv4 stacks, because these will be increasingly important as companies create bridges between IPv6 and IPv4 networks.
"The issue of having infrastructure equipment with the same capabilities to defend against both IPv4 and IPv6 attacks is critical," said Cerveny. "As our security report findings show, it is critical for network operators to address this discrepancy."
- Where You Mitigate Heartbleed Matters Read this article to learn more about why customers must choose the most strategic point in the network at which to deploy their...
- Mitigating Multiple DDoS Attack Vectors It's time to rethink and refine the enterprise security architecture, so organizations can remain agile and resilient against future threats. Download this infographic...
- SIP Migration: Addressing CIOs' Concerns Recent data from IDG Research shows that many IT executives are counting on SIP to help them meet employee efficiency and customer experience...
- City Solved Network Mystery - Saves $30K The City of Jacksonville put their hunch to work and not only solved a mystery, but found a new and innovative use for...
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their... All Network Security White Papers | Webcasts