DDoS attackers start targeting IPv6 networks
2011 brought the first DDoS attacks against IPv6 networks, but their number remains insignificant
IDG News Service - Cybercriminals have started launching distributed denial-of-service (DDoS) attacks against networks that transmit data over IPv6 (Internet Protocol version 6), according to a report published recently by DDoS mitigation vendor Arbor Networks.
Even though 2011 was the first year when IPv6 DDoS attacks were recorded, such incidents remain rare because they are not economically relevant for Internet criminals, said Bill Cerveny, a senior software quality assurance engineer at Arbor.
Some companies have projected increases of more than 100 percent for their IPv6 traffic volumes over the next 12 months, but the changes will be insignificant compared to the overall traffic volume.
The majority of organizations remain reluctant to switch to the new IP protocol version because their network security and traffic analysis equipment is not fully compatible with it.
Sixty-five percent of respondents to Arbor Network's 7th annual Worldwide Infrastructure Security Report said that their main concern is the lack of feature parity between IPv4 and IPv6, while 60 percent expressed concerns that they cannot properly analyze IPv6 traffic.
"Many infrastructure solutions currently do not offer the same features and functionality for IPv6 as they do for IPv4," Cerveny said via email. "This lack of feature parity means that security teams do not have the same visibility and mitigation capabilities when trying to identify and block IPv6-based attacks against targets."
"We see IPv6 attacks as an emerging threat," said Neal Quinn, vice president of operations at DDoS mitigation vendor Prolexic, in a phone interview. Quinn believes that the current IPv6 DDoS attacks are most likely tests performed by malware writers who want to be prepared when large Internet service providers will start switching their subscribers to IPv6.
Prolexic is investigating what issues could arise on routers that support both IPv6 and IPv4 stacks, because these will be increasingly important as companies create bridges between IPv6 and IPv4 networks.
"The issue of having infrastructure equipment with the same capabilities to defend against both IPv4 and IPv6 attacks is critical," said Cerveny. "As our security report findings show, it is critical for network operators to address this discrepancy."
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!