DDoS attackers start targeting IPv6 networks
2011 brought the first DDoS attacks against IPv6 networks, but their number remains insignificant
IDG News Service - Cybercriminals have started launching distributed denial-of-service (DDoS) attacks against networks that transmit data over IPv6 (Internet Protocol version 6), according to a report published recently by DDoS mitigation vendor Arbor Networks.
Even though 2011 was the first year when IPv6 DDoS attacks were recorded, such incidents remain rare because they are not economically relevant for Internet criminals, said Bill Cerveny, a senior software quality assurance engineer at Arbor.
Some companies have projected increases of more than 100 percent for their IPv6 traffic volumes over the next 12 months, but the changes will be insignificant compared to the overall traffic volume.
The majority of organizations remain reluctant to switch to the new IP protocol version because their network security and traffic analysis equipment is not fully compatible with it.
Sixty-five percent of respondents to Arbor Network's 7th annual Worldwide Infrastructure Security Report said that their main concern is the lack of feature parity between IPv4 and IPv6, while 60 percent expressed concerns that they cannot properly analyze IPv6 traffic.
"Many infrastructure solutions currently do not offer the same features and functionality for IPv6 as they do for IPv4," Cerveny said via email. "This lack of feature parity means that security teams do not have the same visibility and mitigation capabilities when trying to identify and block IPv6-based attacks against targets."
"We see IPv6 attacks as an emerging threat," said Neal Quinn, vice president of operations at DDoS mitigation vendor Prolexic, in a phone interview. Quinn believes that the current IPv6 DDoS attacks are most likely tests performed by malware writers who want to be prepared when large Internet service providers will start switching their subscribers to IPv6.
Prolexic is investigating what issues could arise on routers that support both IPv6 and IPv4 stacks, because these will be increasingly important as companies create bridges between IPv6 and IPv4 networks.
"The issue of having infrastructure equipment with the same capabilities to defend against both IPv4 and IPv6 attacks is critical," said Cerveny. "As our security report findings show, it is critical for network operators to address this discrepancy."
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!