Jun 23 2015

Could IPv6 Be A Boon For DDoS Attackers?

In my eyes, IPv6 is today what VoIP was in the early 2000’s-that is, a protocol which, while it carries great promise, takes forever to gain critical mass. I recall many years where vendors would declare that “this was the year VoIP breaks out”, only to hear it again from them a year later. IPv6 has been around for quite some time-I myself worked on government agency projects to make them IPv6 compliant back in 2009, and even today, IPv6 makes up generally less than ten percent of internet traffic. It’s been a slow road, for sure.

Now, there are benefits to becoming IPv6 compliant. For one thing, there is a shortage of IPv4 address space. Moving to IPv6 opens things up. It will allow for more efficient routing. And the belief is that it will allow for increased security.

Except when it won’t. Or, rather, when it may provide a platform that makes one of the more prevalent attack vectors even more dangerous. Recently, Akamai released their quarterly State of the Internet report, and in doing so raised concerns about the protocol, noting that they are seeing it being tested for DDoS attacks. And that could be an issue-due to slow adoption, most tech is geared toward IPv4 protection, not IPv6. As the DDoS exploits get refined to exploit and run off of IPv6, the attacks could actually become more widespread faster, taking advantage of the enhanced features of IPv6.

In the grand scheme, this is not to tell you not to make the change to it-far from it. That migration has to happen, sooner than later. It just serves as a reminder that new and improved is not merely limited to the good guys. The new tech and new protocols can and will be exploited by the bad guys too, often times faster than we can keep pace. It’s just a reminder to remain ever vigilant in your defenses.