Skip to main content

Hackers Turn Attention to IPv6

Hackers are targeting the IPv6 protocol as websites scramble to switch over to the new Internet Protocol platform from its predecessor, IPv4.

According to CIO, Cisco engineer and security expert Eric Vyncke believes that the stateless auto-configuration feature that comes with IPv6 poses a huge threat to organisations.

Several devices have flooded the enterprise networks which support the IPv6 protocol. These devices, thanks to the stateless auto-configuration feature, are ready to connect to an IPv6 router when it advertises itself via the IPv6 Neighbour Discovery Protocol (NDP).

IPv4 routers are incapable of connecting with an IPv6 networks but, IPv6 routers have already flooded the market.

If the IPv6 Neighbour Discovery Protocol (NDP) is not managed properly or is not secure, a rogue IPv6 router will be able to automatically connect with the devices and snoop in on the network traffic and even gain control over the device if it plans to.

"IPv4-only routers and switches don't recognize or respond to IPv6 device announcements, but a rogue IPv6 router could send and interpret this traffic. We have observed worldwide that bots are increasing their use of IPv6 as a covert channel to communicate with their botmaster," Vyncke said.