Experts have recently predicted that the move to IPv6 could actually help spambots push out more malware. Is there
anything enterprises can do to protect against this?
Planning for the transition to IPv6 has been in progress for more than 10 years, and the issue with spambots is only one on the long list of potential security issues involved in the transition. Along with spam blacklists, anything that relies on IPv4 addresses will need to be investigated in order to determine whether it should be updated to support IPv6, including devices such as firewalls, VPNs, etc.
Enterprises probably already have IPv6 on their networks via IPv4 tunnels from modern client systems. However, be sure to verify whether your network security defenses support IPv6. For systems that don’t support IPv6, you should plan either to upgrade to a version that does or switch to a new product, since IPv6 will need to be implemented sometime in the next couple of years for most networks.
The issue with IPv6 spam and blacklists that Joe Stewart of the Dell SecureWorks Counter Threat Unit has identified, is current spam blacklists have been fairly effective recently to lower the amount of spam and the DHCP churn, and other changes in IPv6 may potentially make it more difficult to implement such blacklists. While DHCP churn could be exacerbated with IPv6 and limit the effectiveness of blacklists, other antispam controls that include content analysis could be implemented to reduce the spam. White and blacklists will need to be carefully managed in this transition, since there will be many new entries, and the size of the lists may become unwieldy.
Enterprises can specifically test their antispam controls to see if they work with IPv6 by enabling a test network that operates with IPv6 and then testing the individual technologies. While it shouldn’t matter currently if the blacklist is available over IPv6, it is important for the blacklist to support IPv6, since there will be parts of the Internet that may only use or be accessible by IPv6 (and, thus, IPv6 malware) that could be sources of spam in the near future.
Dig deeper on Network Protocols and Security
Related Q&A from Nick Lewis, Enterprise Threats
A new variant of Java-based malware can execute regardless of the operating system used. Nick Lewis explains how to limit the threat.continue reading
A variant of malware on Android devices removes and reinstalls itself when a device powers on or off. Learn how to completely eradicate the threat.continue reading
Expert Nick Lewis explains how to avoid a detrimental VPN bypass flaw that allows malicious apps to infiltrate Android devices.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.