Experts have recently predicted that the move to IPv6 could actually help spambots push out more malware. Is there...
anything enterprises can do to protect against this?
Planning for the transition to IPv6 has been in progress for more than 10 years, and the issue with spambots is only one on the long list of potential security issues involved in the transition. Along with spam blacklists, anything that relies on IPv4 addresses will need to be investigated in order to determine whether it should be updated to support IPv6, including devices such as firewalls, VPNs, etc.
Enterprises probably already have IPv6 on their networks via IPv4 tunnels from modern client systems. However, be sure to verify whether your network security defenses support IPv6. For systems that don’t support IPv6, you should plan either to upgrade to a version that does or switch to a new product, since IPv6 will need to be implemented sometime in the next couple of years for most networks.
The issue with IPv6 spam and blacklists that Joe Stewart of the Dell SecureWorks Counter Threat Unit has identified, is current spam blacklists have been fairly effective recently to lower the amount of spam and the DHCP churn, and other changes in IPv6 may potentially make it more difficult to implement such blacklists. While DHCP churn could be exacerbated with IPv6 and limit the effectiveness of blacklists, other antispam controls that include content analysis could be implemented to reduce the spam. White and blacklists will need to be carefully managed in this transition, since there will be many new entries, and the size of the lists may become unwieldy.
Enterprises can specifically test their antispam controls to see if they work with IPv6 by enabling a test network that operates with IPv6 and then testing the individual technologies. While it shouldn’t matter currently if the blacklist is available over IPv6, it is important for the blacklist to support IPv6, since there will be parts of the Internet that may only use or be accessible by IPv6 (and, thus, IPv6 malware) that could be sources of spam in the near future.
Dig Deeper on IPv6 security and network protocols security
Related Q&A from Nick Lewis
Zscaler recently discovered a malvertising campaign that spreads the Terror exploit kit through malicious ads. Discover more about the threat with ... Continue Reading
Cybersecurity vendor Wordfence reported a rise in scans for SSH private keys that are often accidentally exposed to the public. Learn how to stay ... Continue Reading
The SANS Internet Storm Center discovered a DDE attack spreading Locky ransomware through Microsoft Word. Learn what a DDE attack is and how to ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.