IT disaster recovery, cloud computing and information security news

Emerging cyber threats: first native IPv6 DDoS attack strikes

A first of its kind IPv6 DDoS attack hit servers over the weekend, ‘raising a red flag for the future era of cybercrime’, according to global web security firm, Neustar.

The DNS threat - which was successfully defended against - came from approximately 1,900 different native hosts, on more than 650 networks. It targeted Neustar’s authoritative DNS service and highlights the worrying deployment of new attack methods.

Barrett Lyon, Head of Research and Development at Neustar said, “We’ve been monitoring the increasing deployment of IPv6 for a while now and have seen certain indicators of it hitting critical mass. This weekend’s attack was however, the first actionable attempt from hackers. Businesses now need to treat IPv6 as an important part of their security profile.”

Previously, organizations implementing software that uses network connectivity have been advised to write code with the ability to call protocol-agnostic networking libraries, which meant that in cases where the software didn’t need to consider whether it was on an IPv4 or IPv6 network, it would use whatever was available and preferred by the network. This also encouraged those that write bots and worms to follow the same practices.

Wesley George, Principle Engineer, SiteProtect NG Network Engineering, Neustar, added, “If security teams are not considering IPv6 traffic as a part of their threat model, regardless of the type of the attack, they stand to be caught unprepared for whatever the next big headline attack might be. Across the industry, we have known that IPv6 attacks were going to start as IPv6 deployment started to reach a tipping point, and that tipping point is now here, so it is critical that organizations take IPv6 attack vectors seriously and ensure they have a plan to address them.”

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.


A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.