Sky-High IPv4 Prices Pose Cybersecurity Threats
The price of individual IPv4 addresses peaked at $32 in the first quarter of 2021 as the supply for IP resources failed to meet demand. Vincentas Grinius, the CEO of IPXO, says that increased cybercriminal activity is a probable consequence of this price surge, as selling hijacked IP addresses turns a profit in underground markets. This increase in cybersecurity risks persists mainly due to two factors: decreased availability and IP address hoarding.
The pool of unallocated IPv4 addresses was utterly depleted in 2019; however, the number of devices that require IPs continued to grow. In addition, the transition to IPv6 has been slow and inefficient, leading companies to pursue quick ways of expanding IP assets. This gap between the supply and demand of IP resources makes transactions expensive and exhaustive, leading businesses to engage in IPv4 black market transactions.
Browse The Complete News About AI: Mitratech Ushers in New Era of Contract Management
Furthermore, as the IPv4 addresses traded in underground markets are sold at unregulated prices, they may even be more expensive than legal markets. In turn, this ‘incentive’ pushes cybercriminals to obtain unused and unsecured resources from unsuspecting companies to continue their nefarious activity.
The hijacking issue becomes exacerbated by companies hoarding large amounts of unused IP addresses due to their value as a commodity. They are unwilling to give up these assets, yet they lack the knowledge on how to utilize them best, which means that assets typically remain dormant.
Static IP addresses are rarely adequately secured. Since most of them have been acquired before shortages became a concern and were later forgotten, hijacking attempts are rarely detected. In particular, IPv4 hijacking disrupts the normal routing network to illegitimately take control of IP addresses. For the original owner to take back control of their stolen assets, they would have to take lengthy and expensive legal action, taking a financial toll on their business.
With over 800 million IPv4 addresses currently not used, a supply of prime targets for hijacking attempts by fraudsters seeking to re-sell them under the record-high market price is becoming more prevalent. A cybercriminal who can steal a large IP address block (such as /16 or 65,536 IP addresses) can earn thousands of dollars each month.
Mr. Grinius notes that increased prices and limited accessibility mutually contribute to an increased risk of cybercrime: “Cybercriminals can exploit these vulnerabilities in two ways: firstly, they target the IPv4 addresses of companies who do not feel pressured by IPv4 depletion, unaware of what is being done to their vast reserves of IP resources. Secondly, they offer desperate companies, willing to side-step legalities, the opportunity to obtain needed IPv4 addresses quickly but at prices equal and, in some cases, higher than in legal markets.”
One of the ways the increased risk of cybercrime may be mitigated is to redistribute IPv4 resources by legal means. IPXO, for example, offers companies the ability to lease out their IPv4 resources without losing ownership of them. IP leasing may help remove the need for underground transactions in a two-fold manner. Firstly, by enabling unused IPv4 addresses to re-enter the market, a cost-efficient and more easily accessible method of obtaining IP resources for new businesses is provided, alleviating the problem of scarcity. Secondly, by auditing all IP addresses that enter the marketplace, IPXO prevents reputable IPs from abuse, protecting large companies from IP hijacking and preventing them from leaking into the black market.
“Cybercriminals mainly capitalize on existing market problems, which the rapid price growth of IPv4 has demonstrated. By tapping into the vulnerabilities created by unequal resources, hijackers have created a lucrative black market. A possible solution to these issues is the creation of more sustainable internet governance. As IP leasing presents both a cost-efficient and accessible option for businesses, cybercriminals may be pushed out of the market by superior competition,” Grinius noted.
[To share your insights with us, please write to firstname.lastname@example.org]