Federal agencies at risk over IPv6

Share this article:

Most major federal agencies have not begun planning to transition to Internet Protocol Version 6 (IPv6), putting agency information and systems at risk, according to a report from the U.S. Government Accountability Office.

IPv6 was designed by the Internet Engineering Task Force to fix problems associated with the current version of the internet protocol (IPv4). Most importantly, IPv6 increases the number of available IP addresses by using 128-bit addresses instead of 32-bit addresses. It also provides routing and network autoconfiguration improvements.

While the Department of Defense has taken steps to developing a plan for transitioning to IPv6, most other major federal agencies have not, according to the GAO.

In addition to determining costs, creating a business case and setting timelines for the transition, agencies need to manage the security aspects involved because "poorly managed IPv6 capabilities can put agency information and systems at risk," GAO analysts wrote. Agency networks already include IPv6-capable software and equipment, they noted.

The GAO report was presented Wednesday at House Government Reform Committee hearing on the transition to IPv6. The committee also was scheduled to hear testimony from DoD officials and Microsoft.

Several countries are moving quickly to adopt IPv6, according to an announcement about the hearing released by the committee. If agencies do not address the planning issues involved in transitioning to the new protocol, "they will face increased costs and security risks," the notice warned.

As reported by SC Magazine earlier in the month, The GAO found that most agencies are not applying the infosec program requirements of the Federal Information Security Management Act (FISMA) to help combat new cyber threats

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.