Federal agencies at risk over IPv6

Share this article:

Most major federal agencies have not begun planning to transition to Internet Protocol Version 6 (IPv6), putting agency information and systems at risk, according to a report from the U.S. Government Accountability Office.

IPv6 was designed by the Internet Engineering Task Force to fix problems associated with the current version of the internet protocol (IPv4). Most importantly, IPv6 increases the number of available IP addresses by using 128-bit addresses instead of 32-bit addresses. It also provides routing and network autoconfiguration improvements.

While the Department of Defense has taken steps to developing a plan for transitioning to IPv6, most other major federal agencies have not, according to the GAO.

In addition to determining costs, creating a business case and setting timelines for the transition, agencies need to manage the security aspects involved because "poorly managed IPv6 capabilities can put agency information and systems at risk," GAO analysts wrote. Agency networks already include IPv6-capable software and equipment, they noted.

The GAO report was presented Wednesday at House Government Reform Committee hearing on the transition to IPv6. The committee also was scheduled to hear testimony from DoD officials and Microsoft.

Several countries are moving quickly to adopt IPv6, according to an announcement about the hearing released by the committee. If agencies do not address the planning issues involved in transitioning to the new protocol, "they will face increased costs and security risks," the notice warned.

As reported by SC Magazine earlier in the month, The GAO found that most agencies are not applying the infosec program requirements of the Federal Information Security Management Act (FISMA) to help combat new cyber threats

Share this article:

Sign up to our newsletters

More in News

In Cisco probe, misuse or compromise spotted on all firms' networks

In Cisco probe, misuse or compromise spotted on ...

Cisco analyzed the business networks of 30 multinational companies last year, and revealed the findings in its 2014 Annual Security Report.

Fareit trojan observed spreading Necurs, Zbot and CryptoLocker

The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.

Post Heartbleed, tech giants join initiative to bolster open source

Post Heartbleed, tech giants join initiative to bolster ...

The newly formed Core Infrastructure Initiative, created to boost under-funded open source projects, will tackle OpenSSL first.