Federal agencies at risk over IPv6

Share this article:

Most major federal agencies have not begun planning to transition to Internet Protocol Version 6 (IPv6), putting agency information and systems at risk, according to a report from the U.S. Government Accountability Office.

IPv6 was designed by the Internet Engineering Task Force to fix problems associated with the current version of the internet protocol (IPv4). Most importantly, IPv6 increases the number of available IP addresses by using 128-bit addresses instead of 32-bit addresses. It also provides routing and network autoconfiguration improvements.

While the Department of Defense has taken steps to developing a plan for transitioning to IPv6, most other major federal agencies have not, according to the GAO.

In addition to determining costs, creating a business case and setting timelines for the transition, agencies need to manage the security aspects involved because "poorly managed IPv6 capabilities can put agency information and systems at risk," GAO analysts wrote. Agency networks already include IPv6-capable software and equipment, they noted.

The GAO report was presented Wednesday at House Government Reform Committee hearing on the transition to IPv6. The committee also was scheduled to hear testimony from DoD officials and Microsoft.

Several countries are moving quickly to adopt IPv6, according to an announcement about the hearing released by the committee. If agencies do not address the planning issues involved in transitioning to the new protocol, "they will face increased costs and security risks," the notice warned.

As reported by SC Magazine earlier in the month, The GAO found that most agencies are not applying the infosec program requirements of the Federal Information Security Management Act (FISMA) to help combat new cyber threats

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.