Federal agencies at risk over IPv6

Share this article:

Most major federal agencies have not begun planning to transition to Internet Protocol Version 6 (IPv6), putting agency information and systems at risk, according to a report from the U.S. Government Accountability Office.

IPv6 was designed by the Internet Engineering Task Force to fix problems associated with the current version of the internet protocol (IPv4). Most importantly, IPv6 increases the number of available IP addresses by using 128-bit addresses instead of 32-bit addresses. It also provides routing and network autoconfiguration improvements.

While the Department of Defense has taken steps to developing a plan for transitioning to IPv6, most other major federal agencies have not, according to the GAO.

In addition to determining costs, creating a business case and setting timelines for the transition, agencies need to manage the security aspects involved because "poorly managed IPv6 capabilities can put agency information and systems at risk," GAO analysts wrote. Agency networks already include IPv6-capable software and equipment, they noted.

The GAO report was presented Wednesday at House Government Reform Committee hearing on the transition to IPv6. The committee also was scheduled to hear testimony from DoD officials and Microsoft.

Several countries are moving quickly to adopt IPv6, according to an announcement about the hearing released by the committee. If agencies do not address the planning issues involved in transitioning to the new protocol, "they will face increased costs and security risks," the notice warned.

As reported by SC Magazine earlier in the month, The GAO found that most agencies are not applying the infosec program requirements of the Federal Information Security Management Act (FISMA) to help combat new cyber threats

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

NIST finalizes cloud computing roadmap

NIST finalizes cloud computing roadmap

The NIST architecture is designed to accelerate the adoption of cloud computing.

Chinese MitM attack targets iCloud users

Chinese MitM attack targets iCloud users

The attack used a false certificate to trick iCloud users into handing over personal data and login credentials. With an attack of this size, some experts and researchers believe the ...

EPIC: driver data shared via V2V technology needs protection

The groups shared comments on V2V communications with the National Highway Traffic Safety Administration.