Following the growing demand for internet commodities like IP assets, the prices of IPv4 addresses have reached new heights in recent times. Cybersecurity experts warn that this scenario could boost the risk of security threats as opportunistic cybercriminals might target unused or unsecured IP addresses to compromise them and trade on underground markets. Organizations that own or manage IPv4 address blocks should be vigilant and look out for any hijacking attempts on their IPv4 addresses by hackers.
What is an IPv4 Address?
The IPv4 or IP (version 4) address is the fourth version of the internet protocol (IP), which has a set of rules governing the format of data communications sent over the internet and other networks. IPv4 addresses are 32-bit integers that can be expressed in hexadecimal notation (Example: 192.0.2.146 is an IPv4 address)
IPv4 and Associated Cyber Risks
According to a report from IPXO, the price of an IPv4 address increased to $32 in Q1 2021 as the supply of IP resources failed to meet demand. It’s suspected that the increase in cyberattacks is a probable consequence of this price surge, as reselling hijacked IP addresses would be a profit in underground markets. The gap between the supply and demand of IP resources makes transactions expensive and exhaustive, leading companies to engage in IPv4 black market transactions.
Vincentas Grinius, CEO of IPXO, stated that increased prices and limited accessibility contribute to the rise of cybercrimes. “Cybercriminals can exploit these vulnerabilities in two ways: firstly, they target the IPv4 addresses of companies who do not feel pressured by IPv4 depletion, unaware of what is being done to their vast reserves of IP resources. Secondly, they offer desperate companies, willing to side-step legalities, the opportunity to obtain needed IPv4 addresses quickly but at prices equal and, in some cases, higher than in legal markets.”
The report also claims that over 800 million unused IPv4 addresses at present, which could become a prime target for attackers to re-sell them under the record-high market price.
Some of the threats that affect IPv4 include:
1. Sniffing Attacks – A sniffing attack involves the illegal extraction of unencrypted data by capturing network traffic through packet sniffers.
2. Application Layer Attacks – An application layer attack targets computers by deliberately causing a fault in a computer’s operating system or applications. These include DDoS attacks, SQL injections, cross-site scripting, etc.
3. Flooding – Flooding results when a device is targeted with large amounts of network traffic, which could lead the network to become unavailable or out of service.
4. Rogue Devices – Rogue devices are unauthorized end-user computers or wireless access points that prey on sensitive information such as credit card numbers, passwords, and more.
5. Man-in-the-Middle Attacks – In a man-in-the-middle attack, the attacker places himself in an ongoing communication or data transfer between an application/service and its user to spy or impersonate someone.
“Cybercriminals mainly capitalize on existing market problems, which the rapid price growth of IPv4 has demonstrated. By tapping into the vulnerabilities created by unequal resources, hijackers have created a lucrative black market. A possible solution to these issues is the creation of more sustainable internet governance. As IP leasing presents both a cost-efficient and accessible option for businesses, cybercriminals may be pushed out of the market by superior competition,” Grinius added.