IPv4 addresses are becoming scarce, which emerges in thefts and scams. Due to the lack of tangible evidence, it’s challenging to investigate IP address thefts and find the source of a crime.
The most significant IPv4 address theft case of the decade was the South African address heist when millions of IPv4s were stolen from the AFRINIC organisation and sold on the second-hand market. The African Network Information Centre (AFRINIC) is responsible for ensuring IP address distribution and security within the region. The crime cost around $54 million and severely affected the IPv4 address market in the region and overseas.
After the investigation, researchers found that the case was an inside job, and many corporation employees were responsible for illegal IPv4 address allocation. Investigators found evidence leading to the members of the organisation, showing that some of them were involved in the IPv4 address heist.
The multimillion theft might have been predicted and controlled if the AFRINIC organisation would’ve reacted quicker and taken the issue more seriously. Now, we can only learn from past mistakes and try to understand what has to be done to avoid such scenarios in the future.
What Can Be Done to Avoid IP Address Thefts?
IPv4 addresses are in decline, which accelerates the transition to IPv6 addresses. Yet due to difficulties to shift to a new Internet Protocol, companies try to use and obtain as many IPv4 resources as possible. IPv4’s shortage surges in thefts and corruption, therefore it’s necessary to increase the IP market protection.
More attention to resource management can prevent unnoticed data leaks or tampering. Transparent IP address infrastructure and attention to third party networks, such as IP address marketplaces can provide security benefits and a better grip on resource management. Heficed - the IP address infrastructure service provider company, built its service for similar reasons. Although the company works on building IP infrastructures and running an IP address marketplace, they also seek to prevent their clients from IP address abuse and thefts.
IP address thefts are rising, yet it’s still difficult to investigate and solve crimes like that. While building a security infrastructure, such as firewalls, attack detection, DDoS mitigation makes resources less prone to outer attacks, IP address providers should additionally invest in information security to prevent illegal IP address allocation.
For instance, an immutable IP structure and transparency can help monitor resources and spot suspicious activity. To prevent thefts, IP address suppliers should filter addresses and record new buyers and their associated networks. A clear structure and visible links between provider, clients, and third parties (e.g. a marketplace platform) is key to ensuring data protection.
At the same time, an organisation has to have clear policies and legal grounds that could be used in the case of illegal address allocation. Policies and legal preventative actions protect resources and help to handle the outcome in case of an actual crime happening.
AFRINIC investigation showed how severely IP address thefts can affect the market. Although the case caused extensive damages, it was also a lesson on how to deal with such crimes in the future. If IP address providers around the world take preventative actions, risks can be controlled and minimised.