Adopting and Enforcing an IPv6-Only Policy: If Not Now, When?

As the next-generation Internet Protocol, IPv6 (Internet Protocol version 6) is the prerequisite for the future growth and development of the Internet. In the era of artificial intelligence (AI), 5G, and Internet of Things (IoT), there are increasingly more and more innovations and emerging technologies that will be heavily relying on the support of the Internet, which is currently running in the so-called dual-stack of mode operations using both Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). Moreover, adopting and enforcing the IPv6-only policy worldwide by securely deploying the single stack of IPv6, turning off IPv4, and setting a specific deadline to sunset IPv4 completely will dramatically reduce the overall cybersecurity threats and attacks based on IPv4.

Therefore, the IPv6-only policy is not only the most effective and efficient approach to protect and defend our new cyber frontier but also the best weapon we have in cyber warfare. Here are the reasons why.

First, despite hundreds of billions of dollars spent globally each year on cybersecurity, organizations worldwide, big or small, are still struggling around the clock every single day to deal with constant cyberattacks and data breaches, most of which are based on the current predominate version of Internet Protocol – IPv4. This seems to be a losing battle that one can hardly see the light at the end of the tunnel anytime soon, let alone gain an upper hand in the fight.

In 2018, for instance, there were more than 41,600 security incidents reported and over 2,000 confirmed data breaches worldwide, notwithstanding we spent more than $114 billion worldwide in 2018 on cybersecurity. In other words, there were more than 114 reported security incidents on average every day in 2018, approximately six of which were confirmed data breaches, costing the global economy more than $1.5 trillion with over $2,900,000 being lost to cybercrime every minute! One related report predicts that cybercrime will cost the world over $6 trillion annually by 2021. Meanwhile, a study in 2019 predicted that global spending on cybersecurity products and services would exceed $1 trillion cumulatively over the five years from 2017 to 2021. A similar study estimated that worldwide spending on information security-related products and services reached over $124 billion in 2019 alone with an increase of more than 141 percent since 2010. According to one of the Gartner’s forecast analyses, the global information security market will reach $170.4 billion in 2022.

Second, the situation can only get worse in a few more years when the IPv6 adoption rate will reach 100 percent running in parallel with IPv4, effectively doubling the overall attack vectors. According to one estimate, based on the current trend the global IPv6 adoption rate will reach 100 percent in 2028.

Based on the latest Internet Society’s State of IPv6 Deployment 2018 report, worldwide IPv6 deployment has increased dramatically since 2012. For instance, in 2018 more than 80 percent of smartphones in the U.S. already used IPv6, and the mobile wireless carriers are rapidly becoming an IPv6-only market with 93.69 percent of T-Mobile USA mobile users already using IPv6. Furthermore, many companies including Facebook, Google, and Microsoft are adopting an IPv6-only policy by turning off IPv4 internally within their enterprises.

Consequently, the federal government also seems ready to resume its leadership role in driving the IPv6 adoption across all federal agencies. The Department of Defense (DOD), for example, after many years of missing in action finally restarted the effort to deploy very aggressively IPv6 across all of its components based on the recently published DOD CIO memo on IPv6, which in turn will undoubtedly have a huge influence on the creation of a new federal policy on IPv6 deployment across all federal agencies. The impact of such a new federal IPv6 policy on both the public and private sectors cannot be underestimated.

Third, adopting an IPv6-only policy to securely deploy the single stack of IPv6 globally and to sunset IPv4 will dramatically reduce the overall cybersecurity threats and attacks based on IPv4! It is a material fact that we will immediately achieve a 100 percent reduction of all current global cyberattacks and cybersecurity threats based on IPv4 the moment we turn off IPv4. We will also immediately achieve more than 50 percent reduction globally of the overall cyberattacks based on IPv4 and IPv6 separately, and the combination of both collectively.

Consequently, we must change our cybersecurity strategy dramatically right now to efficiently secure and effectively defend the global cyberinfrastructure before the time is running out. Our whole paradigm of cybersecurity and cyber defense policy must be completely shifted to focus on securely deploying the single stack of IPv6 worldwide instead of running and supporting both IPv4 and IPv6 simultaneously, engaging the enemies in two separate battlegrounds concurrently, fighting two separate wars with limited resources. We should and must utilize all of our global resources wisely and concentrate on fighting and winning only one war! The IPv6-only policy is not only the best weapon we have in cyber warfare but also our last chance to effectively protect the cyberspace and efficiently defend our new digital frontier.

Now it is high time to create and enforce an IPv6-only policy worldwide by turning off IPv4 and set a specific deadline to sunset IPv4 globally.

It is not a question of whether we should adopt and enforce an IPv6-only policy by turning off and sunsetting IPv4, but a question that we must ask: If not now, when?!                         

Disclaimer: The views presented are only personal opinions and they do not necessarily represent those of the U.S. Government.

(Visited 776 times, 1 visits today)

Charles Sun is a columnist with HSToday focusing on security and implementation of IPv6. He is a highly innovative, dynamic, and experienced Information and Communication Technologies (ICT) executive with more than twenty-five years’ extensive professional and managerial experience in both the public and private sectors, having routinely and consistently provided the state of the art, innovative, and cutting edge ICT solutions and project management with a proactive vision and common sense to many organizations in both the public and private sectors. As the subject matter expert (SME) in Cloud Computing, SDN, NFV, Data Center Virtualization, IPv6, IoT, large enterprise & campus computer systems and converged voice, video, and data networks design, planning, testing, implementation, installation, and IT project management, Mr. Sun has previously served as Director of IT Engineering and Operations at the Export-Import Bank of the United States and Senior Advisor for Emerging Technologies at the U.S. Census Bureau of the U.S. Department of Commerce. He also served as LAN/WAN Network Manager and Branch Chief at the U.S. Census Bureau of the U.S. Department of Commerce and U.S. Bureau of Labor Statistics of U.S. Department of Labor. Prior to his work in the U. S. federal government, Mr. Sun previously worked as a senior network engineer and principal network consultant at the University of Maryland (UMD and UMUC), Northrop Grumman Mission Systems, U. S. National Library of Medicine, AOL Time Warner, and Georgetown University. He also served as a Senior Technical Officer at Startec Global Communications and Network Manager/IT Manager at the National Museums of Asian Art of Smithsonian Institution and other non-profit organizations in the United States. As the recipient of graduate scholarships, Mr. Sun earned a Master of Arts degree in International Affairs from Ohio University. He also completed the courses required for the Master of Public Administration (MPA) program at Ohio University

Leave a Reply

Latest from Cybersecurity

Go to Top
X
X