Category Archives: Cybersecurity

Bluekeep Vulnerability Warning

Microsoft has issued a warning 1 to many Windows® users that a new vulnerability in Windows® Remote Desktop Services (RDS) (also known as Terminal Services) has been discovered for many Windows® Operating Systems which requires no user interaction to lead to a security breach . To clarify this means if you are running on one of these Operating Systems, it has Remote Desktop enabled, and it can be remotely logged into using Remote Desktop Protocol without first logging into a Virtual Private Network (VPN), it may mean it could become infected without the user doing anything at all. The affected Operating Systems are listed below:

  • Windows Server® 2003
  • Windows Server® 2008
  • Windows Server® 2008 R2
  • Windows® XP
  • Windows® Vista
  • Windows® 7

It has been reported that “potentially millions of machines are still vulnerable.” 2 This particular vulnerability is so widespread and potentially dangerous that Microsoft has released special Out of Band patches for Windows® XP and Windows Server® 2003.

Microsoft Windows® Patches for the BlueKeep Vulnerability

  • Windows® XP / Windows Server® 2003 – Security Patch KB4500331 (this patch must manually be downloaded from Microsoft and installed)
  • Windows® Vista / Windows Server® 2008 – Security Patch KB4499180 (this patch must manually be downloaded from Microsoft and installed) OR Monthly Rollup KB4499149 (this patch is available through Windows® Automatic Update)
  • Windows® 7 / Windows Server® 2008 R2 – Security Patch KB4499175 (this patch must manually be downloaded from Microsoft and installed) OR Monthly Rollup KB4499164 (this patch is available through Windows® Automatic Update)

Some IT administrators may respond that even though they may have a computer which has one of the affected Windows® Operating Systems, that it does not have Remote Desktop Services enabled, or it requires a VPN to connect to the network before the system can be connected to with RDS so the system is not vulnerable.

Securing the perimeter of your network is important but not installing the latest security patches on computers in the company’s network can produce devastating results if a malicious actor can defeat the perimeter security. We encourage you to run supported Operating Systems with the latest patches regardless of your current network topology. We recommend using a tiered security approach which secures not only your network perimeter but uses network segmentation, running supported Operating Systems, installing current security patches, deploying internal network monitoring and security controls, and employs Role Based Access Controls (RBAC) among other security best practices.

Other resources of information about BlueKeep include:

Windows® and Windows Server® are registered trademarks of the Microsoft Corporation

twitterredditlinkedinmailtwitterredditlinkedinmail

Patching Spectre and Meltdown Vulnerabilities

Discovered in 2017, and publicized in 2018, Spectre and Meltdown are two new vulnerabilities in how certain microchips were designed.1, 2

These vulnerabilities place information stored in memory (e.g. passwords, email, web browsing information, documents, etc.) at risk of theft.3

For Spectre to be exploited, a device must have a vulnerable processor. Security researchers have verified Spectre can be exploited “on Intel, AMD, and ARM processors.”4

For Meltdown to be exploited, a device (laptop, desktop, server, smartphone, etc.) must have a vulnerable processor and the Operating System (OS) running on that device must be unpatched. While not all of the details are currently known, security researchers have verified that many Intel processors are vulnerable.5

Because the vulnerabilities lie in the processors, a complete fix which does not incur a degradation in system performance may rely on the processors being redesigned.6, 7, 8

IT administrators should not wait to do something about this. Many companies including Microsoft and Apple are releasing software updates to help patch these vulnerabilities.9, 10

A number of hardware vendors are releasing firmware updates (including but not limited to BIOS updates). Updating firmware (i.e. micro code) is a step necessary to mitigate the risk of Spectre or Meltdown being exploited and a systems best practice in that systems should be updated with the most recent release (production) security updates.11

It is important to note, that using the wrong BIOS or firmware update for your hardware may result in the hardware becoming unusable.12

Additionally, if the device loses power during a BIOS of firmware update your hardware may become unusable.13, 14

Each hardware, OS, and software vendor is responsible for providing their own patch. It has been reported that some updates may slow down device performance.15

Intel has published benchmarks showing the difference in device performance for a “Fully Mitigated System” vs a “Non Mitigated System at 100%” which can be read at https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/Blog-Benchmark-Table.pdf.16

Microsoft has released patches, but in order for your computer to see those patches it must have a supported anti-virus product installed and that supported anti-virus must create a special marker for Microsoft to confirm that your anti-virus will support the new Microsoft patches. If the special marker does not exist, “Customers will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities.”17

According to one security researcher, here is a list of anti-virus products that have updates to protect against one or both of these vulnerabilities but do not as of 8 January 2018, automatically create the special marker.18

If you use one of the above listed anti-virus programs and you are unsure or uncomfortable with manually creating the special marker yourself, please contact your IT provider.

twitterredditlinkedinmailtwitterredditlinkedinmail

Data Continuity

Introduction

Imagine losing $100,000,000 in revenue in two days: 1/10th of a billion dollars gone in two business days. This was the reality for Delta Airlines in September of 2016, when a loss of power shut down many of their servers, causing thousands of flight delays.  Everyone enjoys using the term “crash” when referring to basic program and process failures, but do not often convey the impact that crashes can have on a company. Expanding on this; companies that are not prepared with backups and continuity solutions are risking hemorrhaging resources like money and time the entire time their network is down.

“Crash” Course

One of the contributing factors to “crash” being such an overused term is that fact that a crash can be caused by many different things, and can come from both internal and external sources. A crash is, at its’ basics; an unwanted and sudden shutdown or cessation of function by a program or process. This can be cause by many different core issues, but amongst the most common would be information overload and hardware failure. Information overload is when too much information is attempted to be processed by the program or process and consequently the demand exceeds the capability of the software, causing a crash. Hardware crashes are more diverse, being caused by a variety of physical or mechanical failures that can cause the software logic to conflict with itself or trigger emergency shutdown procedures within the program itself. These can be caused by simple pre-existing conditions within the computer such as trying to run a program that has higher demands than your network can meet. However not all process and program failures stem from crashes; the recent “WannaCry” malware if present, can lock your files away, threatening their deletion for ransom, leading to a similar situation as a crash.

Why does network stability/continuity matter?

What truly makes a crash dangerous is its’ potential to “go down with the ship”. It is possible that on a computer network, if a key component or program fails and crashes, it could take the network with it; one server crashing has the capability to make a network unusable from a business perspective, costing time, and a large sum of money. As previously mentioned, in September, 2016, Delta Airlines had a physical hardware failure that caused a power outage at their Atlanta facility. Not all the servers within had backup which led to a massive data loss.  This caused flights to be delayed, which meant that flight crews went overtime and had to clock out as per federal limitations, meaning flights were delayed even longer to replace flight crews, which meant passengers were in some case waiting days for their flights. Vouchers were offered to appease many of these passengers, but by time all had been said and done, Delta reported they lost over $100,000,000 in revenue all within a few days.

How can I protect my data?

The act of protecting your sensitive data from these situations is often referred to as “data continuity” or “business continuity”. The idea is that if the worst should come and your data is the victim of a crash or attack, it can be recovered quickly and effectively. There are a few ways to go about this, from keeping up-to-date backups, to having copies of your data present at off-site or off-network locations that wouldn’t be affected.

twitterredditlinkedinmailtwitterredditlinkedinmail

CyberSecurity

Introduction

Information Technology companies and departments alike have always been plagued by a stigma; that if you need to call them, there is something seriously wrong with your network. It’s a bit like getting called to the principal’s office, and this feeling of trepidation is largely caused by a fear most technology companies experience, one that is quite validated.

No. Network. Is. Safe.

In the field of technology, it is an unpleasant and an inescapable fact. Security is of the utmost importance in modern technology and it is something often ignored because nobody wants to deal with it. But it is imperative that anyone working in this field not only understand how to safeguard their own network, but to understand the function and goals of malicious software (“malware”) that are designed to do harm to your network.

How Do Malicious Programs work?

An important step in understanding the function of these programs is to know that they are simply that-programs. On a conceptual level, a virus or malware program is not much different from any other program, except that it has outcomes that you do not want. Such software is designed to either damage, control, analyze, or influence the hardware or operating system that it targets. This can range from anything to encrypting files while awaiting a ransom to transmitting all the data from the target machine to a third party. These programs have a variety of sources, including but not limited to criminal corporations operating outside the purview of the law, single programmers attempting to make a quick buck, or the always infamous extremist group. When it comes to prevention, the source is not as important; what does matter is that attacks and infections on a network can be the single most costly issue a company will face. If a network suffers, for instance, a ransomware attack, no files, accounts, or data can be accessed on that network until the ransom is payed, and even then the data may still remain encrypted depending on the whim of the attacker.

How Can Malicious Programs affect my network?

There is an abundance of malicious software variations, due to the fact that these are as previously mentioned, simply programs, and thus can be unique in function and purpose, but for brevity’s sake we will cover some of the most important types of these programs. A relatively simple and common program is a trojan. A trojan’s purpose is reflective of its’ namesake, in that it pretends to be a legitimate or crucial piece of software to trick the user into downloading it, and upon installation hides itself inside the local files of the and then unleashes its’ “troops”. That is to say, it begins to do what it was designed to. This can mean everything from copying data, to deleting it. A new(er) type of malware that’s been making rounds lately is malvertising-(you can read our previous TechBits article on malvertising to get a much more in-depth description). Suffice it to say that malvertising uses internet ads to infect the target machine. Ransomware is software that encrypts all the data on a network and holds the de-encryption key for a ransom, though on occasion even paying the ransom will not coax the attacker into providing the de-encryption key. Though it’s important to know these types of malware, there are countless variants, and the variants are increasing at an alarming rate.

What Can I Do?

When people think of malware they often feel that they are safe with a single antivirus, firewall, or (and this will make your IT cringe) having a Mac because Apple products “don’t get viruses” (yes, they do). Whereas this can be enough for personal devices on a home network, the modern business cannot afford to use only a single source of malware protection. The most secure networks have layers upon layers of security and are very difficult to break through. On a more practical level, it is typically acceptable to have two layers: one passive one active. An “active” layer of protection would be like the anti-virus you are probably familiar with, something to actively scan files in your network to locate and quarantine dangerous programs until they can be properly disposed of. Passive protection is a little different. An example of passive technology would be a web filter.  The Web Filter doesn’t necessarily actively search and root out malicious programs, but rather acts like a sieve and prevents many malicious programs from coming into contact with your network in the first place. Another source of protection that should be mentioned is Web Application Filters. Web Application Filters, or WAFs, monitor attempts from outside your network to gain access through applications that are Internet Facing (Such as web-based email, or self-hosted websites.  It is not uncommon to see thousands of attempts per day of malicious actors attempting to gain access to a protected system through a web-based application.

A question anyone with an IT background has been asked at some point (and probably more than once) is this:

“What antivirus should I get?”

It’s an excellent question, there are many, many options for anti-virus/anti-malware software, some are free some are paid. An adage to consider is that “you get what you pay for” – we like to add the codicil, “if you are lucky” at the end. One option that we at Micro Systems currently suggest is WebRoot, which is a comprehensive anti-virus software that we often  combine with the added protection of the commercial version of MalwareBytes. However, at the end of the day the choice for antivirus and malware protection will largely depend on your unique network environment.

twitterredditlinkedinmailtwitterredditlinkedinmail

IRS Disables e-File PIN After Recent Suspicious Activity Found

As of June 24, 2016, the Internal Revenue Service (IRS) has disabled the e-File PIN as suspicious activity was recently detected.1, 2

This is not the first time in recent months that the IRS has disabled the e-File PIN as the result of suspicious activity.3

As of January 2016, the IRS detected an automated attack against its e-File PIN application.4

The January 2016, e-File PIN attack involved hackers collecting personal information from other sources and then using the Social Security Numbers of those people to generate e-File PINs.5

According to the IRS, approximately 464,000 Social Security Numbers were involved and the hackers successfully generated e-File PINs for 101,000 Social Security Numbers.6

The IRS had already been considering scrapping the e-File PIN application at some time in 2016, but the integration of a number of commercial tax applications with e-File PIN led to the IRS choosing not to do away with it after the first reported attack against the application earlier this year.7

How Can You Protect Yourself?

One of the key findings in the IRS alert released on June 24, 2016, is that in the January 2016, attack, the criminals used information they obtained from other sources to attack the e-File PIN.8

Information that the hackers used included:

  • Names9
  • Addresses10
  • Filing Status11
  • Dates of Birth12
  • Social Security Numbers13

Ask yourself how many of the above things can be found about you online. Think about the information you share on websites like Facebook, LinkedIn, Twitter, and Instagram. If the above information is available on any of your online accounts then you are making it easier for hackers to use your information in attacks. Remember, hackers can obtain this information from other sources too. One non-cyber way hackers can collect information to use in a follow-on cyber attack is impersonating the IRS during phone calls.14

Of course hackers can attempt to collect information about you through a variety of media including phone calls, text messages, emails, and faxes.15

Here are some extra tips on how to keep yourself safe.

  1. Limit the amount of information you provide to websites.
  2. When you provide personal information to websites make sure you are on an encrypted connection.
  3. Do not do any sensitive work (filing your taxes, accessing your bank account, or paying for things online) on the same computer you do heavy web browsing.
  4. Regularly update your anti-virus.
  5. Regularly run full anti-virus scans of all of your systems (computers and phones).
  6. When a virus is found on your computer, immediately take appropriate security steps to secure all accounts that have been accessed from that computer and verify that the infection is properly removed from your computer.
  7. Keep the operating system on your computer completely updated.
  8. Keep programs on your computer like Java and Flash completely updated.
  9. Enable the firewall on your computer and make sure it is configured to block unauthorized inbound traffic.
  10. Never reply to unsolicited emails requesting sensitive information. If you receive an email requesting information contact the sender by phone or in person to confirm they sent the email and if they need the information they asked for arrange to provide the information in person or using encryption.

If you believe you are a victim of an IRS scam or are suspicious about a phone call, text message, email, fax, or letter in the mail requesting information claiming it is from the IRS report the incident with the IRS following the directions on their website. You should also notify your IT provider.

twitterredditlinkedinmailtwitterredditlinkedinmail

Malvertising

Maybe you do everything right: you only go to websites you trust, you have updated antivirus and anti-malware programs, you use complex passwords, but you still deal with the occasional Internet annoyance, like pop-up or banner ads. Unavoidable and pesky, but part of the web-surfing territory, right? They’re annoying, but they don’t really get in your way. Why should you worry about them?

Even if you never click on them – I REPEAT – even if you don’t interact with them at all, they can infect your computer with malware – just by being displayed on your screen.

Here’s the problem.

You see, most websites innocently use ad services to create revenue – even websites you trust, like your favorite news site. The ad service will set up a certain number of ads in a rotation on the website. While many of the ads are harmless, sometimes an ad in the rotation will have invisible, malicious code embedded in it (without either the ad service or the website knowing about it). When your computer displays the ad, the evil, embedded code gets run on your computer, looks for any security “holes” it knows how to exploit, and downloads the right kind of malware for your particular vulnerability.

You won’t even know what hit you until, say, you find that your browser homepage has changed to a porn site or ransom page. And you were just trying to update your fantasy football league stats! Thankfully, there are some simple steps you can take which will greatly reduce your chances of falling prey to this type of attack.

Step 1: Update your web browser(s).

You’re probably reading this right now using an internet browser like Internet Explorer (or the new Microsoft Edge), Firefox, Safari, or Chrome. If you don’t know if you have the most current version of your browser, here are some directions for finding out. (It never hurts to double check!)

Step 2: Update your web browser plugins.

Javascript and Flash are the two biggest security concerns. Click here to check your version of Java and here to update Flash. You can also change your browser’s default plugin settings so your computer must “ask to activate” them. Disable unnecessary plugins entirely.

Step 3: Download good web browser protection programs.

If you’re using Firefox, Adblock Plus and NoScript are great browser extensions that will prevent most ads from displaying and will prevent a lot of “invisible” browser activity from happening. Malwarebytes also offers a good free version of its Anti-Exploit Kit (for personal use) that specifically defends against malvertising attacks.

twitterredditlinkedinmailtwitterredditlinkedinmail

Is being AWARE enough?

ncsam

October is National Cyber Security Awareness Month.  Now you are aware.

The question, however, that remains is “what does that mean to me?”  I’m glad you asked.  In 2014 companies such as Chase, Target, KMart, Home Depot, Neiman Marcus, and yes, even the hallowed Dairy Queen were all breached.  It is safe to say that warfare has evolved –  That is not to say that spears no longer work, however the reach of a computer with an Internet connection is much greater than anything we could have ever imagined.

But again, “what does that mean to me?”. With any weapon, comes responsibility – we are not going to teach you how to make your computer a threat – far from it – we want to show you how to be a little safer FROM those threats. The truth is, it is all the same things you have heard before – but let’s take a look at WHY these steps are important.

KEEP YOUR COMPUTER CURRENT

Most of the time, exploits are targeted at “weak” systems.  By keeping your operating system current, you are taking advantage of the diligence of the creator of those operating systems to make your computer safe.  There are always stories of “that update killed my computer” … and a lot of them are true.  Our advice is to update your computer on the first day of the month.  Almost nobody releases their updates during the last week of a month – this will give time for the bugs to be worked out.

USE A GOOD ANTI-VIRUS PRODUCT

Would you get a flu shot from your convenient store? How about an anti-biotic from a guy on Craigs List?  No?  Then don’t get a third-world free anti-virus product.  This is your first line of defense.  Consider it the cost of doing business.

BE CAREFUL WHERE YOU GO

Just like you wouldn’t walk down dark alleys with twenty dollar bills hanging out of your pockets yelling “I’m unarmed and wealthy ..”, don’t hang out in places that are prone to be frequented by hackers.  If you are given to adult sites and gambling, consider getting a throw-away computer for that activity.

DON’T LET YOURSELF BE USED

You wouldn’t let your computer be used by a stranger would you?  (please say “no”)  There are some programs in the wild called a RAT.  RAT means Remote Access Trojan; it is a program designed to let a stranger use your computer to perform whatever act that they would like.  RATS are considered malware and are the preferred weapon of ne’er-do-wells who would seek to do your harm.  It is important that you understand that a RAT is not a virus, and as a result MAY NOT BE DETECTED by your anti-virus.  Please make certain that you have an anti-malware product installed, or that your anti-virus software contains an anti-malware component.

WHEW!

So, now your protection is current, you are only going to pure and holy websites, and you refuse to participate in bad things.  Now what ?
The word of the day is INFORMED.  Remain informed from your trusted advisors as to new and unusual threats and how to deal with them.  We know that the tool at your hand can be your best friend – we just want to make certain that it isn’t your enemy’s best friend too. As always, consult with your local technical consultant.

twitterredditlinkedinmailtwitterredditlinkedinmail

Internet Explorer Vulnerability?

I’m sure you have probably heard on the news, or been sent an email describing the terrors of the Internet Explorer vulnerability.  It is concerning when so many IT companies want to use scare tactics to get in the door of your company.  Yes, there is a concern – yes it is real.  But does it apply to you ?

Do you use FireFox, or Chrome, or Safari, or Opera ?  Then this doesn’t apply to you.  There are other issues which may be present with your chosen browser, but this one isn’t yours. You may safely stop reading and enjoy the rest of your day. However, some people *must* use Microsoft’s Internet Explorer as it is required by their software or their workplace.  What can you do ?

First of all you must know the conditions that must be met for this vulnerability to apply to you:

  • You must be using Internet Explorer
  • You must be viewing an animation that requires Adobe Flash

Not doing that ?  Then you need not worry.

You ARE doing that ?  Well, then we need to do something until Microsoft releases its patch to remedy the vulnerability.
The easiest thing to do is simply disable flash until it is fixed.  Now, you *can* install FireFox, Chrome, or another browser if you like, but you should be aware that they may not work with your software.

This isn’t difficult to do.

6 steps (not kidding) – if you have dual monitors, put these instructions up on one screen and do the steps on the other:

  • While in Internet Explorer
  • Click on Tools Menu item or Gear in the upper right hand corner of your screen
  • Choose Manage Add-Ons
  • Locate Shockwave Flash Object (Under Adobe Systems)
  • Highlight it
  • Click “Disable” in the lower right hand corner

How does this affect me while I wait for Microsoft to release the patch for this vulnerability?

You will not be able to view any animations which require Adobe Flash.  An example would be YouTube animations.

We fully expect Microsoft to release a solution by early next week.

twitterredditlinkedinmailtwitterredditlinkedinmail

BYOD – Bring Your Own Device, or Bought Your Own Disaster?

It seems that the talk of business is BYOD – employees don’t want to carry two phones – employers don’t want to buy phones for employees … what to do, what to do …

Here is a thought !  Lets bring our own devices, iPhones, iPads, Blackberries, and Droids to work and get our corporate email on there !

Here is a thought !  Lets tell our employees we will give them $ 25.00/month to use their own personal devices for corporate email and we won’t have to buy them phones !

And how wonderful that is, the win-win proposition of business.  What could be bad with that ??

Well – it may not be a bad thing at all, as long as the employees and the employer are both pleased with the employment arrangement that they have entered into.  But suppose, one day, the rose-colored glasses break, and it is time to change the employment arrangement. Most of the time, either the employer or the employee knows when this is going to happen before the other one does.  They both know, however, that some of the data on the phone is personal and some of it is corporate.

We now have a electronic data child custody battle.  I’ll bet you weren’t ready for this when the whole BYOD idea came up.

From a corporate perspective, the data on that phone needs to be wiped – but you can’t do that without wiping the whole phone, and those cute little pictures of the puppies the phone owner took this morning will be lost.  That will not go over well.

From a personal perspective, that phone belongs to me, and so does everything on it.  Im not tech-savvy and I don’t know how to back it up, but Im not asking my ex-company for help..

So, Solomon, the baby is in front of you … what do you do ?

It would not be uncommon for both sides to have attorneys to represent their interests – so what will you do ?  Will you, the employee, hand over your phone to be wiped and lose all of your personal information ?  Do you want them to see the texts that say that your boss is an idiot ?  Or perhaps the not-so-flattering pictures you took of a co-worker (who wants to continue being employed) when you were out last weekend ?

Will you, the company owner, be comfortable with the employee you fired saying “don’t worry, Im not upset over this, I’d be happy to erase all of your critical data that I have on my device” ?

No, there is no good answer in this situation.  How did we get here ??  Oh, that is right, we wanted a little more convenience and to save a little more money.

My advice is simple : don’t do it.  If you need your employees to have mobile devices, then provide them.  If they don’t want to carry two devices, then they can leave their personal phones at home, or in their car.  It might cost you an extra $ 50.00 / month, but your attorney bills will consume 3 years of that in one day of legal work.  As an employee, I value my right to privacy too much to allow corporate interests to infringe upon my personal life.  Yes, they would give me money per month to defray my data costs, but my rights are not for sale.

At the very least, when you are tempted to enter into such an arrangement, consult your attorney for legal advice.

twitterredditlinkedinmailtwitterredditlinkedinmail

The New Internet has come – are you ready for it?

(this article originally published on 6/27/12)

The internet has just evolved in a really important way that’s going to affect your business. People are even going so far as to call IPv6 “The New Internet” because it’s completely revolutionizing the way the world transmits and receives information online – and yet, most of your everyday users will never hear about it or notice that anything’s different. And if you’re a tween who only uses the internet to play World of Warcraft, or a sorority girl who thinks of her Macbook as a “Facebook machine” – that’s probably fine. However, if your business or professional life relies on the internet, you’re going to want to pay attention.

IPv6 stands for “Internet Protocol Version 6.” Most of the online world is running on Internet Protocol Version 4, which, believe it or not, has been running since the late 1970’s, unlike your beloved El Camino. (Don’t ask what happened to Version 5; the answer’s really boring.) As you might guess by the use of the word “protocol,” IPs are basically the rules that dictate how anything with an internet connection gets and sends out information. Of course, they used to just apply to computers, but now we have smartphones, Androids, tablets, gaming consoles, netbooks, e-readers – heck, I bet you could find cookware with an internet connection, if you looked hard enough. I love to use metaphors, so, if we think of the internet as a series of roads and highways, it now has more “cars” – internet-using appliances – on it than ever before. Internet usage has absolutely exploded in the past decade or so, to the point where, apparently, even the entire royal family of Nigeria has gotten email accounts. With increased “cars” (and therefore increased “traffic”) has come a number of problems that didn’t exist when the internet was just boring old DARPAnet back in the day.

The biggest problem with IPv4, in essence, is that there simply aren’t enough “license plates” to go around. Anything that communicates on the internet has to have what’s called an IP address, which, like the license plate on your Camry, is a series of numbers that allows the vehicle to be identified. An IP address is a way of identifying who’s doing what on the internet, which is a vital element for technological security these days. But, whatever it is you’re doing on the internet, your device has to have one or it won’t work. So they’re pretty important, and, unfortunately, they’re running out. In fact, if you go to IPv6Forum.com, you’ll see something on the left-hand side labeled “IPv4 Exhaustion Counter,” which is simply a doomsday-like countdown until all the IP addresses in a given geographic region are going to be used up, and there will not be room for even one more smartphone to get on the internet. Anyone who buys a smartphone after that line has been crossed will be destined to accidentally eat at poorly-Yelp-reviewed restaurants for the rest of their days, and there’s nothing they can do about it. Unless they want to move to Antarctica. (Good luck finding any restaurants there.)

But not so fast, says IPv6, cape billowing in the breeze, for I have enough IP addresses for all! (3.4×1038 of them, in fact, which means that every single person of the world’s 2011 population [7 billion] – individually – could have 4.8×1028 of them. Holy exponential numbers, Batman!) Preventing IPv4 address exhaustion is the main reason why IPv6 had to be invented, but it does a lot more than just provide more “licenses” for the growing number of “cars.” It’s created a whole new set of data transmission capabilities that never existed before, and it’s made some of IPv4’s preexisting capabilities much faster and more efficient. If you’re interested in the technical jargon, you can show off to your friends and say it allows for things like new routing capabilities (including route aggregation), makes renumbering an existing network for a new connectivity provider MUCH easier, and it has improved multicasting abilities with new bells and whistles. (And even if you don’t know what those things are, they do sound impressive, don’t they?)

What you probably don’t know is: IPv6 is already here. June 6, 2012, was the World Launch Day, which means that there are a chunk of the world’s internet devices out there that have already been transitioned from v4 to v6. The world’s largest internet service providers, hardware manufacturers, and web content providers have already begun transitioning the world’s main data centers and routes of data transmission to v6.>

Here’s the part where you come in, so pay attention! The world, at a point in the not-too-distant future, is going to be using IPv6 on the vast majority (if not the entirety) of their internet devices. But you will need to manually convert your servers, DNS servers, routers, and etc. to IPv6 if you want to be able to communicate with the rest of the world. You may have heard it said that routers and computer devices “talk” to one another, in a manner of speaking, and you’re going to need your devices to be able to “speak” and “understand” both IPv4 and IPv6 systems (what we would call backwards compatibility). For instance, if your router hasn’t been converted from IPv4 to IPv6 compatibility, it isn’t going to be able to communicate with any device bearing an IPv6 address (which will be most of them, pretty soon, because, as we mentioned earlier, there aren’t many more IPv4 addresses to be had).

Now, manually converting your devices sounds like work, and it is (sorry), but it’s not really optional if you’re making any attempt at network security. The transition has already begun, and if your devices aren’t actively transitioned with it, they’re going to be security risks for your networks, devices, and data. Routers and infrastructures that have been designed around IPv4 technology have new vulnerabilities, because they’re now less advanced than the systems they’ll be runni8ng. Because the very format of IP addresses has changed with IPv6, this also means that legal tools for tracking IP addresses (and safeguards within your routers and servers) will need to be redesigned as well.

twitterredditlinkedinmailtwitterredditlinkedinmail