The rise of IPv4 address thefts: How IPv4 addresses are stolen in the scam?
Posted at 2020-08-04 08:14:31
By Prefixx Team
IPv4 addresses are becoming more valuable with each passing day, especially since they have been exhausted by all RIRs, and IPv6 has a lot of catching up to do. Anything of incremental value becomes vulnerable to thefts and since it is a virtual commodity, it is witnessing a growing number of thefts on a daily basis. As such, existing IP addresses are not stolen, but the unauthorized allocation of available address pools amounts to theft. Moreover, many scammers can utilize dormant IPv4 addresses to initiate untraceable spam attacks on unsuspecting users. A notable example of an IPv4 heist in recent times is the notorious 50 million USD AFRINIC hack that had a severe impact on the entire IPv4 market. After a lengthy investigation, spanning 3 years, by a researcher from the US, the African IP Heist was uncovered to involve a scandalous insider of a nonprofit who siphoned dormant IPv4 addresses and re-appropriated them illegally to online marketers through clandestine dummy companies. Even though a legitimate price of an IP could fetch him from 15 USD to 25 USD, the black market demand was too tempting for him to misappropriate hundreds of thousands of IPv4 addresses for a cumulative earning of 50 million USD. The accused, Ernest Byarhunga was hired by AFRINIC way back in 2004 and luckily, his RIR was the last internet registry to declare exhaustion, hence the most chased after registry by all other RIRs. Allegedly, Ernest saw this demand-supply gap as a huge opportunity for under table transactions.
Although thefts, scams, and difficulty of their traceability still prevail, RIRs and IPv4 brokers have become better prepared for any exigencies and buyer/seller awareness and precautions have contributed a lot to ensure the safety of legitimate IPv4 transactions. There is no denying that subsequent investigations of big heists like AFRINIC, always revealed the presence of insiders in the crime, more so because of a lack of transparency. With the absence of a clear transfer of assets, it is hard to make an individual accountable and give the opportunity to insiders to take advantage and evade attention. Nonetheless, future thefts can be prevented with the following measures.
Consequently, the need to address and the implementation of measures for IP safety became the prime focus of all stakeholders of the IPv4 address market. This included a multi-pronged approach involving transparency in infrastructure and policies, improved efficiency in the management of resources, and security measures matching technological advancements.
Best Possible Actions for Prevention of Thefts of IPv4 addresses:
The most obvious measure is to employ the latest security measures and working in a technologically inert transaction environment. Apart from Security Protocols and VPN based transactions, it is essential to include multi-factor authentication and better identity verification measures. Additional infrastructure for cybersecurity also includes DDoS based mitigation, immediate detection of cyber-attacks, and firewalls. Another sound measure is to empty information security measures that make it almost impossible to acquire IP allocation illegally.
Secondly, each step of the transaction must be verifiable and traceable in real-time. This allows for individual accountability and all participating parties know exactly as when and where the lapse occurred. It also ensures that each participant becomes aware of the incidental legal liabilities and cannot risk being part of a theft or a scam. Broker, client, and seller can make use of immutable structures that can reveal suspicious interactions immediately.
No matter how good your technology and personnel, the final bastion of protection is the clear and unambiguous description of roles and liabilities in the policy. This results in a firm legal basis to hold the custodian of the asset at the time of theft as the one responsible for damage control. While this measure may prevent unethical and illegal practices to some extent, it is more of a trust-building measure that lowers the risks of buyers and sellers who transfer their liabilities to the broker for a certain fee.
Now, there may be many brokers in this field but Prefixx has the most comprehensive plan in place to make your IPv4 transaction secure and free from scams or theft.
Prefixx is a registered full-service IPv4 broker with operations spanning the entire globe. Prefixx is the preferred choice for huge transactions with dedicated servicing across all RIRs.
Clients are assured with the best in cybersecurity, transparent transactions with personal audit, and attention of dedicated network administrators. Furthermore, the client also gains confidence upon understanding the crystal clear and simple policies, which also act as a risk mitigation practice. Another important factor is the fact that each transaction takes more time for preparation and the least time for execution, making for an informed decision with the least lag time in transaction hence, the least time for cyber-thieves to try and scam or loot an IPv4 holder during a legitimate transfer.