News

Cyber Crooks Licking Their Chops, Say Mounties

Switch to new Internet address system will help criminals according to RCMP analysis FOI'd by Tyee.

By Stanley Tromp, 13 Aug 2012, TheTyee.ca

Cybercriminal from Shutterstock

'It is assessed with high confidence that cyber criminals will use the transition mechanisms of IPv6 to carry out their illicit activities until computer security measures are reconfigured to block them.': RCMP report. Photo: Shutterstock.

Related

A massive changeover now ongoing from one Internet system to another means your home computer, smart phones, TV, fridge, and home heating could all become connected to the Internet. But it could also creates a higher risk your banking data could be stolen and government infrastructure could be sabotaged.

Those were the findings of a December 2011 report by the RCMP's criminal intelligence branch, obtained by The Tyee under the access to information law (although partially censored for security reasons). You can read the document here.

The report looked at how the switch from IPv4 to IPv6 will impact the Canadian police's ability to combat cyber crime over the next two years, and how criminals can exploit the transition mechanisms.

"This transition period presents vulnerabilities for criminal exploitation because it creates numerous security gaps... It is assessed with high confidence that cyber criminals will use the transition mechanisms of IPv6 to carry out their illicit activities until computer security measures are reconfigured to block them.

"In Canada, there has been no criminal activity linked to IPv6 because it is not yet operating on its own without IPv4. However, RCMP cyber crime investigators share many concerns of their British and American colleagues."

Personal data such as banking passwords could be compromised, causing financial loss. Even worse, newly developed software called RCS -- Remote Control System -- can enter a digital device undetected, bypass even the best electronic defenses, and disrupt anything from a railway signaling system to a nuclear power station, wreaking havoc.

340 decillion new risks?

Just as new telephone area codes are implemented to serve growing populations, so an expanded Internet addressing system is needed to service more devices getting onto the Internet. (Not to be confused with URL website addresses, these are the numbers that allow machines to identify each other on the Internet -- for example 192.149.252.76.) Under the current system, called Internet Protocol version 4 or IPv4, the pool of available addresses is nearly exhausted.

In response, version 6 (IPv6) has been created, which will change addresses from 32-bit numbers to 128 bit ones. This expanded numbering system will allow for 340 decillion new devices to be connected to the Internet, ranging from home computers and smart phones to TVs, fridges and home heating. (A decillion is the number 1 followed by 33 zeros, that is, 340,000,000,000,000,000,000,000,000,000,000,000 new devices.)

The three types of transition options are (1) Dual Stack Configuration (2) Tunneling, and (3) Translation, and each have their own vulnerabilities.

IPv6 is not yet in widespread use in Canada, and it will likely be years before it can be used alone. But it is currently enabled by default on many home and business computers, which allows cyber criminals to monitor communications. One problem is that firewalls are not yet set up to monitor IPv6. As well, Intrusion Detection Systems (IDS) -- a more advanced way of finding suspicious traffic than firewalls -- may ignore the IPv6 or tunneling from IPv4.

Better change your passwords

Cybercriminals succeed, in part, because Canadians let them into their computer systems by their own failure to take risks seriously and protect themselves. Users aren't aware of intrusions, or if they are, they view these as no more than a nuisance.

Some criminals exploit existing vulnerabilities in software and hardware. Others trick people into accepting malware, especially for users who don't often change their passwords (such as for banking). Botnets -- a network of personal computers infected with malicious programs -- are linked to organized crime.

In the United Kingdom, the Serious Organized Crime Agency (SOCA) says that IPv6 could lead to more cyber crime, but investigations will be harder to do because of the billions of new domain names and IP addresses created. Yet under IPv6, all devices in one house will have a separate IP address, and the need for individual user names and passwords makes it difficult for someone to deny they were using a computer at the time of an attack.

According to a report last June on CNET, the FBI, US Drug Enforcement Administration and RCMP officials have jointly asked Internet representatives to enable IPv6 with traceability features that will allow agents to identify suspected cybercriminals as easily as they now do with IPv4. Promoters of IPv6 and industry reps alike are scrambling to make sense of the police demands. Another CNET article noted that the FBI has suggested that a new law may be needed if the private sector doesn't do enough voluntarily.  [Tyee]

Read more: Science + Tech

What have we missed? What do you think? We want to know. Comment below. Keep in mind:

Do:

  • Verify facts, debunk rumours
  • Add context and background
  • Spot typos and logical fallacies
  • Highlight reporting blind spots
  • Treat all with respect and curiosity
  • Connect with each other

Do not:

  • Use sexist, classist, racist or homophobic language
  • Libel or defame
  • Bully or troll
comments powered by Disqus