How cybercriminals exploit vulnerabilities in IPv4 addresses

The price of individual IPv4 addresses reached at $32 in the first quarter of 2021 as the supply for IP resources failed to meet demand.
IPv4 Prices
The pool of unallocated IPv4 addresses was depleted in 2019; however, the number of devices that require IPs continued to grow. The transition to IPv6 has been slow and inefficient, leading companies to pursue quick ways of expanding IP assets.

As the IPv4 addresses traded in underground markets are sold at unregulated prices, they may even be more expensive than legal markets. In turn, this ‘incentive’ pushes cybercriminals to obtain unused and unsecured resources from unsuspecting companies to continue their nefarious activity.

The hijacking issue becomes exacerbated by companies hoarding large amounts of unused IP addresses due to their value as a commodity. They are unwilling to give up these assets. They lack the knowledge on how to utilize them best, which means that assets typically remain dormant.

Static IP addresses are not adequately secured. Since most of them were acquired before shortages became a concern and were later forgotten, hijacking attempts are rarely detected.

IPv4 hijacking disrupts the normal routing network to illegitimately take control of IP addresses. For the original owner to take back control of their stolen assets, they would have to take lengthy and expensive legal action, taking a financial toll on their business.

With over 800 million IPv4 addresses currently not used, a supply of prime targets for hijacking attempts by fraudsters seeking to re-sell them under the record-high market price is becoming more prevalent. A cybercriminal who can steal a large IP address block (such as /16 or 65,536 IP addresses) can earn thousands of dollars each month.

Vincentas Grinius, CEO of IPXO, says that increased cybercriminal activity is a probable consequence of this price surge, as selling hijacked IP addresses turns a profit in underground markets. This increase in cybersecurity risks persists mainly due to two factors: decreased availability and IP address hoarding.

Cybercriminals can exploit these vulnerabilities in two ways: firstly, they target the IPv4 addresses of companies who do not feel pressured by IPv4 depletion, unaware of what is being done to their vast reserves of IP resources.

Secondly, they offer desperate companies, willing to side-step legalities, the opportunity to obtain needed IPv4 addresses quickly but at prices equal and, in some cases, higher than in legal markets.

One of the ways the increased risk of cybercrime may be mitigated is to redistribute IPv4 resources by legal means. IPXO, for example, offers companies the ability to lease out their IPv4 resources without losing ownership of them.

IP leasing may help remove the need for underground transactions in a two-fold manner. Firstly, by enabling unused IPv4 addresses to re-enter the market, a cost-efficient and more easily accessible method of obtaining IP resources for new businesses is provided, alleviating the problem of scarcity.

Secondly, by auditing all IP addresses that enter the marketplace, IPXO prevents reputable IPs from abuse, protecting large companies from IP hijacking and preventing them from leaking into the black market.

IPXO is an all-in-one Internet Protocol marketplace focused on enabling companies to monetize unused IP resources and alleviate the IPv4 shortage problem. IPXO offers IP reputation management, as well as continuously collaborates with RIRs to come up with novel solutions to enhance industry transparency.