We'll Pay for Our Lack of IPv6 Expertise

We find ourselves in a strange dichotomy. On one hand, the IT industry - especially in the US - continues to be slow at adopting IPv6 into their networks. At the same time, most new devices ship IPv6-aware and can create IPv6 networks on their own, whether you're ready or not. As a result, many IT professionals don't have a deep understanding of IPv6's technicalities, yet they have IPv6 traffic and devices on their networks. This also means most administrators haven't implemented any IPv6 security controls.

This is fantastic news for attackers looking to exploit unprotected weaknesses. Next year, expect to see an increase in IPv6-based attacks and IPv6 attack tools. At the very least, we expect a marked increase in IPv6 DDoS attacks and IPv6 device scans.