Fraudsters Obtained $30 Million Worth of IP Addresses in South Africa: Expert’s Comments

As IPv4 addresses become valuable commodities, elaborate fraud schemes emerge. Corporate owners need expert industry partners to optimize and protect their IP address assets.

This September, South African media revealed an elaborate fraud scheme where IPv4 addresses reportedly worth at least $30 million on the second-hand market were stolen or misappropriated from large multinational companies based in South Africa.

The registered owners were mostly not aware of any violation of their properties, as the attackers exploited complex ownership structures. In addition, the legitimate owners were often unfamiliar with the considerable asset value presented by their stocks of IPv4 addresses.

Among the address sets stolen were a number of especially valuable “legacy blocks”, sets of IP addresses that were assigned before the establishment of regional internet registries (RIRs) and are thus completely free to use.

“We often notice that companies that obtained large pools of IPv4s when they were still readily available are not aware that they are now quite valuable. Thousands of addresses used to be free, now a single legacy address can be worth as much as $30,” comments Vincentas Grinius, CEO of Heficed, a company offering network infrastructure solutions that center on the procurement and management of IP addresses.

IPv4 fraud has become an increasingly pressing issue in the past decade. This is because the omnipresent IP addresses are actually a finite resource. Their original sources, the RIRs serving a continental region each, have all nearly run out of original, free-to-use address blocks within the last ten years, with AFRINIC being the only one still allocating them with relative ease.

Since IPs are localized, however, African addresses only serve limited use – to operate a server within Europe or America, a user needs a European or American IP. This is especially relevant for latency-dependent customers, like those who operate within fields of tight competition.

Whoever needs IPv4 addresses thus has to obtain them on the second-hand market. Like in any commodity market, fraud constitutes a problem, too.

Even in highly-regulated jurisdictions like the United States, fraudsters still go after high-value resources. With proper attention and dedication, even stolen addresses can be recovered, but this often takes considerable time and legal investments. Most importantly, it is often impossible for large-scale corporate owners to properly track IPv4 ownership themselves.

“As with all complex, immaterial goods, like stocks or virtual assets, intermediary network infrastructure providers fulfill more than just the function of traders. The market, manage and care for their clients’ resources,” says Grinius.

Dealing with technicalities like IP addresses is often the least priority large companies have if they are aware of the issue at all.

“The news from South Africa clearly shows that oversight is the main issue. Mostly without notice, IPv4s has become a hugely profitable opportunity that can be utilized if proper care is taken. Heficed is among the specialist companies that offer this oversight and care, and thus provides security to clients who might not even have known that their assets were in danger,” Grinius adds.

Heficed believes that companies must take charge of their own IPv4-security since institutional help is unlikely to arrive. Officially, the protocol is being phased out in favor of IPv6, a process that has only very slowly advanced since IPv6’s introduction in 1998. This long-term solution is still far off: according to Google’s own statistics, less than 30% of users have access to their services using IPv6.

“For the time being,” Grinius concludes, “the only way to avoid potentially ruinous security breaches is to work with trustworthy partners in procuring and managing IPv4 addresses. With high demand encouraging fraud, the existing authorities are simply overstrained.”

About Heficed

Headquartered in London, Heficed provides full-range services for IP lease, monetization, and management services. Heficed serves around 60 multi-billion industries starting from hosting to automotive or healthcare. With the millions of IP addresses and 12 years of industry experience and the operations globally, Heficed can meet any demand needs. That includes automated provisioning bare-metal solutions and cloud services in 9 locations around the world.