A recent audit released by (AFRINIC) shares the full extent of an IP address heist. The results indicate that more than 4 million IP addresses belonging to African organisations have been stolen over the past ten years. This has left many companies vulnerable to misuse, spam, and breaches.
Business Insider South Africa mentions that the theft reveals a trail of corruption, coverups, and growing black-market trade.
AFRINIC, the organisation responsible for issuing and managing IP addresses on the continent, was first brought to light regarding the stolen IP addresses in 2019 when it was contacted by the United States’ Federal Investigation Bureau (FBI).
After an extensive investigation, it was discovered that a total of 4.1 million IP addresses had been stolen. 2.3 million of these addresses belong to AFRINIC’s “free pool” and the remaining addresses are “legacy” IP addresses.
An IP (Internet Protocol) address allows devices to communicate with each other and plays an important role in creating safe internet connectivity. In Africa, AFRINIC manages IP addresses using the WHOIS system, which tracks and records who or what is using a specific address. In a recent report on the heist, AFRINIC admits that its WHOIS database was compromised by internal staff who were scheming with third parties.
During the heists, Infoplan was hit the worst. The software information company lost addresses whose value adds up to some R80 million. Woolworth and Nedbank were also victimised, with the former experiencing misappropriation to almost 200,000 individual addresses. It’s estimated that the value of these stolen IPs exceeds R58 million.
Other companies that were targeted include the City of Cape Town’s Directorate of Information Services, Nampak, Sasol, Independent Media’s Argus Holdings and Transnet.
In an effort to rectify the damage, an average of 1.5 million IP addresses have been reversed or reclaimed – although many of the addresses are still pending due to a stringent review process. AFRINIC is continuing to increase its security measures to ensure that all users can use the internet safely.