An internal audit report by the African Network Information Centre (AFRINIC) which has been publicly released shows how 4.1 million IP addresses were misappropriated in the massive heist.
It is a saga which has been unfolding for years but has finally been publicised. AFRINIC, which is responsible for allocation and management of IP addresses in Africa began its investigation in 2019 after being ordered to by the Supreme Court in Mauritius following an application by the FBI about anomalies spotted among the addresses.
According to the report, 4.1 million IP addresses from AFRINIC had been stolen, misappropriated and attributed to organisations without any justification. Many of these belonging to South African companies.
“Internal employees of AFRINIC may have, without any lawful authority, acted in collusion with other third-parties on the unlawful misappropriation of IPv4 resources, held by AFRINIC, which resulted in prejudice to the company and by extension to AFRINIC’s resource members and its community at large," explains the report.
Reclaiming the addresses
Following the two years since the investigation, AFRINIC has begun reclaiming the misappropriated addresses.
So far 44.7% have been reclaimed. This amounts to 1,060,864 IPv4 resources. These have been deregistered from the WHOIS database since February 2020 and have been in "quarantine". Following 12 months in this state, they are expected to be added back into AFRINIC's pool of resources.
"A total of 1,310,720 IPv4 resources are yet to be reclaimed due to ongoing diligence being carried out," said the report.