Old routers are giving away important corporate secrets – is yours one of them?

Old routers are giving away important corporate secrets - is yours one of them?

Old routers are giving away important corporate secrets – is yours one of them?

Recently, a pair of security researchers lucked out with an alarming statistic: It would appear that perhaps half of the discarded routers currently on the secondhand market are unwiped and contain a dangerous amount of corporate network information.

The researchers, from security company ESET, were setting up a test environment using used rack-mounted routers. In the process, they discovered that previous network configurations were still on the hardware, along with data that threat actors could easily use to identify who had been using the router.

The next step was obvious: buy more routers to see if the incident was a one-off.

What’s alarming is that it wasn’t.

The researchers purchased another 18 routers, only to discover pre-existing configuration details and data on more than half of them.

“In the wrong hands, data obtained from devices (including customer data, router-to-router authentication keys, application lists, and much more) is enough to launch a cyberattack. “A bad actor could have gained the initial access needed to begin investigating where the company’s digital assets are located and what might be valuable,” the researchers say. said in a blog post.

“We’re probably all aware of what comes next in this scenario.”

Beyond the threat of direct action, the fact that network data is available and easily affordable: rack-mounted routers cost only a few hundred dollars on the secondhand market. Given that the current price for such data is about US$2,800 on the dark web, a criminal could make a surprising amount of money simply by selling what they find on old routers without even engaging in hacking activities.

What the researchers found even more worrying was the reaction of the companies whose old routers they had found. When contacted, some understood the risk they were taking, while others admitted that they had handed over their hardware to be cleaned by a third party, which clearly had not done the job they promised.

However, some simply ignored the researchers. Some companies just didn’t seem to care about hardware that was apparently no longer their responsibility.

“The lessons to be drawn from this investigation are that any device leaving your company must have been cleaned and that the cleaning process must be certified and audited periodically to ensure that your company’s crown jewels are not openly sold on second hand manual hardware markets,” the researchers said.

You can read the full report here.

Leave a Reply

Your email address will not be published. Required fields are marked *