Security News > 2023 > April > Hackers can breach networks using data on resold corporate routers
Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to obtain customer information.
Core routers are the backbone of a large network as they connect all other network devices.
Initially, the ESET research team bought a few used routers to set up a test environment and found they had not been properly wiped and contained network configuration data as well as information that helped identify the previous owners.
The purchased equipment included four devices from Cisco, three from Fortinet, and 11 from Juniper Networks.
With corporate network devices, the administrator needs to run a few commands to securely wipe the configuration and reset it.
The researchers say that some of the routers retained customer information, data that allowed third-party connections to the network, and even "Credentials for connecting to other networks as a trusted party."
News URL
Related news
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Schneider Electric confirms dev platform breach after hacker steals data (source)
- Nokia investigates breach after hacker claims to steal source code (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)