Security News > 2023 > April > Hackers can breach networks using data on resold corporate routers
Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to obtain customer information.
Core routers are the backbone of a large network as they connect all other network devices.
Initially, the ESET research team bought a few used routers to set up a test environment and found they had not been properly wiped and contained network configuration data as well as information that helped identify the previous owners.
The purchased equipment included four devices from Cisco, three from Fortinet, and 11 from Juniper Networks.
With corporate network devices, the administrator needs to run a few commands to securely wipe the configuration and reset it.
The researchers say that some of the routers retained customer information, data that allowed third-party connections to the network, and even "Credentials for connecting to other networks as a trusted party."
News URL
Related news
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- ArcaneDoor hackers exploit Cisco zero-days to breach govt networks (source)