acm-header
Sign In

Communications of the ACM

Home/News/Used Routers Often Loaded with Corporate Secrets/Full Text
ACM TechNews

Used Routers Often Loaded with Corporate Secrets

By Ars Technica
April 24, 2023
Comments
View as: Print Mobile App Share:
Used routers.

The big danger is that the wealth of information on used devices would be valuable to cybercriminals and state-backed hackers.

Credit: aquatarkus/Getty Images

Scientists from Slovak security firm ESET will present research at this week's RSA security conference indicating more than half of used routers its researchers purchased for testing were loaded with sensitive corporate information.

The researchers bought 18 secondhand routers manufactured by Cisco, Fortinet, and Juniper Networks; nine were fully intact and accessible, but just five had been properly wiped of data.

All nine intact routers carried credentials for the organization's virtual private network, credentials for another secure network communication service, or hashed root administrator passwords.

This and other information on the devices could be exploited by cybercriminals, as well as state-supported hackers.

The ESET team warned contracting with third-party companies to wipe enterprise devices for resale offers no assurance such firms actually do so.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2023 SmithBucklin, Washington, D.C., USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account