Selling redundant gear and wiping hard drives on computers has pretty much become standard over the last few years – whether the machines are going for resale, donation, upcycling or recycling.
But what happens when it comes to cyber security critical network devices? These bits of kit can be eye-wateringly expensive, so the temptation to sell them on when they are upgraded is tempting. But here is a cautionary tale about how this can let the threat actors in past your security:
Hackers can breach networks using data on resold corporate routers (bleepingcomputer.com)
These devices hold critical settings, network information, code, credentials etc.. They need looking after.
Selling redundant gear – the cyber security question
Your take away should be – check before you sell and if you do not have the skills in house to do that, then get help. Because the threat actors are checking eBay looking for those routers and firewalls. We have special “anonymous” stickers on mission critical equipment so they can be visually tracked easily.
Clive Catton MSc (Cyber Security) – by-line and other articles