- Aug 17, 2017
- 1,508
“A core router touches everything in the organization, so I know all about the applications and the character of the organization—it makes it very, very easy to impersonate the organization,” says Cameron Camp, the ESET security researcher who led the project. “In one case, this large group had privileged information about one of the very large accounting firms and a direct peering relationship with them. And that’s where to me it starts to get really scary, because we’re researchers, we’re here to help, but where are the rest of those routers?" The big danger is that the wealth of information on the devices would be valuable to cybercriminals and even state-backed hackers. Corporate application logins, network credentials, and encryption keys have high value on dark web markets and criminal forums.
Used Routers Often Come Loaded With Corporate Secrets
More than half of the enterprise routers researchers bought secondhand hadn’t been wiped, exposing sensitive info like login credentials and customer data.
www.wired.com