Anyone who sorts out or resells company routers should definitely delete all stored data in accordance with standards. ESET experts found that many SMEs apparently do not follow this simple rule.
In a study of 16 routers purchased used, they found that sensitive information could still be accessed on more than half of the devices. Shockingly, disposal service providers also did poor work here and did not destroy hardware or its contents, but rather resold them.
“The potential impact of our findings is extremely concerning and should be a wake-up call,” said Cameron Camp, security researcher at ESET. “We expected medium to large companies to have strict safeguards in place for equipment decommissioning - this obviously wasn't the case. The majority of devices examined contained a digital blueprint of the organization in question, such as core network information, application data, corporate credentials, and partner, vendor, and customer information.”
Of the nine network devices for which full configuration information was available, included
- 22 percent customer data
- 33 percent connections that allowed third parties access to the network
- 44 percent credentials to connect to other networks as a trusted party
- 89 percent connection details for some applications
- 89 percent router-to-router authentication key
- 100 percent one or more IPsec or VPN credentials or hashed root passwords
- 100 percent enough data to reliably identify the former owner/operator.
Routers in the study come from organizations of different sizes and industries
The routers in this research come from organizations of varying sizes and industries (data centers, law firms, third-party technology providers, manufacturing and technology companies, creative firms, and software developers). ESET communicated the results to the affected companies, including well-known names.
A lack of control plays into the hands of criminals
“There are well-documented processes for properly decommissioning hardware, and this research shows that many companies do not strictly follow these when preparing devices for the secondary market,” said Tony Anscombe, Chief Security Evangelist at ESET. “Exploiting a vulnerability or spearphishing for credentials is potentially hard work. Our research shows that there is a much easier way to get this data. We encourage companies engaged in device disposal, data destruction and device resale to closely review their processes and ensure they are in compliance with the latest NIST standards.”
Disposal only in a controlled and professional manner
Companies should only hire trustworthy, competent third parties to dispose of equipment or take all necessary precautions if decommissioning themselves. This applies not only to routers and hard drives, but to all devices that are part of the network. ESET experts advise following the manufacturer's guidelines to safely remove all data from a device before it leaves the company - a simple step that many IT staff can take.
Further information and the white paper on the analysis can be found HERE .
Also read: Spearphishing – A targeted threat in the digital age
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

