Prices
Blog

Data destruction on Cisco and other network equipment

This BLOG is about data destruction in all kinds of networking devices such as switches, routers, modems, firewalls, access points, repeaters and so on.
I wrote this blog because I think that data destruction in network products still gets too little attention from IT and computer networking decision makers.
To write this blog, I sought advice from Sebastiaan Back of Cybereason.

20210429 111305 scaled 1

Obviously a little confusing – DATA destroying on networked devices

Because you would say … in network devices like switches, routers, firewalls, access points etc, there are no files in there, right?

With computers, servers and laptops, the story is clear.
They can contain all kinds of files that you logically don’t want going out into the wide world.

For years, we at IT Recycling have been collecting Cisco and other brands of network equipment, and until a few years ago, data destruction really almost never came up. Destruction of information on network equipment for recycling or buyout has actually been in our price list for at least 10 years, but it was just a very unknown phenomenon. The lion’s share of our customers simply saw no harm in simply giving out switches, firewalls, modems, access points, router and more for recycling.

Things are changing, however, and we are getting more and more orders to pick up network equipment for recycling and then immediately take care of properly destroying the information contained within.
After all, an old network device is the perfect Trojan Horse to attack your organization from within.

Data destroy Cisco equipment and remove IP settings

But what can go wrong when you outsource old network components?

The problem with network equipment such as Cisco equipment, for example, is that it contains specific information about the network they were in.
That can be IP data, but also logins and passwords, this information is often called IP settings.
Also, it is quite possible that certain network components when you connect them will immediately start contacting their old network.

For cyber criminals, IP settings can be really handy. Often it is not even necessary to hack the victim, the Cisco’s will do that for them.
Specially insidious are the smaller firewalls that are used with VPN connections of some large organizations. Often we then see a perfect and super-secure firewall at headquarters – connected via a VPN connection to a simpler firewall at home workers or smaller offices. If then the smaller firewall gets into the hands of miscreants then they can enter their victim’s network without any hindrance. It is then like giving the front door key to the burglar. Discarded access points for recycling can also come in handy for criminal elements.

This allows them to build a “fake” WiFi network near places their victims ( and their mobiles, tablets and/or laptops ) frequent. The victim’s cell phone will then immediately and without the victim noticing, enter the hacker’s fake network and announce itself. Without any form of security, the cybercriminal can then carry out his nefarious plans unnoticed.

This trick was used by two Russian secret agents at the time to attack the Organization for Chemical Weapons’ network from a car in the parking lot.
You can read up on exactly what happened here: CYBERAANVAL AT CYCW

You can by no means always make things safe from both sides.
Of course, instead of destroying the information on the deported devices, you can make sure that those devices with the information and settings still in them do not enter the network anywhere again.
You can imagine, however, that this is just not feasible in practice.
Miss Klaasen’s cell phone still knows the old WIFI network and will log on immediately if it is approached by an accespoint posing as this network.
If the network administrator has that all neatly arranged and sealed then all Cisco and other equipment may be taken away for recycling and the devices can be picked up and recycled with no problem.

We see in practice that switches and routers and other network devices often go out of service and then their IP settings just stay left and right.
Companies take unnecessary risk with this.

We think that if you are not quite sure if the old network devices still contain relevant IP settings or information, then you really should have them cleaned up or destroyed.

You can only view and change IP – settings if you have the device in front of you on the table!

In order to prevent miscreants and cybercriminals from remotely – over the Internet – influencing the IP data, passwords and access information, changing this information – remotely – has been made totally impossible by the manufacturer.

switch-data-destruct-scaled (1)

This is the case with all brands and types of network equipment.
The fact is that this information can only be accessed through a special cable and a special plug in each network device.
This is called “CONSOLE” – the bottom line is that you can only access that information if you actually have that device in front of you on the table.

So a cyber criminal who has your old router or firewall in his hands can see the IP addresses left and right and the access information to get on the network!
In any case, with this data, the cybercriminal is granted an insight into the structure and security of the network.

With the cable and CONSOLE destroy information in network equipment for recycling.

There are only a few computer recyclers in the Netherlands who have the necessary knowledge and experience in this, but there are also system administrators who know how to do it.
With the right software and some experience, the specialist can get into any network device fairly quickly and view, change and also completely erase the IP settings.

Pretty handy, but also very handy for hackers!
They also have such a cable and see the use of it.

The option to completely erase all information is ingrained in all network devices.
What is actually done is to reset all the settings the device has to the settings as they were when the device came from the factory.
This is often called “restore factory settings” And this reset to factory settings is irreversible.

This is a rather labor-intensive job and therefore not cheap.
So only suitable for network equipment that still has value and will still be used.
If that is not the case and it is about network devices for recycling then it is always cheaper and more convenient to just destroy the whole network device.
Then the IP settings are also destroyed.

Physical destruction of network equipment.

If you destroy the whole thing then the information that was in it is also destroyed.
Cisco equipment and other network equipment that comes in here for destruction goes – after registration – into the shredder and is ground into small pieces.
This is considerably faster than with CONSOLE.
We can also destroy Cisco and other network devices on site with our mobile hard drive shredder. However, the whole device does not fit in the shredder but so we take out the circuit board first and that is then shredded under supervision and on site.