Why IT Departments Need to Pay More Attention to Networking Gear Versus Traditional Equipment

Network Cables Plugged Into a Server Rack

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

You already understand the dangers of unsecured computers. Data breaches and cybercriminals often look for vulnerabilities in computer systems through people at your office opening emails that look normal. Plus, you already know to have robust firewalls and security software on your computers, and you know to update operating systems as companies drop support for older programs.

But what about your networking gear? 

When was the last time you assessed the age and vulnerability of your routers and servers?

I.T. Supply Solutions examines this issue.

Networking Gear Can Be Hacked

Back in July 2020, Wired reported a major bug in networking equipment sold by F5 Networks in Seattle. The company’s BIG-IP application delivery controllers, such as local traffic managers and DNS, needed immediate patches. Anyone who read the alert from government officials was told installing a patch by that point was too late, and firms should assume their network was compromised. A cybersecurity firm sounded the initial alarm about the vulnerability.

What happened?

The F5 vulnerability affected load balancers, distributors of traffic to different servers that host applications and websites, within large enterprise networks. A directory traversal bug in the web-based management interface let anyone connected to them access information traveling through the networks. Attackers found another bug to run any code they wanted to on the networks.

Hackers could intercept, change, and redirect any traffic running through those distribution devices. For example, they might intercept and redirect transactions made through a bank’s website or steal credentials and private information of customers. 

Even worse, hackers could have used the compromised networking gear as a hop-off point to try to compromise other devices on the network. An attacker could even use the bug to steal the encryption keys that guarantee the security of an organization’s HTTPS traffic with users. Someone might have thought the network was secure when it wasn’t.

What is router or server hacking?

Routers and servers are two of the most important tools for businesses and agencies of any size. Just about any business needs networking gear in their facilities, whether you have a large warehouse utilizing wireless devices or a small retail operation that accepts credit cards as payment. 

As such, networking equipment is an easy target for hackers because most businesses think they can’t be hacked.

The key is that hackers look for vulnerabilities in firmware, the software that provides control over specific hardware.

Cybercriminals look for ways to get into the firmware, alter the code a bit, and then take control of the device. This is what happened when Russian hackers got into refrigerators and home appliances with wireless connectivity to create a massive DDOS attack on Twitter and other internet sites in October 2016.

They found this vulnerability through firmware that wasn’t secure.

Those were on updated appliances that were relatively new.

What happens when you have servers and networking gear that’s five years old? What about 10 years old? How often does the manufacturer update the firmware on your networking gear? Did the manufacturer stop offering support or firmware updates on your devices?

If you don’t know the answers to these questions, you should find out as soon as possible. 

How do you prevent router hacking?

There are several things you can do to prevent router hacking.

First, do your research. Before you make a major purchase, research the best manufacturers or installers.

Second, register your products with manufacturers as soon as they’re installed. If your IT department installed the router, this should happen directly through the manufacturer. If you hired a professional installer, that company should offer support and firmware updates through the manufacturer. The reason you need to register the product is that you’ll receive firmware updates and security alerts automatically through the manufacturer.

Third, make sure your networking equipment has secure passwords and robust security software installed. Ask the manufacturer or installer what they recommend.

If you have old or outdated equipment, you need to assess it immediately. When was the last time firmware was updated? Do you receive regular updates and communication with the manufacturer? Have there been any security vulnerabilities with your products?

Talk to I.T Supply Solutions Today

If you have older or outdated networking equipment, a professional IT asset disposition company like I.T. Supply Solutions can help you assess what you have and suggest updates to your equipment.

We can remarket your equipment or recycle it. We could also provide you with wholesale used computer equipment that meets modern standards and protocols. No matter what you choose, you save a little money on the process of upgrading your networking equipment. 

Contact I.T. Supply Solutions or call 859-694-0602 for more information.

More To Explore

Electronics Recycling Day to benefit the Independence Police Department's K-9 Unit

Sponsored by the Independence Police Department & I.T. Supply Solutions

Items collected include desktops, laptops, phones (landlines or cellular), flat monitors, servers, loose hard drives, calculators, and cameras.

Please note: No old TVs, microwaves, or bulky monitors.

Donations can be dropped off or made by mail. Check or money order to be made payable to ‘City of Independence’ to:

Independence Police Department
Canine Unit Donation
5409 Madison Pike
Independence, Kentucky 41051
Dropbox available in parking lot

Send contributions via Venmo to Independence Canine using @Independence-Canine.