The story on ComputerWeekly.com about fake Cisco hardware should send a shiver down the spine of everyone managing a security infrastructure. It’s not just the issue of dodgy gear that’s likely to fail, but also the possibility – likelihood – of Trojan code added to the build quietly compromising your network.
It’s the same as buying conterfeit software. You never really know what else is included in the package but more likely than not it’ll be keyloggers and other malware. When the fake goods are the hardware required to protect your network and route traffic around it, then it’s pretty much a case of game over – in hacker terminology: you’ve been owned!
There’s lots of good advice out there about how to spot a fake however, this story has been floating around for a couple of years, as evidenced by this report from 2005. So just how much fake Cisco hardware is already running on our networks and how confident are we that what’s in place (which – face it – isn’t always very conveniant to switch off to open up and check while it’s running in a rack) is genuine? The same goes for all your partners and ISPs and others processing and hosting your data in various parts of the world….
The full story on cw.com is here.