Call me a little slow on the uptake, but I had no idea about how bad the counterfeit network hardware issue was until I became a victim myself. According to KPMG, almost 10% of gear out there is suspected to be counterfeit. That amounts to billions of dollars per year in bogus equipment floating around out there. Fake gear could be running in your data center now -- it was in mine.
Call me a little slow on the uptake, but I had no idea about how bad the counterfeit network hardware issue was until I became a victim myself. According to KPMG, almost 10% of gear out there is suspected to be counterfeit. That amounts to billions of dollars per year in bogus equipment floating around out there. Fake gear could be running in your data center now -- it was in mine.Until recently, I would have had no problem buying Cisco gear from any source for deployment in my network. I mean, its Cisco, right? (Insert Jeopardy buzzer sound here). Boy, was I wrong, and I should have known better. If the price is too good to be true, then it probably is. I first became aware of the counterfeit gear issue after personally buying a bogus T1 WIC for a Cisco 2600 series router. After getting undressed by a Cisco partner for buying a bad WIC on eBay, I started to read up on the bogus gear issue. That's when I came across a news release by the Department of Justice and Homeland Security earlier this year regarding a bust of fake networking gear amounting to a street value of $76 million dollars.
Unfortunately for all of us, the problem isn't confined to eBay. Even Cisco authorized resellers are victims of sourcing stock through illegitimate channels. And the impact on our production networks is much more far reaching than having a serial interface buckle intermittently. And what of the security threat associated with fake Cisco gear? How difficult would it be to burn malware into the ROM of a fake router? I'm not an embedded hardware engineer, but in my opinion, if you're good enough to make a router or switch that looks and works like the real deal, then you're good enough to develop a back door into that equipment.
Thankfully, Cisco is all over this issue like a mosquito on an open wound. UsedCisco.com, a large, preowned equipment sales outfit not affiliated with Cisco, released a set of guidelines for minimizing your risk when buying used. At the top of the list of things to be wary of is sourcing parts from Chinese suppliers. According to Cisco, the bulk of fake gear is coming out of China, so you need to vet these suppliers carefully by looking at feedback and references where they exist. Simultaneously, check with Cisco and have them run your serial numbers against their private database. You also should be wary of the ridiculously low pricing on gear compared with market value. Lastly, get a warranty on used gear from your supplier. That shifts the risk away from you and back to the supplier.
Have you discovered that you've purchased fake gear? Reply to my blog and share your story with our readers. Let us know what led you to realize that you had bought a bogus piece of hardware.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.