Tips for avoiding fake gear and what to do if businesses discover phoney devices on the network.

networking, data centre
Credit: Dreamstime

In today challenging business and economic environment, everybody’s looking for a deal. Yet there is one “bargain” that network managers should avoid at all costs – low-priced network devices that turn out to be counterfeit.

No competent network manager would intentionally purchase a faux network component, but that doesn’t mean it never happens. “If signs of counterfeit parts were obvious, this issue would probably be resolved quickly,” says John Loucaides, senior vice president of strategy at security technology provider Eclypsium.

Virtually every type of network device is shadowed by one or more unauthorised doppelgängers. Fake drop-in replacements are particularly prevalent.

“This enables a wide variety of cheaper parts to be used in a non-obvious way, maximising the benefit of providing a counterfeit device,” Loucaides says. Sometimes, however, only a single component within a device is counterfeited. “Given a financial motive, this is likely the most expensive part being substituted for a cheaper part,” he says.

Routers and switches are perhaps the most frequently counterfeited devices. “A network switch can still appear to do its job, even with inferior internal components or systems that bypass a network’s security,” says Maria Britton, CEO of trade show attendee advisory firm Trade Show Labs.

Network device counterfeits are abundant simply because they promise a huge financial return on a relatively small investment. In July 2022, the U.S. Justice Department issued an indictment charging a Florida resident with importing and selling counterfeit Cisco networking equipment that, if authentic, would be worth more than $1 billion.

According to the indictment, Onur Aksoy, 38, of Miami, allegedly imported tens of thousands counterfeit Cisco networking devices from China and Hong Kong. The units were then resold to customers in the U. S. and elsewhere, falsely represented as new and genuine. The operation allegedly generated over $100 million in revenue over nearly a decade.

Counterfeit gear raises security concerns

The faux device bought on the cheap might function perfectly well and give no indication that it’s not legit – at least at first. “Often, there’s no obvious difference between a normal device and a counterfeit device,” Loucaides says. But over time, the device can begin to exhibit degraded performance, unreliable operation and anomalous behaviour.

Network downtime caused by a failed device can cripple an enterprise network for hours or days, depending on the unit’s location and role. “Besides quality issues creating a poor network experience, the potential to compromise security and create backdoors is simply frightening,” says David Lessin, a director with global technology research and advisory firm ISG.

Loucaides adds that the biggest danger posed by fake equipment is that it may host malicious software or firmware, leaving the network open to attackers, spies, and other types of troublemakers. “Whether it’s a nation-state, a botnet, or a ransomware actor, the supply chain has become increasingly appealing for attackers to introduce a hook that allows control, persistence, or disruption of critical networks,” Loucaides warns.

And, of course, the company has to incur the financial cost of replacing the defective device with genuine equipment.

How to tell if gear is counterfeit

The most obvious sign that a device may be counterfeit is its price. “Too good to be true is just that,” says Lessin. He also urges purchasers to keep a sharp eye out for small details that counterfeiters often overlook, such as packaging design and quality, as well as documentation language.

Most of the legitimate networking vendors offer comprehensive tutorial videos showing how to tell if you’re using an authentic product, says Keatron Evans, principal security researcher at security education provider Infosec Institute.

“If you can’t verify something as authentic, you should count it as potentially counterfeit,” he advises. “Trying to do it the other way around, by looking for signs of counterfeiting, is not as effective because of how rapidly things change.”

Unfortunately, for many victims, a bogus component will reveal its true fake identity only after it has been deployed. “Counterfeits are most commonly identified when the device fails,” says Mike Mellor, vice president of cybersecurity consulting at managed security services provider Nuspire.

How to avoid buying fakes

The best way to keep fake equipment off the network is to buy directly from the original equipment manufacturer, a certified partner, or a value-added reseller. “Arguably, a significant portion of the ‘value add’ from a reseller is the assurance of authenticity,” Lessin says.

When acquiring hardware from any source, pay careful attention to the item’s serial number and, if possible, check it against the manufacturer’s database, Britton says. “It can also be helpful to actually look inside network gear to identify any parts that don’t look like those in a known authentic unit.”

Most vendors apply one or more genuine product-type labels or branding marks to their devices. Look for such tags on packaging, external cases, and internal components, such as circuit boards, Evans says.

Resist the temptation to buy equipment from eBay or other discount online resellers, Mellor says. “Make sure that devices are purchased from an authorised reseller,” he recommends. Purchasing from bottom-dwelling resellers is akin to gambling. “The price may be attractive but may cost more in the long-run when the device fails and needs to be replaced.”

Loucaides says that his organisation, for internal research purposes, acquired network devices from a random selection of eBay marketers and several other online shopping sites. The results were far from encouraging. 

“Through these acquisitions, we have observed unauthorised transfers of equipment from large corporations, devices that were not as advertised, and devices that contained unexpected components,” he says.

Unfortunately, even the most careful shopper can get stuck with a bogus network device. Counterfeits can even be surreptitiously inserted into a manufacturer’s supply chain. 

Besides checking the unit’s serial number validity, Mellor also suggests updating the device’s firmware and software to the most current manufacturer-recommended versions. “Counterfeits often fail when updated,” he explains.

Common sense usually wins the day when shopping for network gear. “Make sure you only purchase from trusted third-party vendors or directly from the equipment vendors themselves,” Evans recommends.

Steps to take if businesses discover fake parts

Given the dangers involved, it’s never a good idea to continue using a counterfeit network device after it’s been discovered — even if it appears to be functioning normally. Once a fraudulent network device has been detected, it should be immediately isolated and replaced, Loucaides says. “Depending on the context, it may also be necessary for some backup/failover process to be invoked.” he says.

Evans recommends activating a three-step action plan. “First, contact your own legal team or representative,” he says. “Next, under their direction, and with their guidance, contact law enforcement.”

Finally, contact the vendor who supplied the counterfeit equipment. “You will also likely need to work closely with your operations team to coordinate removing the device, or devices, without causing critical service and operations disruptions,” Evans adds.

Loucaides also advises alerting the hardware manufacturer to the counterfeit gear. “Provide the details of the vendor you purchased it from and anything else they might need,” he suggests.

How to implement anti-counterfeit processes

Networks, by their very nature, are dynamic. An enterprise network is always growing and evolving. Toss in the threat posed by counterfeit equipment and it’s easy to see why network leaders need to perform regular hardware and software audits in order to monitor changes and ensure the system’s reliability and security.

It’s simply a good idea, Lessin says. “Even if you followed a safe path, an audit can confirm that nothing counterfeit has been introduced,” he says. Relentless network expansion and sprawl makes regular audits even more necessary. “Many network managers are thousands of miles from the assets they are responsible for,” Lessin adds.

Strong asset management and supply change risk management practices are also necessary to ensure the acquisition of authentic network devices, Mellor says. These elements are critical components within a strong security program and always a good idea. Maintaining service contracts is also a smart move, Mellor adds. “Manufacturers will not provide a service agreement if they determine the device is counterfeit.”

Like a growing number of industry observers, Loucaides believes that counterfeiting isn’t limited to only network hardware. “It affects every component inside every device,” he states. “It even affects the software, leading to all the interest in the Software Bill of Materials (SBOM).”

Akin to the packaging found on food products that describes ingredients and nutritional data, SBOM is a nested description of software components and metadata that can be used to verify that the software is not counterfeit.

Visibility into all of the hardware and software components that make up a networking device should be the first step toward addressing the challenge of counterfeit gear. Loucaides adds, “We need tools today that work on existing software, firmware, and hardware to detect backdoors and tampering, including counterfeits.”

TECH NEWS RELATED

TikTok EU ban on the table if social network doesn’t comply with new laws

TikTok is one of the most popular social networks out there. But TikTok is also a cause of concern for western governments that worry about the company’s ties to the Chinese government. TikTok can’t run on most devices the US government issues, and there has been talk of a ...

View more: TikTok EU ban on the table if social network doesn’t comply with new laws

Don’t Buy a Foldable Until Samsung Brings This Prototype to Life

Samsung Display via The Verge The world of foldable phones is surprisingly stagnant. The Galaxy Z Fold gets a tiny little upgrade every year, and rival phone brands loosely copy Samsung’s homework. But a new Samsung Display prototype called the “Flex In & Out” could turn this narrative on ...

View more: Don’t Buy a Foldable Until Samsung Brings This Prototype to Life

Best free sports streaming apps in 2023

Cutting the cord on cable television is something tons of people have done over the past five years. But that hasn’t proven to be the smartest way to continue to watch sports. Whether it comes from premium sports website subscriptions to keep tabs on your favorite players, or even fantasy ...

View more: Best free sports streaming apps in 2023

Avengers 5 might have Ant-Man in it, Quantumania star teases

The first MCU Phase 5 movie will be Ant-Man and the Wasp: Quantumania, the third installment in the Ant-Man franchise and a film with much higher stakes than the previous episodes. The sequel will deliver the MCU’s first Kang (Jonathan Majors) villain after we met a somewhat good He Who ...

View more: Avengers 5 might have Ant-Man in it, Quantumania star teases

Sharing a Netflix Account? Get Ready to Pay For It

DANIEL CONSTANTE/Shutterstock.com Netflix is about to get serious in its efforts to eliminate freeloaders. If you share a Netflix account with family or friends outside your household, get ready to pay for it. A new “paid sharing” system could roll out starting next month, and you’ll have to pay a ...

View more: Sharing a Netflix Account? Get Ready to Pay For It

‘7 Wonders’ Board Game Gets a New ‘Edifice’ Expansion

Asmodee and Repos Production Board game lovers have a wonderful reason to celebrate today. Board game makers Asmodee and Repos Production announced their latest collaboration: 7 Wonders Edifice, an expansion to the popular board game 7 Wonders. The game launches on February 24th for $29.99. 7 Wonders: Edifice adds ...

View more: ‘7 Wonders’ Board Game Gets a New ‘Edifice’ Expansion

T-Mobile Kicks Off 2023 With Another Data Breach

r.classen / Shutterstock.com In a press release, T-Mobile confirms that it detected a data breach in its systems on January 5th. A “bad actor” managed to steal personal information (but not financial data) from around 37 million customers. This is the eighth T-Mobile data breach since 2018. The hacker ...

View more: T-Mobile Kicks Off 2023 With Another Data Breach

Apple appeals to UK competition watchdog investigation about mobile browser dominance

Apple has filed an appeal against the UK’s competition watchdog regarding its dominance of mobile browsers in the cloud gaming market, reports Reuters. The Competition and Markets Authority started investigating this dominance by the Cupertino firm and Google. Lawyers representing Apple believe the investigation should be reviewed as CMA ...

View more: Apple appeals to UK competition watchdog investigation about mobile browser dominance

Galaxy S23 Ultra release date and specs leak finally reveals everything about the new model

WhatsApp for iOS rolling out the ability to create a chat with yourself

Amazon Prime Music Unlimited changes streaming prices, now matches Apple Music

Deadpool 3 and Secret Wars to feature Fox’s X-Men, according to Marvel insider

Report: OLED iPad Pro still on track for 2024 release, 2026 for MacBook Pro

How to negotiate over practically anything

HomePod 2 praised in exclusive hands-on before launch

M2 Pro MacBook Pro Amazon preorder deal gives you $50 off

What “choice” means for millions of women post-Roe

Singapore FinTech firm Pilon secures $5.2M seed funding led by Wavemaker Partners

Capital Square Partners and Basil Technology team up for $700M tech fund in Asia

This feel-good movie about man’s best friend is dominating Netflix

OTHER TECH NEWS

Top Car News Car News