谨防假冒网络设备

假冒硬件，特别是在企业环境中，是一个经常被忽视的反复出现的问题。将这些设备放在网上会带来严重的财务、运营和安全风险。

7月15日，网络安全公司F-Secure发布了一份调查报告，详细列出了假冒的Cisco Catalyst 2960-X系列开关。该报告强调了在其IT基础设施中发现假冒设备的组织所面临的挑战。

调查集中在一对假冒的网络交换机上。调查人员确定，仿冒品被设计成绕过认证系统组件的过程。该报告称，这一结论凸显了假冒硬件带来的安全挑战。

F-Secure Consulting的硬件安全团队调查了Cisco Catalyst 2960-X系列开关的两种不同的仿造版本。一家IT公司在一次软件升级后发现了这些仿冒品。

这是伪造或修改硬件对新软件的常见反应。在该公司的要求下，F-Secure Consulting对仿冒品进行了彻底的分析，以确定其安全影响。

“假冒卡西欧设备确实是一个长期存在的问题。此前媒体的多次报道充分强调了这一点，”F-Secure咨询公司硬件安全团队的高级顾问Dmitry Janushkevich告诉TechNewsWorld。

该报告是一份真实的、详细的关于假冒设备如何工作的技术分析。他补充说，这说明了现有的IP是如何被破坏、复制和绕过安全保护，从而制造出几乎完美的现有产品克隆品的。

原文：Counterfeit hardware, especially in corporate settings, is a recurring problem that often goes unnoticed. Having such gear online poses serious financial, operational, and security risks.

Cybersecurity company F-Secure on July 15 released an investigative report detailing counterfeit Cisco Catalyst 2960-X series switches. The report highlights challenges facing organizations that discover counterfeit devices in their IT infrastructure.

The investigation centered on a pair of counterfeit network switches. Investigators determined that the counterfeits were designed to bypass processes that authenticate system components. That conclusion highlights the security challenges posed by counterfeit hardware, according to the report.

F-Secure Consulting's Hardware Security team investigated two different counterfeit versions of the Cisco Catalyst 2960-X series switches. The counterfeits were discovered by an IT company after a software update stopped them from working.

That is a common reaction of forged or modified hardware to new software. At the company's request, F-Secure Consulting performed a thorough analysis of the counterfeits to determine the security implications.

"Counterfeiting of Cisco gear is indeed a long-standing issue. Multiple prior reports in the media highlight this well enough," Dmitry Janushkevich, senior consultant with F-Secure Consulting's Hardware Security team, told TechNewsWorld.

The report is a real-life, detailed technical analysis on how counterfeit devices work. It illustrates how existing IP can be compromised, duplicated, and security protection bypassed to make almost perfect clones of existing products, he added.