As cybersecurity threats continue to evolve, so do the methods attackers use to gain access. Most people associate ransomware with phishing emails or weak passwords. But there’s another growing risk—retired IT equipment that hasn’t been properly decommissioned.
Recent reports confirm that the Qilin ransomware operation has started exploiting critical Fortinet vulnerabilities to gain access to networks. These flaws allow attackers to bypass authentication and remotely execute malicious code. Many of the affected systems were unpatched or not fully secured—some even long past their intended lifecycle.
The Risk of Ghost Assets
We call them “ghost assets”—retired devices that still carry sensitive data but are no longer being tracked. These can include everything from networking equipment and firewalls to laptops, external drives, and outdated servers. Often overlooked as “low risk,” items like routers, switches, and access points may still contain drives, flash memory, or saved configurations that expose IP addresses, network credentials, and other critical information.
Maybe they were set aside during a hardware upgrade or shoved in a closet during a migration project. But if they haven’t been properly wiped and decommissioned, they remain a liability.
And in some cases, those systems are still powered on and connected—quietly waiting for the wrong hands to find them.
What This Means for Your Organization
Organizations across all sectors—healthcare, education, finance, manufacturing, and government—face growing risks tied to end-of-life technology. These ghost assets may be out of sight, but they’re not out of reach for ransomware actors.
Attackers are opportunistic. Automated tools are scanning networks for vulnerable Fortinet devices and other outdated infrastructure, regardless of the organization’s size or industry.
What You Can Do
Good cybersecurity involves more than software updates and firewalls. It means knowing where your equipment is, what’s on it, and how it’s being retired. Here are a few important steps:
- Keep a complete inventory of data-bearing devices
- Wipe and verify data destruction before disposal
- Use a certified ITAD provider that documents the entire process
At SEAM, we help organizations of all sizes close this gap. Our certified ITAD services provide secure data destruction, full audit trails, and environmentally responsible recycling for businesses and public entities across the region.
If you’re not sure what’s still sitting unused in your building—or what might be connected to your network without oversight—now is the time to find out. We’re here to help you prevent tomorrow’s problems by addressing today’s risks.
Clint Parsons is the Director of Strategy and Information at SEAM, specializing in building partnerships with businesses of all sizes. He ensures clients effectively navigate secure data destruction, responsible recycling, and maximize the resale value of their IT equipment while staying compliant with evolving regulations.