Cisco

Onur Aksoy, the CEO of a group of dozens of companies, was indicted for allegedly selling more than $1 billion worth of counterfeit Cisco network equipment to customers worldwide, including health, military, and government organizations.

According to the criminal complaint, the 38-year-old Florida man ran a massive operation between at least as early as 2013 and 2002, importing tens of thousands of modified low-quality networking devices for as much as 95 to 98 percent off of Cisco's MSRP from Hong Kong and Chinese counterfeiters through a network of at least 19 firms in New Jersey and Florida.

These devices were sold as new and genuine Cisco products through dozens of Amazon and eBay storefronts to customers across the United States and overseas, some ending up on the networks of hospitals, schools, government, and military orgs, per the indictment.

The fraudulent Cisco devices sold by Pro Network Entities came with performance, functionality, and safety issues that led to failures and malfunctions, which, in turn, generated significant damages to customers' operations and networks.

This happened because the counterfeiters who sold the fraudulent Cisco equipment to Aksoy were modifying older, lower-model products (some previously owned) to make them look like genuine models of new and more expensive Cisco devices.

"As alleged, the Chinese counterfeiters often added pirated Cisco software and unauthorized, low-quality, or unreliable components – including components to circumvent technological measures added by Cisco to the software to check for software license compliance and to authenticate the hardware," a US Department of Justice (DOJ) press release reads.

"Finally, to make the devices appear new, genuine, high-quality, and factory-sealed by Cisco, the Chinese counterfeiters allegedly added counterfeited Cisco labels, stickers, boxes, documentation, packaging, and other materials."

Pro Network companies and storefronts
Pro Network companies and storefronts (DOJ)

​Aksoy's companies (collectively known as Pro Network Entities) generated more than $100 million in revenue, with millions lining the defendant's pockets.

However, despite his efforts to fly under the radar by using fake delivery addresses, submitting forged paperwork, and breaking shipments into smaller parcels, between 2014 and 2022, Customs and Border Protection (CBP) agents seized roughly 180 loads of counterfeit Cisco equipment shipped to the Pro Network Entities by co-conspirators in China and Hong Kong.

In July 2021, law enforcement agents seized 1,156 counterfeit Cisco devices worth over $7 million after executing a search warrant at Aksoy's warehouse.

To top it all off, DOJ says that "between 2014 and 2019, Cisco sent seven letters to Aksoy asking him to cease and desist his trafficking of counterfeit goods."

Aksoy allegedly responded to at least two of Cisco's cease and desist letters "by causing his attorney to provide Cisco with forged documents."

The defendant was arrested in Miami on June 29, 2022, and was also charged in the District of New Jersey the same day with multiple counts of trafficking counterfeit goods and committing mail and wire fraud.

If the charges stand up in court and Aksoy gets sentenced, this goes to show how easy it could be to infiltrate critical networks if a threat actor uses a similar approach, selling genuine but backdoored networking equipment.

Related Articles:

Cisco warns of password-spraying attacks targeting VPN services

US offers up to $15 million for tips on ALPHV ransomware gang

US sanctions crypto exchanges used by Russian darknet market, banks

US sanctions APT31 hackers behind critical infrastructure attacks

US govt shares cyberattack defense tips for water utilities