Are there circumstances when retired computer or server hardware can be dangerous? The engineering team for one of our manufacturing clients experienced these hazards recently. The 20 second background is as follows:

• This manufacturer periodically retires workstation hardware, but is unwilling to dispose of it promptly

• They had a situation in which they needed to connect up an older printer which is not supported by any modern 64-bit Windows systems, but which they needed to test in a lab environment for a customer

• The engineering staff pulled out a long-retired Windows 7 workstation which was not bootable, removed the hard drive, and connected it as a slave to a current workstation

• The engineer began to copy data off the old hard drive onto one of their servers, and the antivirus on the server detected ransomware during the copy process which halted any infection process

Is there a lesson to be learned here?

• Retired equipment is retired for a reason…shred the hard drives and recycle in a timely manner

• Ensure that your managed antivirus is configured according to vendor best practices

• Ensure that your antivirus is ACTUALLY MONITORED and set up to alert