SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Report: Suspected Chinese Hackers Had Deep Access Inside Nortel for Nearly a Decade

Reports of yet another significant incident of international corporate espionage surfaced this morning, with the Wall Street Journal reporting that for nearly a decade, hackers had widespread access to the corporate computer network of former telecom giant Nortel Networks Ltd.

According to the Wall Street Journal, using just seven passwords taken from Nortel executives, including that of their CEO, the hackers penetrated Nortel’s systems at least as far back as 2000. 

Reports of yet another significant incident of international corporate espionage surfaced this morning, with the Wall Street Journal reporting that for nearly a decade, hackers had widespread access to the corporate computer network of former telecom giant Nortel Networks Ltd.

According to the Wall Street Journal, using just seven passwords taken from Nortel executives, including that of their CEO, the hackers penetrated Nortel’s systems at least as far back as 2000. 

Nortel HackedBrian Shields, who spent 19-year with the company and headed up an internal investigation, told the Journal that over the years the hackers—suspected to be from China– downloaded technical papers, company R&D reports, business plans, employee emails and other documents.

The hackers also embedded malicious spyware so deeply on some systems that it took years to realize the extensiveness of the problem, according Shields and documents reviewed by The Wall Street Journal. They “had access to everything,” Shields told the Journal. “They had plenty of time. All they had to do was figure out what they wanted.”

The Journal quotes an internal report, saying that Nortel “did nothing from a security standpoint” to keep out the hackers, other than resetting the seven passwords.

Nortel, once North America’s largest telephone equipment maker with over 32,00 employees, filed for bankruptcy in January 2009. The company’s market cap was over $300 billion in 2000, making it one of the most valuable companies globally by market cap.

Commenting on the Nortel breach, Neil Roiter, research director at Corero Network Security, believes the incident is both disturbing and instructive. “Organizations need to ensure they have the proper tools at the perimeter and within their networks, and aggressive monitoring to detect outbound traffic and suspicious activity in the event of a breach,” Roiter said. “The Aurora attacks, the RSA breach and others demonstrate that Fortune 500 companies and other large enterprises are under constant threat from nation states such as China seeking shortcuts to technological advances.”

Read the full Story at the Wall Street Journal here.

Advertisement. Scroll to continue reading.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

More from

Latest News

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Virtual Event: Threat Detection and Incident Response Summit
Wednesday, May 24, 2023

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Virtual Event: CISO Forum Virtual Summit
June 13-14, 2023

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

RSA Conference 2023 RSA Conference 2023

Management & Strategy

RSA Conference 2023 – Announcements Summary (Day 1)

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

April 25, 2023
Comcast Wants a Slice of the Enterprise Cybersecurity Business

Security Infrastructure

Comcast Wants a Slice of the Enterprise Cybersecurity Business

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

February 6, 2023
XDR and the Age-old Problem of Alert Fatigue

Security Infrastructure

XDR and the Age-old Problem of Alert Fatigue

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

January 6, 2023
Saviynt Raises $205M; Founder Rejoins as CEO

Funding/M&A

Saviynt Raises $205M; Founder Rejoins as CEO

Identity and access governance vendor Saviynt has closed a $205 million financing round.

January 31, 2023
Zero Trust Model Zero Trust Model

Cloud Security

The History and Evolution of Zero Trust

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

July 11, 2022
‘No Evidence’ of Cyberattack Related to FAA Outage, White House Says

Government

‘No Evidence’ of Cyberattack Related to FAA Outage, White House Says

January 11, 2023
Swimlane Launches Security Automation Ecosystem for OT

ICS/OT

Swimlane Launches Security Automation Ecosystem for OT

Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

November 15, 2022
NSA Publishes Recommendations on Securing IPsec VPNs

Identity & Access

NSA Publishes Recommendations on Securing IPsec VPNs

The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).

July 6, 2020