SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Report: Suspected Chinese Hackers Had Deep Access Inside Nortel for Nearly a Decade

Reports of yet another significant incident of international corporate espionage surfaced this morning, with the Wall Street Journal reporting that for nearly a decade, hackers had widespread access to the corporate computer network of former telecom giant Nortel Networks Ltd.

According to the Wall Street Journal, using just seven passwords taken from Nortel executives, including that of their CEO, the hackers penetrated Nortel’s systems at least as far back as 2000. 

Reports of yet another significant incident of international corporate espionage surfaced this morning, with the Wall Street Journal reporting that for nearly a decade, hackers had widespread access to the corporate computer network of former telecom giant Nortel Networks Ltd.

According to the Wall Street Journal, using just seven passwords taken from Nortel executives, including that of their CEO, the hackers penetrated Nortel’s systems at least as far back as 2000. 

Nortel HackedBrian Shields, who spent 19-year with the company and headed up an internal investigation, told the Journal that over the years the hackers—suspected to be from China– downloaded technical papers, company R&D reports, business plans, employee emails and other documents.

The hackers also embedded malicious spyware so deeply on some systems that it took years to realize the extensiveness of the problem, according Shields and documents reviewed by The Wall Street Journal. They “had access to everything,” Shields told the Journal. “They had plenty of time. All they had to do was figure out what they wanted.”

The Journal quotes an internal report, saying that Nortel “did nothing from a security standpoint” to keep out the hackers, other than resetting the seven passwords.

Nortel, once North America’s largest telephone equipment maker with over 32,00 employees, filed for bankruptcy in January 2009. The company’s market cap was over $300 billion in 2000, making it one of the most valuable companies globally by market cap.

Commenting on the Nortel breach, Neil Roiter, research director at Corero Network Security, believes the incident is both disturbing and instructive. “Organizations need to ensure they have the proper tools at the perimeter and within their networks, and aggressive monitoring to detect outbound traffic and suspicious activity in the event of a breach,” Roiter said. “The Aurora attacks, the RSA breach and others demonstrate that Fortune 500 companies and other large enterprises are under constant threat from nation states such as China seeking shortcuts to technological advances.”

Advertisement. Scroll to continue reading.

Read the full Story at the Wall Street Journal here.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

More from

Latest News

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: How Modern Breaches Bypass MFA and Evade Detection
June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Register

Webinar: Modern Exposure Validation in the AI Era
June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

Register

People on the Move

Stephen Garcia has been named Chief Information Security Officer at BreachRx.

Kasper Lindgaard has been appointed Vice President of Security Strategy at CoreView.

Chaim Mazal has been named Chief Information Security Officer at GitLab.

More People On The Move

Expert Insights

Popular Topics

Security Community

Stay Intouch

About SecurityWeek

News Tips

Got a confidential news tip? We want to hear from you.

Submit Tip

Advertising

Reach a large audience of enterprise cybersecurity professionals

Contact Us

Daily Briefing Newsletter

Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.