Reports of yet another significant incident of international corporate espionage surfaced this morning, with the Wall Street Journal reporting that for nearly a decade, hackers had widespread access to the corporate computer network of former telecom giant Nortel Networks Ltd.
According to the Wall Street Journal, using just seven passwords taken from Nortel executives, including that of their CEO, the hackers penetrated Nortel’s systems at least as far back as 2000.
Brian Shields, who spent 19-year with the company and headed up an internal investigation, told the Journal that over the years the hackers—suspected to be from China– downloaded technical papers, company R&D reports, business plans, employee emails and other documents.
The hackers also embedded malicious spyware so deeply on some systems that it took years to realize the extensiveness of the problem, according Shields and documents reviewed by The Wall Street Journal. They “had access to everything,” Shields told the Journal. “They had plenty of time. All they had to do was figure out what they wanted.”
The Journal quotes an internal report, saying that Nortel “did nothing from a security standpoint” to keep out the hackers, other than resetting the seven passwords.
Nortel, once North America’s largest telephone equipment maker with over 32,00 employees, filed for bankruptcy in January 2009. The company’s market cap was over $300 billion in 2000, making it one of the most valuable companies globally by market cap.
Commenting on the Nortel breach, Neil Roiter, research director at Corero Network Security, believes the incident is both disturbing and instructive. “Organizations need to ensure they have the proper tools at the perimeter and within their networks, and aggressive monitoring to detect outbound traffic and suspicious activity in the event of a breach,” Roiter said. “The Aurora attacks, the RSA breach and others demonstrate that Fortune 500 companies and other large enterprises are under constant threat from nation states such as China seeking shortcuts to technological advances.”
Read the full Story at the Wall Street Journal here.

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.
More from Mike Lennon
- Watch Now: Threat Detection and Incident Response Virtual Summit
- Registration Now Open: 2023 ICS Cybersecurity Conference | Atlanta
- NetRise Adds $8 Million in Funding to Grow XIoT Security Platform
- Virtual Event Today: Zero Trust Strategies Summit
- Virtual Event Tomorrow: Zero Trust Strategies Summit
- Watch: How to Build Resilience Against Emerging Cyber Threats
- Video: How to Build Resilience Against Emerging Cyber Threats
- Webinar Today: Understanding Hidden Third-Party Identity Access Risks
Latest News
- Insider Q&A: Artificial Intelligence and Cybersecurity In Military Tech
- In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack
- OpenAI Unveils Million-Dollar Cybersecurity Grant Program
- Galvanick Banks $10 Million for Industrial XDR Technology
- Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer
- US, South Korea Detail North Korea’s Social Engineering Techniques
- High-Severity Vulnerabilities Patched in Splunk Enterprise
- Idaho Hospitals Working to Resume Full Operations After Cyberattack
