Tuesday, February 21, 2012

Report: Suspected Chinese Hackers Had Deep Access Inside Nortel for Nearly a Decade | SecurityWeek.Com

Report: Suspected Chinese Hackers Had Deep Access Inside Nortel for Nearly a Decade

Reports of yet another significant incident of international corporate espionage surfaced this morning, with the Wall Street Journal reporting that for nearly a decade, hackers had widespread access to the corporate computer network of former telecom giant Nortel Networks Ltd.

According to the Wall Street Journal, using just seven passwords taken from Nortel executives, including that of their CEO, the hackers penetrated Nortel's systems at least as far back as 2000. 

Nortel HackedBrian Shields, who spent 19-year with the company and headed up an internal investigation, told the Journal that over the years the hackers—suspected to be from China-- downloaded technical papers, company R&D reports, business plans, employee emails and other documents.

The hackers also embedded malicious spyware so deeply on some systems that it took years to realize the extensiveness of the problem, according Shields and documents reviewed by The Wall Street Journal. They "had access to everything," Shields told the Journal. "They had plenty of time. All they had to do was figure out what they wanted."

The Journal quotes an internal report, saying that Nortel "did nothing from a security standpoint" to keep out the hackers, other than resetting the seven passwords.

Nortel, once North America's largest telephone equipment maker with over 32,00 employees, filed for bankruptcy in January 2009. The company's market cap was over $300 billion in 2000, making it one of the most valuable companies globally by market cap.

Commenting on the Nortel breach, Neil Roiter, research director at Corero Network Security, believes the incident is both disturbing and instructive. "Organizations need to ensure they have the proper tools at the perimeter and within their networks, and aggressive monitoring to detect outbound traffic and suspicious activity in the event of a breach," Roiter said. "The Aurora attacks, the RSA breach and others demonstrate that Fortune 500 companies and other large enterprises are under constant threat from nation states such as China seeking shortcuts to technological advances."

Read the full Story at the Wall Street Journal here.

Posted via email from Tony Burkhart

No comments:

Post a Comment