Report: Suspected Chinese Hackers Had Deep Access Inside Nortel for Nearly a Decade | SecurityWeek.Com

http://www.securityweek.com/report-suspected-chinese-hackers-had-deep-access-inside-nortel-nearly-decade?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

Report: Suspected Chinese Hackers Had Deep Access Inside Nortel for Nearly a Decade

Reports of yet another significant incident of international corporate espionage surfaced this morning, with the Wall Street Journal reporting that for nearly a decade, hackers had widespread access to the corporate computer network of former telecom giant Nortel Networks Ltd.

According to the Wall Street Journal, using just seven passwords taken from Nortel executives, including that of their CEO, the hackers penetrated Nortel's systems at least as far back as 2000. 

Brian Shields, who spent 19-year with the company and headed up an internal investigation, told the Journal that over the years the hackers—suspected to be from China-- downloaded technical papers, company R&D reports, business plans, employee emails and other documents.

The hackers also embedded malicious spyware so deeply on some systems that it took years to realize the extensiveness of the problem, according Shields and documents reviewed by The Wall Street Journal. They "had access to everything," Shields told the Journal. "They had plenty of time. All they had to do was figure out what they wanted."

The Journal quotes an internal report, saying that Nortel "did nothing from a security standpoint" to keep out the hackers, other than resetting the seven passwords.

Nortel, once North America's largest telephone equipment maker with over 32,00 employees, filed for bankruptcy in January 2009. The company's market cap was over $300 billion in 2000, making it one of the most valuable companies globally by market cap.

Commenting on the Nortel breach, Neil Roiter, research director at Corero Network Security, believes the incident is both disturbing and instructive. "Organizations need to ensure they have the proper tools at the perimeter and within their networks, and aggressive monitoring to detect outbound traffic and suspicious activity in the event of a breach," Roiter said. "The Aurora attacks, the RSA breach and others demonstrate that Fortune 500 companies and other large enterprises are under constant threat from nation states such as China seeking shortcuts to technological advances."

Read the full Story at the Wall Street Journal here.

Tony Burkhart

me@tonyburkhart.com

http://www.tonyburkhart.com

Posted via email from Tony Burkhart

http://www.net-security.org/secworld.php?id=12429&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29

Trend Micro makes HijackThis open source

Trend Micro released HijackThis as an open source application. The code, originally written in Visual Basic, is now officially available at SourceForge.

HijackThis scans your computer to find settings changed by spyware, malware or other unwanted programs. It generates an in-depth report to enable expert users to analyze and fix an infected computer. Several security communities use HijackThis log files to help users evaluate and eradicate infections.

"This means that other people can build on a solid base to create or improve their own anti-malware tools," said Merijn Bellekom, the original creator of HijackThis.

Trend Micro will continue to maintain the original source code and will update the base code on SourceForge as developers make modifications that are essential and positive to the continued improvement of this code.

Tony Burkhart

me@tonyburkhart.com

http://www.tonyburkhart.com

Posted via email from Tony Burkhart