Nortel: From Bankruptcy to Industrial Espionage Victim

Wednesday, February 15, 2012

Pierluigi Paganini

03b2ceb73723f8b53cd533e4fba898ee

(Translated from the original Italian)

By now the news of successful attacks perpetrated against private companies are no longer surprising,except for the disclosure of inefficiencies in the implemented security policies. 

The Wall Street Journal has reported the news that the telecom company Nortel Networks has been repeatedly exploited by Chinese hackers for a long time - almost a decade.

Cyber threats are real and can lead to catastrophic consequences. An intense espionage operation conducted for years has effectively exposed all company business to competitors and hostile governments like China.

Former Nortel employee Brian Shields conducted internal investigation regarding possible security breaches and attacks designed to steal sensitive information belonging to the company.  

Shields declared that the hackers stole passwords from the company's top executives, the CEO included, and thus have long had access to the entire Nortel network and related data, such as Information related to the private industry in around the world.

Emerging technologies and business strategies have always been targeted by groups of hackers who are often hired by governments, as in the case of China.

The main problem is that the breach was conducted during an entire decade, with obvious consequences. The damage is incalculable if we consider the enormous amount of information stolen through the use of spyware and viruses. Emails containing information on technological solutions, business reports, and other sensitive documents were stolen for years, seriously compromising the intellectual property of the company.

Shields, who has worked at Nortel for 19 years, declared that in the last decade on several occasions suspicious activities have been detected related to external attacks.
For example, the company detected an intrusion in 2004 when several PCs were found to be sending sensitive data to an IP address based in China. 

There is no direct evidence of involvement by the Chinese government, however China is not new to these kinds of operations, and modern history has demonstrated it, - cyberspace has no borders.

Responsibility for the intrusions by the company is readily evident, and having underestimated the threat ended up compromising the company's very existence. Remember, Nortel had filed for bankruptcy in 2009.

The event is truly alarming - a nightmare - but at the same time serves asa warning to every other company.

Consider that the hacking of private corporate networks is often a shortcut to access information of governments that contract them, so the risk faced by private industry is huge and at stake is the balance of the global economy -  and how many "Nortels" are out there?

We are all potentially at risk and underestimating the threat is a serious mistake. The security landscape of cyberspace requires careful management by every company.

Wake up before it's too late!

Cross-posted from Security Affairs

Possibly Related Articles:
10927
Enterprise Security
Information Security
Enterprise Security Economy China Intellectual Property Espionage hackers breach Proprietary Information Pierluigi Paganini Nortel Brian Shields
Post Rating I Like this!
Default-avatar
Rosaria Debiase Excellent example of the actual impact of a cyber threat. What is impressive is the company's reckless behavior
1329376148
Default-avatar
thomas fernandus . Our survival has a human race depends on our ability to constantly grow.  The more universities apply their resources to research the better our chances to grow and hence survive.
write my essay for me
1329586946
Default-avatar
Eddie colin I think Government of every country take action against hackers and these types of criminals, thanks for that informative blog I am writing my Assignment on hackers and that information helpful to me.
1406101855
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.