Nortel Breach Started in 2000Hackers Accessed Sensitive Company Information
Nortel Networks Ltd. has been the victim of a hacking campaign for more than a decade. The breach gave attackers access to Nortel's corporate computer network and sensitive company information, according to news reports.
See Also: The Global State of Online Digital Trust
Since as far back as 2000, hackers appearing to come from China have had access to the telecommunications company's network through the use of seven stolen passwords from top Nortel executives, including the chief executive, according to the Wall Street Journal.
Using the stolen log-in credentials, hackers were able to download technical papers, research-and-development reports, business plans, employee e-mails and other documents, Brian Shields, a former Nortel employee who led an internal investigation into the breach, told the newspaper. The company still has not determined how the seven passwords were initially compromised, according to the report.
Nortel could not confirm whether the breach continued after it filed for bankruptcy in 2009, according to news reports. The company is in the process of liquidating its assets.
The breach was first discovered in 2004, after an employee noticed that a top executive was downloading an unusual set of documents, according to eWeek.com. Upon investigation, an internal team at Nortel was able to trace the activity to China-based IP addresses.
The company hasn't released a statement on the breach.
Shields claims Nortel's network made it simple for hackers to access information due to lack of controls within the system.
According to the Wall Street Journal's review of the company's internal report, Nortel didn't take any action from a security standpoint once the breach was discovered. Shields stated that six months after the discovery of the breach, the network was still compromised, with computers sending data to Shanghai-based IP addresses. When Shields suggested that further security steps be taken, the company declined, according to eWeek.
Upon his departure from the company in 2009 due to the bankruptcy, Shields found out that a sophisticated form of spyware had been detected on two computers, eWeek reports.