Cyber security experts are not surprised hackers apparently breached Nortel Networks Corp.’s security by stealing passwords and installing spy software.
The more interesting question to the people who help corporations avoid costly industrial espionage is whether stolen intellectual property might have led to the company’s downfall.
“It makes you wonder if their problems as a business could be related to a loss of intellectual property,” says Richard Bejtlich, chief security officer at Mandiant, an information security firm that does work for the U.S. government, defence contractors and Fortune 100 companies. “Somebody clearly values it, because they’re stealing it.”
On Tuesday, The Wall Street Journal ran a story featuring a former senior systems security adviser at Nortel, Brian Shields, who said hackers “had access to everything” for almost a decade within the former crown jewel of Canada’s technology sector, which has since filed for bankruptcy after an acquisition binge during the dot-com bubble. Network security consultants were hesitant to believe every aspect of the case, such as the impression that it was orchestrated from China, since it was revealed by a former employee and many of them are privy to similar kinds of information as a result of their line of work.
But the apparent hacking of Nortel raises intriguing issues about the sheer volume of industrial espionage targeted at even the most tech-savvy companies, and what responsibilities publicly traded companies have to disclose such attacks – especially given that Nortel’s various business units have since been sold to a variety of companies, including Avaya Inc., Ciena Corp. and Telefon AB LM Ericsson. Mr. Bejtlich says his firm has received more requests in recent years, both by large firms wanting to double check before a divestiture and by companies making acquisitions.
Telecommunications is one of the many sectors – along with oil and gas and defence – that are favoured targets for industrial espionage, much of which is said to come from China and Russia. Mr. Shields, who did not return numerous requests for comment, is said to have led an internal investigation at Nortel into the hacking, which appeared to come from China. Jack Daniel, a product manager at U.S. security firm Tenable Network Security, notes that IP (Internet Protocol) addresses can be easily hidden, and that China is often used as a “big, bad, Red Scare.”
Cedric Jeannot, president of Waterloo, Ont.-based I Think Security, notes that Nortel was a renowned network company, and not an expert in security. “People get in and you don’t notice it. Unless you have a property security team in place, you won’t know of it,” Mr. Jeannot said. “If the Chinese government really wants to get in, they can do it – they have the money and the resources to do whatever they want.”
Chris Wade, a security expert who hacked into Research In Motion Ltd.’s PlayBook last year, is a bit skeptical about the Nortel case’s details. He says its doubtful a major corporation could be subject to a consistent hack of that magnitude over the course of a decade, since computers are replaced and passwords expire. “I find it hard to believe that the company’s source code and every valuable piece of information they had was available all from one network,” Mr. Wade said. “A targeted 10-year attack sounds way too co-ordinated, like something out of a movie.”