Chinese hackers allegedly used seven passwords stolen from top executives of Nortel Networks, the once telecommunications giant, to hack into their system and acquire trade secrets.

According to the Wall Street Journal, the hackers, presumably form China, penetrated Nortel’s computers as early as the year 2000 and downloaded technical papers, research-and-development reports, business plans, employee emails and other documents.
Brian Shields, a former 19-year Nortel veteran who led an internal investigation, it took them years to determine the extent of the hacking problem because the hackers hid spyware so deep into employees’ computers.  Shields stated that the hackers had access to everything Nortel was doing or planning and they had plenty of time to acquire all the intelligence they needed.

An internal report from Nortel stated that the company did nothing about the hacking incident except change the seven stolen passwords.  They did not even disclose the incident or provide a security fix to buyers such as Ericsson, Avaya Inc., Genband and Ciana.  Nortel has filed for bankruptcy three years ago.  The problem with this is that when assets or patents are bought, the spyware comes with the package.

Sean McGurk, who until recently ran the U.S. government’s cybersecurity intelligence center stated that, “When you’re buying those files or that intellectual property, you’re also buying that ‘rootkit,'” he said, quoted in the WSJ, using a term that refers to embedded spy software.

A spokesman from Ciena stated that they were not informed of the breach during the sales of the Nortel assets while a spokeman of Avaya stated that they learned about the breach after their acquisition.  They reviewed the situation and “disposed of it to our satisfaction.”

The Nortel breach was revealed in time for China’s vice president, Xi Jinping, visit to the US.  China is seeking to promote a greater trust between the two countries and the possible expansion of China’s access to U.S. high-tech markets at a time when U.S. intelligence officials expressed increasing alarm regarding cyberspying which they believe is government-sponsored.

The Chinese government denied allegations of cyberspying.  The Chinese embassy in Washington stated that “cyber attacks are transnational and anonymous” and shouldn’t be assumed to originate in China “without thorough investigation and hard evidence,” when specifically asked about the Nortel incident.

Nortel also kept mum about the issue.  They are now in the final stages of selling their company since they filed for brankruptcy in 2009.

The breach was discovered in 2004 when a Nortel employee noticed that one of their top executives was downloading a questionable set of documents.  After a few months, Shields started to notice that a few computers on the network were sending small bursts of data to one of the same Internet addresses in Shanghai involved in the password-hacking episodes.  Upon investigation, Shields determined that the computers suspected to be compromised, though passing Nortel’s antivirus test, were found having spyware capable of being accessed remotely.  Employees’ emails were also being monitored by the hackers. Shields was appalled for Nortel’s deliberate move to hide the incident to buyers.

Shields recalled warning Nortel that their system was breached even if he was laid off but Nortel execs denied receiving any reports from Shields nor his warning.

According to some reports, the hacking of Nortel may be part of a larger security breach.  China and Russia have been known to acquire sensitive technology for their own economic development by any means but the US government does not participate in economic espionage as part of its national policy.

Looking at the big picture here, if hackers can easily access companies without their knowledge, everything about that company, along with their technology and employee profile can be used to cause trouble.  And with the government’s approval of using iOS and Android devices for work use, isn’t this alarming?  We all know that Chinese factories supply parts for the devices we all so love, so what’s stopping hackers from putting spywares in these gadgets?  For all we know, there are already loads of apps available harboring spyware.

But this is probably the most disturbing part, according to Akshay Sharma quoted in the Huffington Post, an analyst at the research firm Gartner Inc., Nortel’s gear is still used to route phone calls and Internet traffic by major telecom providers, government agencies, hospitals and banks using private networks.  So all of these agencies, organizations and companies, there’s a high probability that they are being monitored by hackers.