Chinese spies the real reason for Nortel’s demise
Nortel went belly up, for all intents and purposes, in 2009 when John Roth and former CEO Mike Zafirovski filed for bankruptcy (two of the three former Nortel executives are on trial for allegedly tampering with reported quarterly results hoping to cash in on millions in bonus payments) tossing Nortel workers and retirees on the street facing huge losses of their pension plans, severance, and disability protection.
But it may not have been financial greed and insecurity; it may have been a lack of attention to Internet security that splintered the company, according to numerous news reports last week.
The Wall Street Journal reported that cyberspies from China had breached Nortel’s corporate network as far back as 2000, lifting seven passwords used by executives of the company — including its CEO. Then they were able to maintain access to sensitive information for at least 10 years. So it was a major hack that did in Nortel, and not the dot-com frenzy popping its bubble, or even a financial scandal?
Sources close to Nortel in 1999 reported that indeed Nortel had been hacked.
That is what cyber-security experts are saying. (http://online.wsj.com/article/SB10001424052970203363504577187502201577054.html)
In an interview with the CBC’s As It Happens, Brian Shields, the former senior systems security adviser at Nortel for 19 years, said spying by hackers allegedly based in China “absolutely” was a “considerable factor.”
“When they see what your business plans are, that’s a huge advantage. It’s unfair business practices that really bring down a company of this size,” Shields said. (http://www.cbc.ca/news/world/story/2012/02/15/nortel-hacking-shields-as-it-happens.html)
Shields also said in A Globe and Mail article (http://www.theglobeandmail.com/report-on-business/nortel-turned-to-rcmp-about-cyber-hacking-in-2004-ex-employee-says/article2340002/?utm_medium=Feeds%3A%20RSS%2FAtom&utm_source=Home&utm_content=2340002) the company received little help from security agencies and was only approached by the Canadian Security Intelligence Service shortly before Nortel filed for bankruptcy in 2009.
Nortel were known as pioneers in computerized switches and telecom gear for global market of phones and Internet networks, but my sources have said that perhaps CSIS was involved long before 2009, in fact 10-years earlier.
But hackers had carte blanche access to the telecommunications juggernaught as around 2000, according to Shields, who launched an internal investigation of the attacks. Shields goes on to say, “They had access to everything. They had plenty of time. All they had to do was figure out what they wanted.”
That meant business plans, research and development, emails and who knows, but if Shield is right, Nortel stood still and became lax in their Internet security as the whole business slowly escaped from under their noses.
According to Shields, Nortel discovered the hacking in 2004 – though again sources are saying as early as 1996. During the 2009 bankruptcy investigation, it was revealed Nortel made no effort to determine if any of its products were breached, despite being required to disclose all risks to investors.
Some are saying that Nortel was famous for its networking materials, and were not security experts. We cannot logically think that Nortel could “miss” everything a hacker was doing over a ten-year period?
Iain Marlow, Technology Reporter in his February 24 article in the Globe and Mail
Chris Wade, a security expert who hacked into Research In Motion Ltd.’s PlayBook in 2011, who said he felt skeptical about the Nortel case’s details. “I find it hard to believe that the company’s source code and every valuable piece of information they had was available all from one network,” Wade said in the article. “A targeted 10-year attack sounds way too coordinated, like something out of a movie.”
Perhaps, but as we have been saying in the security business, hackers are becoming more organized and more sophisticated.
The Canadian government is denying that China had anything to do with it, but those same hackers also targeted Canadian government computers in fall 2010, targeting the Finance Department, the Treasury Board, and Defence Research and Development Canada.
We cannot deny that “internal business environment “ at Nortel was balanced, or unbalanced, on greed, and maybe Nortel was doomed long before any hacker, be it China or a basement dweller, got into their networks. Nortel was a marvel of technology, but today it is a disgrace and may not be held accountable for destroying the livelihood of employees and their families.
I have stated in lectures and at conferences, anybody from anywhere in the world, using an open proxy in China, could have penetrated Nortel. Perhaps a server in China was involved, but that does not mean China did it.
But here is the problem, and a potentially harmful problem.
Nortel sold its assets to Avaya Inc, Ciena Corp., Telefon L.M. Ericsson and Genband, and did not disclose they had been hacked, nor did they fix it.
Zafirovski said in the Wall Street Journal, “People who looked at [the hacking] did not believe it was a real issue. This never came up like, ‘We have a real issue and we need to disclose to potential buyers of businesses.’”
But how many laptops and other devices left with Nortel employees to these companies, and elsewhere ?. How many “pings” are bouncing around out there, on devices that were not checked for viruses? How do we clean this mess?
If Nortel was hacked and no one reported it, except among internal executives, and then all the company assets sold without disclosure or a virus check…well…who knows what is out there?
This is not a story that will go away, as some Nortel executives would like.
I’m a government cleared cybersecurity expert (a Certified Ethical Hacker), and the Vice-President of Cyber at SIRCO, an investigations and protections firm in Montréal, Canada.
I’m also a frequent contributor to National & Global media reportage about cyber-crime, spying, security failures, internet scams, and the real social network dangers that families and individuals face every day.
Latest posts by tcutler (see all)
- Terry Cutler wins prestigious International Cyber Security and Intelligence Academic and Leadership Awards - November 8, 2017
- Help donate to The Missing Children’s Networkfor the #GivingTuesday #KeepMeSafe campaign for the month of November - November 4, 2017
- How prepared are our kids to enter and stay safe in the digital world? - October 31, 2017