Nortel hacked for years but failed to protect itself, report says

The company didn't try hard enough to stop a 10-year incursion by hackers likely working from China, says a former Nortel exec cited by the Wall Street Journal.

Nortel Networks was the victim of a series of cyberattacks likely originating from China for almost 10 years, but the company ultimately failed to defend itself, says The Wall Street Journal.

Citing an internal investigation by former Nortel systems security adviser Brian Shields, the Journal (subscription required) found that hackers apparently based in China carried on a decade-long campaign of stealing technical papers, R&D reports, employee e-mails, and other sensitive documents from the network company.

By grabbing just seven passwords from top Nortel execs back in 2000, the hackers managed to gain access to the company's network and remotely control personal computers by flooding them with spyware.

Nortel eventually uncovered the hacked passwords and breach in 2004. In response, the company changed the seven passwords and kicked off an internal investigation, the Journal noted. But according to Shields, Nortel didn't bother to determine if any of its products were compromised and halted the investigation after six months due to a lack of solid leads.

The cyberattacks continued intermittently for the next several years. Shields told the Journal that he offered recommendations for shoring up the network, but company brass reportedly failed to act on them.

Another investigation turned up further details, but again Nortel chose to ignore the findings, according to five former employees cited by the Journal.

By that point Nortel itself was in trouble, forced to lay off staff, including Shields, and sell off assets to stay afloat. Filing for bankruptcy in 2009 , Nortel also failed to disclose the network breach to potential buyers, said Shields.

When asked about the hacks by the Journal, one of Nortel's former CEOs, Mike Zafirovski , simply said that "People who looked at [the hacking] did not believe it was a real issue."

Nortel did not immediately respond to CNET's request for comment.

About the author

Journalist, software trainer, and Web developer Lance Whitney writes columns and reviews for CNET, Computer Shopper, Microsoft TechNet, and other technology sites. His first book, "Windows 8 Five Minutes at a Time," was published by Wiley & Sons in November 2012.


Discuss Nortel hacked for years but failed to protect...

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Articles from CNET
The truth about Ultra HD 4K TV refresh rates