The long-term penetration of Nortel Networks' computer system by hackers raises the possibility that owners of the company's telecom equipment could face cybersecurity concerns of their own, some experts say.
Hackers, possibly from China, spied on Nortel Networks for nearly a decade, according to report Tuesday in the Wall Street Journal. The hackers had access to Nortel's business plans, reports, emails and other documents by stealing passwords from top company executives and installing spyware they controlled remotely, according to the paper.
Though it filed for bankruptcy three years ago, Nortel was once one of the world's largest providers of telecom equipment. Nortel's gear is still used to route phone calls and Internet traffic by major telecom providers, government agencies, hospitals and banks using private networks, according to Akshay Sharma, an analyst at the research firm Gartner Inc.
Experts say it is difficult to determine the motive behind the breach or what information was stolen. But Sharma said organizations using older versions of Nortel equipment could encounter security risks.
"This is a wakeup call," Sharma said.
According to the Journal, Nortel did not disclose or fix the security problem before selling off its assets to buyers, including Ericsson, Avaya Inc., Genband and Ciana.
A spokesperson for Nortel did not return a request for comment.
James Lewis, director of the Center for Strategic and International Studies' Technology and Public Policy program, said the hackers could use what they learned from spying on Nortel to gain future access to the nation's telecommunications grid.
"If you knew how the Nortel stuff worked, that would let you gain access to the telecommunications network when you needed to," Lewis said.
Tom Kellermann, a member of the Commission on Cybersecurity for the 44th Presidency, said the breach of Nortel could give hackers "a persistent presence in the telecommunications network."
But a former federal government official said Nortel has known about the spying "for quite some time" and has been quietly working with major network service providers to secure its systems from hackers.
The former official added that the bigger concern about the Nortel hack was the theft of intellectual property. The stolen information, possibly including valuable research and development plans, would likely be given to Chinese telecom companies, the former official said.
One such company, Huawei, has been blocked from entering the U.S. telecom market, partly out of concern that the company could spy on communications on behalf of the Chinese government because the company's chief executive formerly worked for the Chinese military's telecom research department.
The breach of Nortel will likely reinforce U.S. intelligence concerns about hackers from China stealing American military, technology and economic secrets. "Chinese actors are the world's most active and persistent perpetrators of economic espionage," according to a report last fall by U.S. intelligence officials.
China has dismissed accusations it sponsors hacking to steal U.S. secrets, calling them "irresponsible."
SUBSCRIBE AND FOLLOW
Get top stories and blog posts emailed to me each day. Newsletters may offer personalized content or advertisements.Learn more