Chinese Hackers Had Unfettered Access To Nortel Networks For a Decade

← Back to Stories (view on slashdot.org)

Chinese Hackers Had Unfettered Access To Nortel Networks For a Decade

Posted by Soulskill on Tuesday February 14, 2012 @08:46AM from the security-through-apathy dept.

An anonymous reader sends this quote from CBC News: "Hackers based in China enjoyed widespread access to Nortel's computer network for nearly a decade, according to ... Brian Shields, a former Nortel employee who launched an internal investigation of the attacks, the Wall Street Journal reports [from behind a paywall]. ... Over the years, the hackers downloaded business plans, research and development reports, employee emails and other documents. According to the internal report, Nortel 'did nothing from a security standpoint' about the attacks."

17 of 178 comments (clear)

Min score:

Reason:

Sort:

'Chinese hackers' by Anonymous Coward · 2012-02-14 08:50 · Score: 5, Insightful

Otherwise known as, 'Huawei employees'.
With [not-]Friends like these... by sethstorm · 2012-02-14 08:51 · Score: 5, Insightful

The first thing the US (and other First World nations) should be doing is getting tougher on China instead of being any bit friendly to them in commerce.

--
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
1. Re:With [not-]Friends like these... by PickyH3D · 2012-02-14 09:07 · Score: 4, Funny
  
  And what is the US going to take? The stolen documents back?
  That would be a somewhat amusing cycle though. They steal from us; we destroy all of their hard drives.
2. Re:With [not-]Friends like these... by Anonymous+Psychopath · 2012-02-14 09:42 · Score: 4, Insightful
  
  The first thing the US (and other First World nations) should be doing is getting tougher on China instead of being any bit friendly to them in commerce.
  The only evidence these guys were in China were the sources of the IP addresses they were using. They never went any further than doing a whois. So they know the hackers were using systems in China, but it's a very large assumption that's where the attacks actually originated.
  
  --
  Eagles may soar, but weasels don't get sucked into jet engines.
3. Re:With [not-]Friends like these... by Charliemopps · 2012-02-14 09:46 · Score: 4, Insightful
  
  You're making the same mistake that most people do in this situation. You're mis-reading "Chinese hackers" as "Chinese Government Hackers" which they may very well be... but all we really know is that a lot of hacking originates in the country with the largest population in the world. That shouldn't be a surprise to anyone. Not only that, but we don't even really know if it was coming from China. It could have been Americans operating out of compromised Chinese equipment. the truth is, we don't know a damned thing about it in truth. The article should just read "Hackers had access for over 10 years" and leave it at that. We have no proof, or even legitimate reason to suspect, they were Chinese.
Re:Maybe there was a reason? by Riceballsan · 2012-02-14 08:56 · Score: 5, Insightful

Uhh yeah... sure.
"Hey Jim it looks like someones broken in, should we do something about it?"
"Nah just wait a bit, i want to see what they are doing and fine the source
10 years later "Aha!!!, I narrowed it down to someone in china.
Two points: by rickb928 · 2012-02-14 08:59 · Score: 5, Insightful

1) I no longer care what "Wall Street Journal reports [from behind a paywall]". Quoting largely unavailable sources is wasting my time.
2) Nortel wasn't so good at security in their products. Not much of a surprise.
Oh, and 3) discounting 'cyberwar' as a solution justifying a problem is a little like dismissing a accidental wound as not in and of itself fatal. You've been injured. Claiming it's 'not that bad' doesn't change the nature of the injury. China has been attacking the rest of the world for a while now. The evidence cannot be excused.

--
deleting the extra space after periods so i can stay relevant, yeah.
I doubt it by 1800maxim · 2012-02-14 08:59 · Score: 4, Interesting

The only reason was either incompetence, or a back-room deal with China that caused Canada to turn their eye the other way.

One has to wonder why Huawei rose to prominence so drastically... Where else have they been "researching" their technology?
1. Re:I doubt it by Nerdfest · 2012-02-14 09:49 · Score: 4, Interesting
  
  Someone on Slashdot once mentioned that they worked at Cisco I believe, and had a friend who worked at another networking company. They said that every time Cisco and this other company put up a new office, Huawei put one up within a few kilometers. This could be a fabrication, but it would be an interesting thing to look into.
analogy by P-niiice · 2012-02-14 09:02 · Score: 5, Funny

Wife: Honey, I'm being raped Husband: Give it a minute, I want to check out his methods so we can prevent it in the future {two hours later} Husband: I think he has a penis
link around the paywall by akahige · 2012-02-14 09:07 · Score: 5, Informative

Link to full article.
1. Re:link around the paywall by houghi · 2012-02-14 09:25 · Score: 5, Funny
  
  Link to full article around the paywall? Are you a Chinese hacker?
  
  --
  Don't fight for your country, if your country does not fight for you.
Re:Maybe there was a reason? by Anonymous Coward · 2012-02-14 09:09 · Score: 5, Interesting

nortel built a plant over there with the promise of getting some of the chinese telecom market share. the chinese sold them a plot of land in a flood plain so they could not use the first floor for about half the year. shortly after the plant went live i started hearing stories of chinese companies making exact duplicates of our equipment and selling it to their customers. i think we got no more then 1-3% market share even though we originally had the best equipment.
what gets me are all the companies standing inline to get in there. haven't they read all the stories about the corporate espionage that occurs once you let them into your systems.
Re:China not India? by Dahamma · 2012-02-14 09:22 · Score: 4, Interesting

One tiny detail this summary neglected to mention is Nortel went bankrupt 3 years ago.
They had no interest in pursuing the investigation because there was pretty much no way it was going to make their assets look any *more* valuable to buyers...
Re:10 years! WOW! by Anonymous+Psychopath · 2012-02-14 09:29 · Score: 4, Funny

Where were all thier network security experts at?
Cisco and Juniper, mostly.

--
Eagles may soar, but weasels don't get sucked into jet engines.
The myth of the Chinese "calling in" their debts. by FatLittleMonkey · 2012-02-14 10:06 · Score: 5, Informative

Foreigners own less than 30% of US Treasury bonds. China owns 30% of those foreign owned bonds. About 8% of US bonds in total. The bonds are for a fixed term. They are paid in US dollars, at a fixed interest. And the US Treasury must register and approve all buyers.
China cannot "call in their debt" early. That's not how bonds work. The only way for them to do... anything... with the bonds is to dump them on the open market. However, that would crash the price, and the US could simply buy back the bonds at less than their face value, saving money in the long term. Since the interest rate paid on bonds is about a low as it can get, it means demand is high and so the US is not in any way dependent on China buying new debt. In fact, China seems to be gradually selling out of US Treasuries, and the interest hasn't gone up. If China tried to dump its bonds, the market would scoop them up.
Since each bond is individually registered with the US Treasury, and is paid by the US Treasury, if China somehow tried to... do something... somehow... to blackmail the US over its debt, the US government could selectively default on Chinese owned bonds. This wouldn't spook the bond market much because of the narrow targeted US response, and the obvious dickishness of the Chinese in bring it on themselves. (In fact, under such circumstances it would probably settle the markets.)
Put simply, you cannot fuck with another country by buying their debt in a form they have absolute control over.
Anyone who says you can is lying to you in order to sell you something.

--
Science is all about firing a drunk pig out of a cannon just to see what happens.
Re:Maybe there was a reason? by tqk · 2012-02-14 11:51 · Score: 5, Insightful

Because unlike China and Mexico its possible to run a secure plant in the USA.
I think it would be possible to run a secure plant in China, Mexico, and even Canada. However, since the reason you're over there is to have access to dirt cheap labour, minimal overhead, and access to a billion+ potential consumers, operating a secure plant is considered an unnecessary expense.

--
"Tongue tied and twisted, just an Earth bound misfit ..." -- Pink Floyd.