Forgot your password?
typodupeerror
China Businesses Security

Chinese Hackers Had Unfettered Access To Nortel Networks For a Decade 178

Posted by Soulskill
from the security-through-apathy dept.
An anonymous reader sends this quote from CBC News: "Hackers based in China enjoyed widespread access to Nortel's computer network for nearly a decade, according to ... Brian Shields, a former Nortel employee who launched an internal investigation of the attacks, the Wall Street Journal reports [from behind a paywall]. ... Over the years, the hackers downloaded business plans, research and development reports, employee emails and other documents. According to the internal report, Nortel 'did nothing from a security standpoint' about the attacks."
This discussion has been archived. No new comments can be posted.

Chinese Hackers Had Unfettered Access To Nortel Networks For a Decade

Comments Filter:
  • by TWX (665546) on Tuesday February 14, 2012 @04:49PM (#39037313)

    Sometimes security sacrifices are made in exchange for learning about the attackers. Could this possibly have been an example of this? I know that Nortel is common tech in business and local government, but would this penetration be dangerous to military or defense development?

    • by Riceballsan (816702) on Tuesday February 14, 2012 @04:56PM (#39037397)
      Uhh yeah... sure.

      "Hey Jim it looks like someones broken in, should we do something about it?"

      "Nah just wait a bit, i want to see what they are doing and fine the source

      10 years later "Aha!!!, I narrowed it down to someone in china.

    • Possibly. But if that was the case, that guy should either have known it was a trap for them or not have been able to see it at all.

      In my experience, the problem with network security is getting management to understand anything about it other than "I don't want to have to remember a password".

    • I doubt it (Score:5, Interesting)

      by 1800maxim (702377) on Tuesday February 14, 2012 @04:59PM (#39037451)
      The only reason was either incompetence, or a back-room deal with China that caused Canada to turn their eye the other way.

      One has to wonder why Huawei rose to prominence so drastically... Where else have they been "researching" their technology?
      • Re:I doubt it (Score:5, Interesting)

        by Nerdfest (867930) on Tuesday February 14, 2012 @05:49PM (#39038007)

        Someone on Slashdot once mentioned that they worked at Cisco I believe, and had a friend who worked at another networking company. They said that every time Cisco and this other company put up a new office, Huawei put one up within a few kilometers. This could be a fabrication, but it would be an interesting thing to look into.

    • by Anonymous Coward on Tuesday February 14, 2012 @05:09PM (#39037559)

      nortel built a plant over there with the promise of getting some of the chinese telecom market share. the chinese sold them a plot of land in a flood plain so they could not use the first floor for about half the year. shortly after the plant went live i started hearing stories of chinese companies making exact duplicates of our equipment and selling it to their customers. i think we got no more then 1-3% market share even though we originally had the best equipment.

      what gets me are all the companies standing inline to get in there. haven't they read all the stories about the corporate espionage that occurs once you let them into your systems.

      • Re: (Score:3, Insightful)

        by Anonymous Coward

        One of the tricky parts to data security in China is that the culture is completely different. In the states people for the most part respect the idea that they are responsible to their employer and even after leaving employment should respect things like NDAs.

        In the USA if you do basic background checks and treat your employees fairly you can expect them to keep your trade secrets. In China it does not matter, family and nation come first. That is your employees brother in law works for a Chinese firm t

        • by tqk (413719) <s.keeling@mail.com> on Tuesday February 14, 2012 @07:51PM (#39039341)

          Because unlike China and Mexico its possible to run a secure plant in the USA.

          I think it would be possible to run a secure plant in China, Mexico, and even Canada. However, since the reason you're over there is to have access to dirt cheap labour, minimal overhead, and access to a billion+ potential consumers, operating a secure plant is considered an unnecessary expense.

      • by stephanruby (542433) on Tuesday February 14, 2012 @07:43PM (#39039269)

        the chinese sold them a plot of land in a flood plain so they could not use the first floor for about half the year.

        Sorry, but those guys sound like idiots.

        Whether you're in the US, or in China, there is such a thing called due diligence. Either they made the trade-off decision to knowingly buy heavily discounted land in a flood plain, and accepted the risk commensurate with that choice, or they were just sheer incompetent lazy idiots and the project was doomed from the very beginning.

        And yes, I've been involved in purchasing land abroad (not in Asia thought), and I've been shown land in flood plains before (after all, local sellers and local real estate agents see foreigners as easy marks for not knowing the lay of the land, and not knowing the lay of the local legal landscape either).

        • Re: (Score:2, Interesting)

          by Anonymous Coward

          the chinese sold them a plot of land in a flood plain so they could not use the first floor for about half the year.

          Sorry, but those guys sound like idiots.

          Hey I worked at Nortel!

          Well... Honestly, there's a reason it's out of business. I won't say there weren't good people there. There were lots of very smart hard working people. But I have never worked at a place, before or since, where there was so much funny business going on. I quit because I couldn't stand it any more. On my exit interview I wrote, "Nortel suffers from a culture of corruption. If these issues aren't dealt with promptly, I fear the company will go under." And that was when the compan

    • by g0bshiTe (596213) on Tuesday February 14, 2012 @05:44PM (#39037953)
      You can argue that sacrifices are made in order to learn about attackers, but I'd pose that a breach spanning 10 years allowing uninhibited access is stretching that argument.

      That's just outright incompetence.
    • by AmberBlackCat (829689) on Tuesday February 14, 2012 @06:55PM (#39038699)
      This happens a lot on Slashdot. When a group from a Western nation hacks some competitor's system, it's always considered an act of superior Western sophistication. But when it's the other way around, it's doesn't matter if it's Western incompetence (setting the password to 12345) or a sophisticated attack from the enemy (causing a drone to land on enemy territory through GPS manipulation) or somewhere in the middle (enemy hacks system and sysadmins don't notice for 10 years), there is always somebody who will suggest it's some kind of reverse psychology and still an example of superior Western sophistication. I really think there are just smart and dumb people on both sides and that should be acknowledged.
      • by tqk (413719)

        ... there is always somebody who will suggest it's some kind of reverse psychology and still an example of superior Western sophistication.

        I believe you're overreacting a bit. Perhaps they will, and they'll be wrong. I don't think I've heard anyone around here lately suggesting "Western sophistication" has existed for quite some time, certainly not of the "superior" variety. Western based business (well, North American based, anyway) is dominated by nanosecond long attention span imbeciles these days.

        Cf. the story we're commenting on. Doofuses, or an inside/collusion job?

        I believe Nortel execs are still in court trying to save their butts

  • 'Chinese hackers' (Score:5, Insightful)

    by Anonymous Coward on Tuesday February 14, 2012 @04:50PM (#39037315)

    Otherwise known as, 'Huawei employees'.

  • by sethstorm (512897) on Tuesday February 14, 2012 @04:51PM (#39037343) Homepage

    The first thing the US (and other First World nations) should be doing is getting tougher on China instead of being any bit friendly to them in commerce.

    • by Anonymous Psychopath (18031) on Tuesday February 14, 2012 @05:42PM (#39037933) Homepage

      The first thing the US (and other First World nations) should be doing is getting tougher on China instead of being any bit friendly to them in commerce.

      The only evidence these guys were in China were the sources of the IP addresses they were using. They never went any further than doing a whois. So they know the hackers were using systems in China, but it's a very large assumption that's where the attacks actually originated.

      • The only evidence these guys were in China were the sources of the IP addresses they were using. They never went any further than doing a whois. So they know the hackers were using systems in China, but it's a very large assumption that's where the attacks actually originated.

        Yeah, I love all these stories about 'China' hacking everything under the sun. If I were a black hat interested in breaking into a computer, the very first thing I would do is compromise a server in china to work through so if my hack were discovered it would be written off as 'more Chinese hackers'. I believe this is referred to as a false flag operation in spy trade craft. I find it hard to believe that all these governments and corporations are constantly being attacked by nothing but Chinese hackers.

    • by Charliemopps (1157495) on Tuesday February 14, 2012 @05:46PM (#39037983)
      You're making the same mistake that most people do in this situation. You're mis-reading "Chinese hackers" as "Chinese Government Hackers" which they may very well be... but all we really know is that a lot of hacking originates in the country with the largest population in the world. That shouldn't be a surprise to anyone. Not only that, but we don't even really know if it was coming from China. It could have been Americans operating out of compromised Chinese equipment. the truth is, we don't know a damned thing about it in truth. The article should just read "Hackers had access for over 10 years" and leave it at that. We have no proof, or even legitimate reason to suspect, they were Chinese.
    • Re: (Score:3, Funny)

      by LordLucless (582312)

      When dragons belch and hippos flee
      My thoughts, Ankh-Morpork, are of thee
      Let others boast of martial dash
      For we have boldly fought with cash
      We own all your helmets, we own all your shoes.
      We own all your generals - touch us and you'll lose.
      Morporkia! Morporkia!
      Morporkia owns the day!
      We can rule you wholesale
      Touch us and you'll pay.

      We bankrupt all invaders,
      We sell them souvenirs,
      We ner ner ner ner ner ner by the ears,
      Er ner ner ner ner ner ner ner ner ner,
      Ner ner ner ner ner ner, ner ner ner ner ner,
      Ner your g

      • The second verse of every national anthem ends up being reduced to "ner ner ner ner ner..." because no one knows the words.

  • I thought Nortel was outsourcing everything to India, not China. I suppose this is an important story if you live in China or India, but pretty much "eh" for everyone else.

    If a company is intentionally outsourcing everything, does it really matter fundamentally matter if their stuff gets "involuntarily outsourced" or diverted to yet another foreign country?

    I can't feel any sympathy for Nortel at all. A traitor to their own country got screwed. boo hoo.

  • Two points: (Score:5, Insightful)

    by rickb928 (945187) on Tuesday February 14, 2012 @04:59PM (#39037449) Homepage Journal

    1) I no longer care what "Wall Street Journal reports [from behind a paywall]". Quoting largely unavailable sources is wasting my time.

    2) Nortel wasn't so good at security in their products. Not much of a surprise.

    Oh, and 3) discounting 'cyberwar' as a solution justifying a problem is a little like dismissing a accidental wound as not in and of itself fatal. You've been injured. Claiming it's 'not that bad' doesn't change the nature of the injury. China has been attacking the rest of the world for a while now. The evidence cannot be excused.

  • analogy (Score:5, Funny)

    by P-niiice (1703362) on Tuesday February 14, 2012 @05:02PM (#39037477)
    Wife: Honey, I'm being raped Husband: Give it a minute, I want to check out his methods so we can prevent it in the future {two hours later} Husband: I think he has a penis
  • by akahige (622549) on Tuesday February 14, 2012 @05:07PM (#39037537)
  • Oooh... (Score:4, Insightful)

    by fuzzyfuzzyfungus (1223518) on Tuesday February 14, 2012 @05:08PM (#39037555) Journal
    Now, I'm assuming that absolutely nothing whatsoever will come of the investigation into the hacking, as usually seems to be the case. However, the bit about Nortel knowing that they had been cracked good and hard and not telling buyers is the sort of thing that the SEC might take an interest in. Potentially(depending on the level of regulatory capture, of course...) a very strong, very personal interest in.

    That could get rather uncomfortable for anybody involved in their asset sale. I'd imagine that some of the buyers are sniffing around for blood as we speak.
  • This story reminds me of the song "Shake the West awake" by Landscape from their album "From the album, "From The Tea-rooms Of Mars .... To The Hell-holes Of Uranus".

    Video: http://www.youtube.com/watch?v=bDi1dskKZQw [youtube.com]

    Fantastically, this was made in 1981, more than thirty years ago. Maybe Nortel (and others) should have listened to them.

  • So we have one article suggesting that cyberwar is an exaggeration, and now we have another article which seems to demonstrate that it is indeed a problem. I suppose we could debate whether or not this constitutes cyberwarfare but clearly American businesses and the government are not taking these threats seriously enough.

    My impression has always been that the Chinese, both on a corporate and governmental level, realize they're too dependent on the developed world. The fact is that the US has even offloaded

    • You've heard people respond to "Illegal downloading is stealing!" by pointing out that it's copyright violation, not "stealing"? People call it "stealing" to try to sell a solution more harmful than the problem.

      In the same way, "Cyber-warfare" just means espionage, mostly corporate espionage, not "war". People call it "war" in order to sell a solution more harmful than the problem.

    • by ceoyoyo (59147)

      "So we have one article suggesting that cyberwar is an exaggeration"

      This is espionage, of the good old fashioned industrial variety. It used to be done by actual people, on site, and now it's done through computers. It's not warfare, of any kind.

  • According to TFA, the excuse used by the Chinese government amounts to "wasn't government sponsored, show us some proof".

    Have there been any cases where a hack was actually traced to an individual in China? Has the Chinese government followed up in those instances to arrest and try the individuals? I would think that if someone in US were to hack into a Chinese company network they would be arrested and tried.

  • by jayveekay (735967) on Tuesday February 14, 2012 @05:25PM (#39037725)

    Oh, wait. I see. That explains alot. :)

    • If you think what Nortel did was dumb, you should see what the people who bought what was left are doing
  • I wish Chinese hackers would steal our democratic values and ideals.
  • Preventing attackers from getting in it only the first line of defense. Detecting then once they are in, and having the logs that show what they did is critical for an adequate response. Unfortunately, as many recently published events show, this seems to be largely unknown or not done due to cost reasons. At the same time, most corporate systems are relatively easy to break in for high-competence attachers. Something needs to change here, and the only thing I can think of is personal criminal liability of

    • by DarkOx (621550)

      Something needs to change here, and the only thing I can think of is personal criminal liability of those that fail to put reasonable security on their IT installations.

      I am sorry but that would be insanely unjust. Should you be held 'criminally' responsible if you house is burgled because you did not have deadbolt lock on all your doors? Obviously no. At the same time if all you have is light weight little knob locks you are not doing much to protect your own assets.

      If you really want to see change the insurance industry needs to spine up. Just like your homeowners rates are higher if you don't do basic security like have deadbolts corporate insurance rates need to g

  • I worked for a company once that finally noticed anonymous access to an internal unprotected FTP site where the IP's were originating from China. Been going on for months.

    Not sure what you can do when it doesn't really require a "hack" to gain access to corporate files. I don't work for them anymore BTW.

  • With the current state of patent law it would've been even funnier if the Chinese had taken stuff from current research projects and patented it before Nortel could.

"If I do not want others to quote me, I do not speak." -- Phil Wayne

Working...