Using seven passwords stolen from company executives, including the chief executive officer (CEO), Chinese hackers gained access to Nortel’s computers around 2000 and downloaded valuable intellectual property from the company over the past decade, according to Brian Shields, a former Nortel employee who led an internal investigation into the hacking, the newspaper reported.
Intellectual property that the hackers stole included technical papers, research and development reports, business plans, and employee emails.
The hackers hid spyware on employees' computers and had “access to everything”, Shields told the Journal. "They had plenty of time. All they had to do was figure out what they wanted."
Shields said he made recommendations to management about how to protect the company’s networks but was ignored. He added that the company did not secure its networks before starting to sell its assets and did not disclose the hacking to prospective buyers.
Mike Zafirovski, former Nortel CEO, told the newspaper: "People who looked at [the hacking] did not believe it was a real issue. This never came up like, 'We have a real issue and we need to disclose to potential buyers of businesses.'"
However, Sean McGurk, former head of the Department of Homeland Security’s National Cybersecurity and Communications Integration Center, has a different view. Companies can inherit spyware or hacker infiltrations via acquisitions. "When you're buying those files or that intellectual property, you're also buying that 'rootkit,'" he told the newspaper.
Bill Morrow, executive chairman of Quarri Technologies, commented on the Nortel report: "The amount of damage that can be done in a single instance of a data breach is extreme; to imagine what Nortel is facing after years of hidden spying software is unfathomable and undoubtedly raises questions for many organizations as to the security of some of their more sensitive information."