[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] 8 Lessons From Nortel's 10-Year Security Breach
By Mathew J. Schwartz
February 17, 2012
It is every corporate security manager's worst nightmare.
News surfaced this week that Nortel's network was hacked in 2000, after
which attackers enjoyed access to the telecommunications and networking
company's secrets for 10 years.
The intrusions reportedly began after attackers used passwords stolen
from the company's CEO, as well as six other senior executives, together
with spyware. By 2004, a Nortel employee did detect unusual download
patterns associated with senior executives' accounts, and changed
related passwords. The security team also began watching for signs of
suspicious activity, but apparently stopped doing so after a few months.
The full extent of the breach wasn't discovered until 2010, by which
time hackers had been accessing Nortel secrets--from technical papers
and business plans, to research reports and employees' emails--for
nearly a decade.
"This is a clear case of a total failure of an information security
program and should be a wakeup call for other corporations," said Chris
Mark, principal of the Mark Consulting Group, on the Global Security &
Risk Management blog.
What should Nortel have done differently, and what can information
security professionals learn from this example?
Learn how to be a Pen Tester or a CISSP with Expanding Security online. Get
a free class invitation and see how good and fun the program really is.