Saturday, September 5, 2020

The espionage that took down Nortel

Did Huawei bring down Nortel? Corporate espionage, theft, and the parallel rise and fall of two telecom giants | The Intelligencer - Tom Blackwell:

February 24, 2020 - "Nortel Networks ... led the way in developing digital telephone networks worldwide in the 1970s and 1980s. By the turn of the last century ... it boasted over 90,000 employees and ... accounted for a third of the worth of companies on the Toronto Stock Exchange. Its technological prowess is still legendary.... Then, in 2000, the speculative Internet bubble that had so elevated Nortel suddenly burst.... In January, 2009, Nortel filed for bankruptcy protection.... 

"Nortel’s financial troubles were well documented, but what didn’t become public until years later was espionage traced back to China....

"Michel Juneau-Katsuya was head of the CSIS Asia-Pacific desk in the late 1990s when the service became aware of 'spying activities the Chinese were conducting' against Nortel.... When the intelligence agency warned the company, it all but ignored CSIS. This led Juneau-Katsuya to a startling conclusion: 'To this day, I believe there might have been one or more agents of influence controlled by the Chinese in [Nortel] which succeeded in neutralizing our warning.'

"A little later, around 2000,...  [at] a Nortel facility in Texas, Huawei returned a fibre card ... and asked for a refund, recalls Lawrence Bill, a forensic analyst who worked on the subsequent investigation.... [W] hen Nortel engineers looked closely, they realized the 'bleeding-edge' gear had been disassembled and reverse engineered, says Bill.... Meanwhile, the company started noticing knock-off versions of some of its products in Asian markets, he says. Nortel considered suing, but dropped the matter after the Huawei office across the road in Texas closed down....

"[I]n the spring of 2004 ... a Nortel employee in the U.K. noticed some documents he’d stored in the company’s 'LiveLink' database had been downloaded by a senior executive in Canada. The Brit helpfully emailed the manager — optical-networks president Brian McFadden — to say he was available to answer any questions McFadden might have about the material. The executive’s response? I have no idea what you’re talking about. Nortel’s security staff in Raleigh, N.C., were promptly alerted.

"Larry Bill, based in Raleigh, noticed a troubling fact: Logs indicated that McFadden had signed into the Nortel system from multiple locations around the world, places he had never visited.... Security advisor Brian Shields discovered that not one, but seven Nortel executives, including CEO Frank Dunn, had been hacked, and that the hackers were vacuuming an alarming volume of sensitive material out of its databases.

"By the end of his investigation, Shields says he was able to track the theft of over 1,400 documents from the LiveLink server, and that was only during a six-month period when bosses allowed him to monitor the stealing. He found evidence the break-in of Nortel’s internal computer network had started no later than 2000, and probably began in the 1990s. He says it lasted past 2009, when he was laid off. He traced most of the hacks back to IP addresses and four Internet service providers (ISPs) in China. When material was actually downloaded from Nortel, it mostly ended up at an ISP in Shanghai....

"He cites a 2013 report by cyber-security firm Mandiant, which revealed the existence of a major Internet-espionage organization in Shanghai, likely “Unit 61398” of the People’s Liberation Army. Mandiant tracked thefts of data from 141 companies in 20 major industries.... 

"Shields, who was Nortel’s representative on the Network Security Information Exchange, a U.S. government initiative to help protect the national telecom infrastructure ... has no evidence of who ultimately received the documents, but notes that only a Nortel competitor would benefit from the information, helping it develop products, craft sales pitches and out-sell rivals.  Shields cannot prove that Huawei benefited from the hacking, but is convinced that its rise to a world telecommunications superpower — as Nortel simultaneously withered away — is no coincidence.... And yet he is certain the Nortel CEO never saw that report. His investigation wound down after a few months, and it appears no one notified firms that later bought Nortel assets that its computers might be infected.

"CSIS got in touch again early in 2009, offering to help Nortel with the hacks, Shields says, but by then it was too late. Within a week, the company had filed for bankruptcy protection.... A few years later, as the National Defence Department prepared to take over Nortel’s former research campus in Ottawa, it discovered evidence of another type of spying — old-school listening bugs implanted in the building during Nortel days, a senior Defence officer told the Ottawa Citizen and Globe and Mail."

Read more: https://www.intelligencer.ca/news/exclusive-did-huawei-bring-down-nortel-corporate-espionage-theft-and-the-parallel-rise-and-fall-of-two-telecom-giants/wcm/543c8eee-d7d0-4b8a-89e9-09c3b9c92b4a

No comments:

Post a Comment