Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Chinese Hackers Had Unfettered Access To Nortel Networks For a Decade

Soulskill posted more than 2 years ago | from the security-through-apathy dept.

China 178

An anonymous reader sends this quote from CBC News: "Hackers based in China enjoyed widespread access to Nortel's computer network for nearly a decade, according to ... Brian Shields, a former Nortel employee who launched an internal investigation of the attacks, the Wall Street Journal reports [from behind a paywall]. ... Over the years, the hackers downloaded business plans, research and development reports, employee emails and other documents. According to the internal report, Nortel 'did nothing from a security standpoint' about the attacks."

Sorry! There are no comments related to the filter you selected.

Anonymous Cowards Have Unfettered Access (-1)

Anonymous Coward | more than 2 years ago | (#39037309)

to FIRST POSTS on Slashdot

Maybe there was a reason? (2)

TWX (665546) | more than 2 years ago | (#39037313)

Sometimes security sacrifices are made in exchange for learning about the attackers. Could this possibly have been an example of this? I know that Nortel is common tech in business and local government, but would this penetration be dangerous to military or defense development?

A ten year honey pot?!? (0)

Anonymous Coward | more than 2 years ago | (#39037347)

n/t

Re:Maybe there was a reason? (5, Insightful)

Riceballsan (816702) | more than 2 years ago | (#39037397)

Uhh yeah... sure.

"Hey Jim it looks like someones broken in, should we do something about it?"

"Nah just wait a bit, i want to see what they are doing and fine the source

10 years later "Aha!!!, I narrowed it down to someone in china.

Re:Maybe there was a reason? (0)

K. S. Kyosuke (729550) | more than 2 years ago | (#39038705)

Uhh yeah... sure.

"Hey Jim it looks like someones broken in, should we do something about it?"

"Nah just wait a bit, i want to see what they are doing and fine the source

10 years later "Aha!!!, I narrowed it down to someone in china.

Wow, the Chinise must have some serious roundrtips in those firewalls of theirs.

Like a honey pot / honey net? (1)

khasim (1285) | more than 2 years ago | (#39037423)

Possibly. But if that was the case, that guy should either have known it was a trap for them or not have been able to see it at all.

In my experience, the problem with network security is getting management to understand anything about it other than "I don't want to have to remember a password".

Re:Like a honey pot / honey net? (0)

Anonymous Coward | more than 2 years ago | (#39037889)

Nortel requires passwords with letter, numbers, symbols to get on the intranet/PC/workstations and they expire every few months. The various systems have slightly different rules on what was allowed, so generating a new password that satisfies all that and mean while not forgetting the old and remembering the new without writing it down was a choir for me.

Re:Like a honey pot / honey net? (1)

19thNervousBreakdown (768619) | more than 2 years ago | (#39037977)

Laaaaaaaaaaaah!

I doubt it (4, Interesting)

1800maxim (702377) | more than 2 years ago | (#39037451)

The only reason was either incompetence, or a back-room deal with China that caused Canada to turn their eye the other way.

One has to wonder why Huawei rose to prominence so drastically... Where else have they been "researching" their technology?

Re:I doubt it (4, Interesting)

Nerdfest (867930) | more than 2 years ago | (#39038007)

Someone on Slashdot once mentioned that they worked at Cisco I believe, and had a friend who worked at another networking company. They said that every time Cisco and this other company put up a new office, Huawei put one up within a few kilometers. This could be a fabrication, but it would be an interesting thing to look into.

Re:Maybe there was a reason? (5, Interesting)

Anonymous Coward | more than 2 years ago | (#39037559)

nortel built a plant over there with the promise of getting some of the chinese telecom market share. the chinese sold them a plot of land in a flood plain so they could not use the first floor for about half the year. shortly after the plant went live i started hearing stories of chinese companies making exact duplicates of our equipment and selling it to their customers. i think we got no more then 1-3% market share even though we originally had the best equipment.

what gets me are all the companies standing inline to get in there. haven't they read all the stories about the corporate espionage that occurs once you let them into your systems.

Re:Maybe there was a reason? (1)

Anonymous Coward | more than 2 years ago | (#39037649)

There is also the fact that if China doesn't get the plans and trade secrets, American corporate reps of that company can end up arrested for "sedition" charges, and said reps "waking up in pieces", Larry Niven style unless China gets what is asked for.

There is a reason why execs going over there not just carry laptops which are glorified dumb terminals, but also provision their AD schema with duress passwords.

Re:Maybe there was a reason? (3, Insightful)

g0bshiTe (596213) | more than 2 years ago | (#39037953)

You can argue that sacrifices are made in order to learn about attackers, but I'd pose that a breach spanning 10 years allowing uninhibited access is stretching that argument.

That's just outright incompetence.

Re:Maybe there was a reason? (1)

chrisj_0 (825246) | more than 2 years ago | (#39038101)

GAWD! how did you get first :(

Re:Maybe there was a reason? (3, Insightful)

AmberBlackCat (829689) | more than 2 years ago | (#39038699)

This happens a lot on Slashdot. When a group from a Western nation hacks some competitor's system, it's always considered an act of superior Western sophistication. But when it's the other way around, it's doesn't matter if it's Western incompetence (setting the password to 12345) or a sophisticated attack from the enemy (causing a drone to land on enemy territory through GPS manipulation) or somewhere in the middle (enemy hacks system and sysadmins don't notice for 10 years), there is always somebody who will suggest it's some kind of reverse psychology and still an example of superior Western sophistication. I really think there are just smart and dumb people on both sides and that should be acknowledged.

'Chinese hackers' (5, Insightful)

Anonymous Coward | more than 2 years ago | (#39037315)

Otherwise known as, 'Huawei employees'.

Re:'Chinese hackers' (0)

Anonymous Coward | more than 2 years ago | (#39037859)

Mod parent up! This is the first thing that went through my head when I read the title. Everyone knows Huawei is a Chinese company (yes it has an American Corp too) with less than admirable business practices.

Re:'Chinese hackers' (0)

Anonymous Coward | more than 2 years ago | (#39038131)

"Hua-wei!" is Chinese for "Yee-haw!"

With [not-]Friends like these... (5, Insightful)

sethstorm (512897) | more than 2 years ago | (#39037343)

The first thing the US (and other First World nations) should be doing is getting tougher on China instead of being any bit friendly to them in commerce.

Re:With [not-]Friends like these... (0)

Anonymous Coward | more than 2 years ago | (#39037453)

Who owns them (on paper)?

Re:With [not-]Friends like these... (3, Insightful)

Anonymous Coward | more than 2 years ago | (#39037737)

Citizens of the USA own more US debt than China does by far.

no. (0)

unity100 (970058) | more than 2 years ago | (#39038205)

of course, if you are not talking metaphorically.

https://www.google.com/webhp?sourceid=chrome-instant&ix=sea&ie=UTF-8&ion=1#sclient=psy-ab&hl=en&newwindow=1&safe=off&site=webhp&source=hp&q=china%20is%20u.s.%20top%20creditor&pbx=1&oq=&aq=&aqi=&aql=&gs_sm=&gs_upl=&fp=4ed61219c935a532&ix=sea&ion=1&ix=sea&ion=1&bav=on.2,or.r_gc.r_pw.r_cp.,cf.osb&fp=9cdc2d4e3ad4d3db&biw=1177&bih=888&ix=sea&ion=1 [google.com]

china is the top creditor to u.s. still, despite dumping a lot of it, going to 1.13 trillion or so from 1.5+ trillion, after chinese finance minister or trade representative said 'u.s. dollar was worthless now'.

Re:With [not-]Friends like these... (1)

Anonymous Coward | more than 2 years ago | (#39037457)

And you think the US is not doing its share of 'hacking' on China ?

Re:With [not-]Friends like these... (4, Funny)

PickyH3D (680158) | more than 2 years ago | (#39037547)

And what is the US going to take? The stolen documents back?

That would be a somewhat amusing cycle though. They steal from us; we destroy all of their hard drives.

Re:With [not-]Friends like these... (1)

Anonymous Coward | more than 2 years ago | (#39037589)

The intended target of the infamous Sony rootkit on music CDs was actually China. The DoD anticipated the Chinese copiers to make 1 to 1 copies of the original discs and get those spread throughout the business and governmental computers of China.

Re:With [not-]Friends like these... (1)

viperidaenz (2515578) | more than 2 years ago | (#39038077)

But isn't DRM usually stripped out when pirated copies are manufactured?

Re:With [not-]Friends like these... (1)

PickyH3D (680158) | more than 2 years ago | (#39038129)

The Sony rootkit was software that you ran from the CD, hence his joke about 1:1 copies.

fight fire with fire (1)

Anonymous Coward | more than 2 years ago | (#39037641)

if the tables were turned I'm pretty sure the Chinese government would be demanding restitution for the damage done by the hacking attempts and by possible leaks of information to competing businesses.

Maybe the west's weakness is an unwillingness to sink to their level, and that will likely be our downfall.

Re:fight fire with fire (1)

g0bshiTe (596213) | more than 2 years ago | (#39037995)

That assumes they currently don't sink to that level. Or maybe they just don't get caught doing it.

Re:With [not-]Friends like these... (0)

Anonymous Coward | more than 2 years ago | (#39037689)

Yes. That's right. The only reason the US would ever hack into Chinese computers would be to get stolen documents back.

Re:With [not-]Friends like these... (1)

PickyH3D (680158) | more than 2 years ago | (#39038151)

Woooosh

Re:With [not-]Friends like these... (0)

Anonymous Coward | more than 2 years ago | (#39037485)

And you think they 'loaned' us trillions of dollars because... ?

Re:With [not-]Friends like these... (0)

Anonymous Coward | more than 2 years ago | (#39037833)

implying buying securities on the open market is altruism

Re:With [not-]Friends like these... (0)

Anonymous Coward | more than 2 years ago | (#39038265)

Implying there is an open market is ignorance.

Re:With [not-]Friends like these... (1)

fliptout (9217) | more than 2 years ago | (#39038005)

Because China has a very conservative investment strategy. US debt is still the safest investment available.

Re:With [not-]Friends like these... (0)

Anonymous Coward | more than 2 years ago | (#39037543)

First thing you should do is check how much the US owes in debt to the Chinese.

Re:With [not-]Friends like these... (1)

geoffrobinson (109879) | more than 2 years ago | (#39037583)

Which we can default on. That leverage goes both ways.

Re:With [not-]Friends like these... (1)

c0lo (1497653) | more than 2 years ago | (#39037923)

Which we can default on. That leverage goes both ways.

Hmm... is it? It is not like US can default only to China, how would you like US 'es credit rating to go to C-?

Re:With [not-]Friends like these... (1)

DarkOx (621550) | more than 2 years ago | (#39038993)

Does not matter what the credit rating of the USA is, its the reserve currency. Either lenders will lend to the US when asked, or will have their holdings confiscated through the use of the printing press. The US is unique in this given its accidental geographic location, and the outcomes of WWI and II, not that they were really separate wars.

Re:With [not-]Friends like these... (0)

roc97007 (608802) | more than 2 years ago | (#39037697)

Unfortunately China owns a great deal of the US debt, which gives them leverage in all sorts of matters.

Re:With [not-]Friends like these... (2, Informative)

Anonymous Coward | more than 2 years ago | (#39037783)

Actually Social Security (which runs surpluses currently) own most of our federal debt, and China only owns 6~9% (I can't remember the exact low %).
Perhaps you should look into the facts not just repeat talking points.

Re:With [not-]Friends like these... (1)

Anonymous Coward | more than 2 years ago | (#39038029)

China is the biggest of the "private" non-US creditors, i.e. owners of marketable US treasury securities other than the Fed. Total non-marketable securities amount to about 30% of the federal debt at the moment. The Fed holds about 10% of the debt and the rest is in the hands of China and other private investors. That means China holds the biggest part of the biggest class of securities. Should China use this position against the US, then it can dramatically increase the cost of 60% of the US debt. You were saying?

Inscrutable Chinese. (1)

FatLittleMonkey (1341387) | more than 2 years ago | (#39038243)

Should China use this position against the US

How? That's the part no one ever gets around to. How exactly does China "use" debt "against the US"?

They can either buy, hold or sell.

Which of those hurts the US?

Re:With [not-]Friends like these... (0)

Anonymous Coward | more than 2 years ago | (#39038433)

Actually Social Security (which runs surpluses currently) own most of our federal debt, and China only owns 6~9% (I can't remember the exact low %). Perhaps you should look into the facts not just repeat talking points.

Ha!!!! Yeah, that's like you saying that my mortgage company owns most of my debt and I put my pinky to my mouth and say, "Not true! I loaned myself a billion dollars!" Great comedy, but it truth a loan to yourself is meaningless.

Re:With [not-]Friends like these... (1)

fliptout (9217) | more than 2 years ago | (#39037955)

Tired of hearing this. What are the Chinese going to do, sell their US debt? Then they will put their money where? How much will Chinese currency suddenly appreciate?

Re:With [not-]Friends like these... (1)

DarkOx (621550) | more than 2 years ago | (#39038537)

Right if the debt held by China is an issue at all its a tiny one. The bigger problem is all the American business that have huge parts of their supply chain made of product sourced from China, or from subsidiaries and divisions in China.

20/20 hind sight and all but we should have slammed the door on China shortly after Nixon opened it. It was possibly a good opportunity to dump farm products and surplus industrial production like most of Africa and South American remain. The time to get out was the moment we spotted them developing their own industrial capacity, it should have been obvious their sheer numbers would make them formidable.

The myth of the Chinese "calling in" their debts. (5, Informative)

FatLittleMonkey (1341387) | more than 2 years ago | (#39038203)

Foreigners own less than 30% of US Treasury bonds. China owns 30% of those foreign owned bonds. About 8% of US bonds in total. The bonds are for a fixed term. They are paid in US dollars, at a fixed interest. And the US Treasury must register and approve all buyers.

China cannot "call in their debt" early. That's not how bonds work. The only way for them to do... anything... with the bonds is to dump them on the open market. However, that would crash the price, and the US could simply buy back the bonds at less than their face value, saving money in the long term. Since the interest rate paid on bonds is about a low as it can get, it means demand is high and so the US is not in any way dependent on China buying new debt. In fact, China seems to be gradually selling out of US Treasuries, and the interest hasn't gone up. If China tried to dump its bonds, the market would scoop them up.

Since each bond is individually registered with the US Treasury, and is paid by the US Treasury, if China somehow tried to... do something... somehow... to blackmail the US over its debt, the US government could selectively default on Chinese owned bonds. This wouldn't spook the bond market much because of the narrow targeted US response, and the obvious dickishness of the Chinese in bring it on themselves. (In fact, under such circumstances it would probably settle the markets.)

Put simply, you cannot fuck with another country by buying their debt in a form they have absolute control over.

Anyone who says you can is lying to you in order to sell you something.

Re:The myth of the Chinese "calling in" their debt (1)

Tanktalus (794810) | more than 2 years ago | (#39038655)

Hmm - I've seen a lot of numbers thrown around here about how much US debt China "owns", which tells me mostly that no one really knows, and secondarily that all the numbers are probably wrong. Anyway, as a thought excersise, what would happen if China simply decided to "cash out"? Not all at once - dumping $1T worth of bonds on the open market would render them valueless. How about just not trading in US bonds anymore? As their bonds mature, take the cash, but do not buy anymore. That would decrease the demand quite significantly - if by enough, that may mean that the US simply cannot raise sufficient funds to continue to operate, or they'd be forced to increase the yield sufficiently to increase demand. Either one would be costly for the US government. Of course, China could "be nice" at that point and buy the higher-yield bonds so the US could continue its funding while locking in that costly mistake. And the US would thank them for it.

It's a pretty big "if". Perhaps just the threat of the "if" is sufficient a sabre for China's rattling.

Re:The myth of the Chinese "calling in" their debt (1)

tjb (226873) | more than 2 years ago | (#39038857)

That would decrease the demand quite significantly

China has been reducing their net treasury position for a couple of years and yet yields on a 10 year note have fallen to record lows (less than 2%). Besides, if international demand were to fall off completely, the Federal Reserve could simply purchase the bonds at whatever rate it wanted to.

There is really no mechanism to prevent the Federal reserve from buying every Treasury bond in existence, really. There are reasons that might not be good idea under normal circumstances (which is why it isn't done), but push comes to shove, the Fed is the buyer of last resort.

Re:The myth of the Chinese "calling in" their debt (1)

Rakarra (112805) | more than 2 years ago | (#39038989)

The only way for them to do... anything... with the bonds is to dump them on the open market. However, that would crash the price, and the US could simply buy back the bonds at less than their face value, saving money in the long term.

That would be a disaster. Far more than just China relies on the US Bond price not crashing. The fallout for such a thing would be amazing, just the tiniest slippage of the rating from one of the bond agencies through the markets into turmoil for a month.

Re:With [not-]Friends like these... (0)

Anonymous Coward | more than 2 years ago | (#39037731)

First world nations need to get tougher on the US. Curb their retarded foreign policy.

Re:With [not-]Friends like these... (-1, Flamebait)

digitig (1056110) | more than 2 years ago | (#39037777)

If they try then China will simply foreclose on the USA's debt.

Ok, the reality is more complicated than that, but China is in a very strong position and the West isn't.

Re:With [not-]Friends like these... (0)

Anonymous Coward | more than 2 years ago | (#39037779)

Yea, but they produce everything electronic America consumes.

You know what kind of shock americans would go into if they couldn't get the latest and greatest gadgets?

Dangerous game you're playing there.

Re:With [not-]Friends like these... (0)

Anonymous Coward | more than 2 years ago | (#39037855)

Well given that China is buying US bonds an keeping them afloat I don't think so. China is now the worlds banker and the US is its bitch. Go on... have a war with Iran and bankrupt your country good and proper.

Re:With [not-]Friends like these... (4, Insightful)

Anonymous Psychopath (18031) | more than 2 years ago | (#39037933)

The first thing the US (and other First World nations) should be doing is getting tougher on China instead of being any bit friendly to them in commerce.

The only evidence these guys were in China were the sources of the IP addresses they were using. They never went any further than doing a whois. So they know the hackers were using systems in China, but it's a very large assumption that's where the attacks actually originated.

Chinese hackers (2)

TiggertheMad (556308) | more than 2 years ago | (#39038245)

The only evidence these guys were in China were the sources of the IP addresses they were using. They never went any further than doing a whois. So they know the hackers were using systems in China, but it's a very large assumption that's where the attacks actually originated.

Yeah, I love all these stories about 'China' hacking everything under the sun. If I were a black hat interested in breaking into a computer, the very first thing I would do is compromise a server in china to work through so if my hack were discovered it would be written off as 'more Chinese hackers'. I believe this is referred to as a false flag operation in spy trade craft. I find it hard to believe that all these governments and corporations are constantly being attacked by nothing but Chinese hackers.

Re:With [not-]Friends like these... (4, Insightful)

Charliemopps (1157495) | more than 2 years ago | (#39037983)

You're making the same mistake that most people do in this situation. You're mis-reading "Chinese hackers" as "Chinese Government Hackers" which they may very well be... but all we really know is that a lot of hacking originates in the country with the largest population in the world. That shouldn't be a surprise to anyone. Not only that, but we don't even really know if it was coming from China. It could have been Americans operating out of compromised Chinese equipment. the truth is, we don't know a damned thing about it in truth. The article should just read "Hackers had access for over 10 years" and leave it at that. We have no proof, or even legitimate reason to suspect, they were Chinese.

Re:With [not-]Friends like these... (2, Funny)

LordLucless (582312) | more than 2 years ago | (#39037989)

When dragons belch and hippos flee
My thoughts, Ankh-Morpork, are of thee
Let others boast of martial dash
For we have boldly fought with cash
We own all your helmets, we own all your shoes.
We own all your generals - touch us and you'll lose.
Morporkia! Morporkia!
Morporkia owns the day!
We can rule you wholesale
Touch us and you'll pay.

We bankrupt all invaders,
We sell them souvenirs,
We ner ner ner ner ner ner by the ears,
Er ner ner ner ner ner ner ner ner ner,
Ner ner ner ner ner ner, ner ner ner ner ner,
Ner your gleaming swords, we mortgaged to the hilt.
Morporkia! Morporkia!
Ner ner ner ner ner ner ner ner ner ner ner ner ner ner ner ner
We can rule you wholesale
Credit where it's due."

Re:With [not-]Friends like these... (1)

ConceptJunkie (24823) | more than 2 years ago | (#39038353)

The second verse of every national anthem ends up being reduced to "ner ner ner ner ner..." because no one knows the words.

once again.... (0)

Anonymous Coward | more than 2 years ago | (#39037357)

Canadians are just too polite.

China not India? (1)

vlm (69642) | more than 2 years ago | (#39037387)

I thought Nortel was outsourcing everything to India, not China. I suppose this is an important story if you live in China or India, but pretty much "eh" for everyone else.

If a company is intentionally outsourcing everything, does it really matter fundamentally matter if their stuff gets "involuntarily outsourced" or diverted to yet another foreign country?

I can't feel any sympathy for Nortel at all. A traitor to their own country got screwed. boo hoo.

Re:China not India? (4, Interesting)

Dahamma (304068) | more than 2 years ago | (#39037687)

One tiny detail this summary neglected to mention is Nortel went bankrupt 3 years ago.

They had no interest in pursuing the investigation because there was pretty much no way it was going to make their assets look any *more* valuable to buyers...

Re:China not India? (0)

TubeSteak (669689) | more than 2 years ago | (#39037827)

They had no interest in pursuing the investigation because there was pretty much no way it was going to make their assets look any *more* valuable to buyers...

And this is why the Government has to regulate private businesses.
Otherwise, what do you get from suing a bankrupt company for selling you compromised goods?

CHICOMS! (0)

Anonymous Coward | more than 2 years ago | (#39037409)

Bill Clinton's BFFs!

Two points: (5, Insightful)

rickb928 (945187) | more than 2 years ago | (#39037449)

1) I no longer care what "Wall Street Journal reports [from behind a paywall]". Quoting largely unavailable sources is wasting my time.

2) Nortel wasn't so good at security in their products. Not much of a surprise.

Oh, and 3) discounting 'cyberwar' as a solution justifying a problem is a little like dismissing a accidental wound as not in and of itself fatal. You've been injured. Claiming it's 'not that bad' doesn't change the nature of the injury. China has been attacking the rest of the world for a while now. The evidence cannot be excused.

Re:Two points: (0)

Anonymous Coward | more than 2 years ago | (#39037767)

> China has been attacking the rest of the world for a while now. The evidence cannot be excused.

Dude, where are you?

Unless you are in Montenegro or smaller, everybody does that.

Do you think the US' and Russia's machinery for spionage were simply deactivated? If so, NSA and CIA were closed, right?

The Russian are probably smarter and really closed the KGB -- to reopen it with another name across the street/square...

You can even say the Chinese are again copying the West.

Re:Two points: (0)

Arrogant-Bastard (141720) | more than 2 years ago | (#39037943)

Your first point is an excellent one. However, I would modify it to read:

I no longer care what the Wall Street Journal reports.

Given that the WSJ is now the mouthpiece of that disgusting piece of filth Rupert Murdoch, and that it has abandoned any pretense of reason, logic and objectivity [forbes.com] there is no reason for any thinking person to read it. Ever. In fact, one can now begin making the inference that those who persist in reading it are suspect, as they lack the critical thinking faculties required to discern reality from fantasy, truth from lies, and argument from propaganda.

Re:Two points: (1)

ConceptJunkie (24823) | more than 2 years ago | (#39038397)

one can now begin making the inference that those who persist in reading it are suspect, as they lack the critical thinking faculties required to discern reality from fantasy, truth from lies, and argument from propaganda

So, you're saying that this brings the WSJ into parity with the rest of the main-stream media...

Wow. (0)

Anonymous Coward | more than 2 years ago | (#39037455)

Sure beating that 'OMG HACKERS' drum pretty hard lately...

It must be time for a new big anti something or other bill to move a bunch of money and power around..

Or an election year... Hey look it is!

analogy (5, Funny)

P-niiice (1703362) | more than 2 years ago | (#39037477)

Wife: Honey, I'm being raped Husband: Give it a minute, I want to check out his methods so we can prevent it in the future {two hours later} Husband: I think he has a penis

Re:analogy (1)

g0bshiTe (596213) | more than 2 years ago | (#39038017)

That's gold.

10 years! WOW! (1)

NetNinja (469346) | more than 2 years ago | (#39037523)

Where were all thier network security experts at?
Oh Yeah I forgot they bundle them all into the "jack of all trades" title and get paid 1/10 of what a network administrator gets paid.

Re:10 years! WOW! (4, Funny)

Anonymous Psychopath (18031) | more than 2 years ago | (#39037773)

Where were all thier network security experts at?

Cisco and Juniper, mostly.

Re:10 years! WOW! (0)

Anonymous Coward | more than 2 years ago | (#39037875)

Please mod up, still laughing.

Andddd... my captcha was "Screwed"

Re:10 years! WOW! (0)

Anonymous Coward | more than 2 years ago | (#39038271)

"Where were all the security experts?"
Well, the American ones were out looking for jobs, while the ones at the terminals and with the earphones on were cheaper-to-hire 'visa-workers' OK'd for import and hire per government programs "to make up for the shortage of American tech talent". You hire foxes to maintain the security of your henhouse, because they'll work cheap and you are surprised they open doors and windows and send data home?

link around the paywall (5, Informative)

akahige (622549) | more than 2 years ago | (#39037537)

Re:link around the paywall (5, Funny)

houghi (78078) | more than 2 years ago | (#39037723)

Link to full article around the paywall? Are you a Chinese hacker?

Oooh... (3, Insightful)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#39037555)

Now, I'm assuming that absolutely nothing whatsoever will come of the investigation into the hacking, as usually seems to be the case. However, the bit about Nortel knowing that they had been cracked good and hard and not telling buyers is the sort of thing that the SEC might take an interest in. Potentially(depending on the level of regulatory capture, of course...) a very strong, very personal interest in.

That could get rather uncomfortable for anybody involved in their asset sale. I'd imagine that some of the buyers are sniffing around for blood as we speak.

Unfettered access to every company with a PBX? (1)

Anonymous Coward | more than 2 years ago | (#39037569)

Didn't Nortel dominate the market for big corporate phone systems?

So wouldn't unfettered access to Nortel mean backdoors into telecom gear at pretty much every major organisation?

Re:Unfettered access to every company with a PBX? (0)

Anonymous Coward | more than 2 years ago | (#39038723)

Only if the hacker put backdoors into the source code and nobody over the course of those years ever noticed it.

Maybe but doubtful.

You can bet however that Avaya, Ciena, Genband, etc. will all be doing expensive and time-consuming audits of their source code now though.

"Shake the West awake" by Landscape (1)

G3ckoG33k (647276) | more than 2 years ago | (#39037601)

This story reminds me of the song "Shake the West awake" by Landscape from their album "From the album, "From The Tea-rooms Of Mars .... To The Hell-holes Of Uranus".

Video: http://www.youtube.com/watch?v=bDi1dskKZQw [youtube.com]

Fantastically, this was made in 1981, more than thirty years ago. Maybe Nortel (and others) should have listened to them.

Doing it to themselves... (1)

MaWeiTao (908546) | more than 2 years ago | (#39037623)

So we have one article suggesting that cyberwar is an exaggeration, and now we have another article which seems to demonstrate that it is indeed a problem. I suppose we could debate whether or not this constitutes cyberwarfare but clearly American businesses and the government are not taking these threats seriously enough.

My impression has always been that the Chinese, both on a corporate and governmental level, realize they're too dependent on the developed world. The fact is that the US has even offloaded a lot of it's R&D so they're really not much more than a middleman who own a bunch of brands. It's only a matter of time before they're another Japan or South Korea with their own independent brands. It looks like they're trying to accelerate the process. And Americans, in the desperate hunger for the quick and easy buck are willingly letting it happen.

Re:Doing it to themselves... (1)

FatLittleMonkey (1341387) | more than 2 years ago | (#39038413)

You've heard people respond to "Illegal downloading is stealing!" by pointing out that it's copyright violation, not "stealing"? People call it "stealing" to try to sell a solution more harmful than the problem.

In the same way, "Cyber-warfare" just means espionage, mostly corporate espionage, not "war". People call it "war" in order to sell a solution more harmful than the problem.

Anyone caught in China for hacking? (2)

white russian (773238) | more than 2 years ago | (#39037695)

According to TFA, the excuse used by the Chinese government amounts to "wasn't government sponsored, show us some proof".

Have there been any cases where a hack was actually traced to an individual in China? Has the Chinese government followed up in those instances to arrest and try the individuals? I would think that if someone in US were to hack into a Chinese company network they would be arrested and tried.

Amazing a company that dumb can stay in biz... (3, Funny)

jayveekay (735967) | more than 2 years ago | (#39037725)

Oh, wait. I see. That explains alot. :)

Re:Amazing a company that dumb can stay in biz... (1)

Delarth799 (1839672) | more than 2 years ago | (#39038051)

If you think what Nortel did was dumb, you should see what the people who bought what was left are doing

Business as usual? (1)

Anonymous Coward | more than 2 years ago | (#39037739)

I am suspicious of all the claims of Chinese hacking going on. I do not deny that the hack attempts originated in China. But it would seem to me that I can easily buy China based computer time/hosting, and then trigger a hack. All from the comfort of my desk which is physically located in North America. Add in a few dummy corporations and I could easily hide the "source" of the attacks (in theory). So, couldn't the hacks on Nortel, or any other big corporation, simply be a competitor making use of Chinese hosting services?

If that is possible, then why not the governments? Couldn't the government also gain a hosting account in China and then trigger attacks to support their agenda/propaganda?

Re:Business as usual? (0)

Anonymous Coward | more than 2 years ago | (#39037963)

Proxies don't hide your location forever.

Besides, there is the great firewall of China to contend with.

If China was not behind these attacks they would close the pathways that people would be using to control Chinese computers.

In continuing news... (-1)

Anonymous Coward | more than 2 years ago | (#39037747)

...the Chinese are still worthless human trash.

I wish... (2)

gVibe (997166) | more than 2 years ago | (#39037753)

I wish Chinese hackers would steal our democratic values and ideals.

Re:I wish... (0)

Anonymous Coward | more than 2 years ago | (#39037835)

Please tell me you are not an American.

Re:I wish... (1)

thelexx (237096) | more than 2 years ago | (#39038079)

Please tell me you aren't conflating the actions of a government with the desires of the governed.

Re:I wish... (2)

FatLittleMonkey (1341387) | more than 2 years ago | (#39038305)

Diebold?

Re:I wish... (1)

ConceptJunkie (24823) | more than 2 years ago | (#39038429)

Why bother when their government can buy them?

Shows that detection intrusion is critical (2)

gweihir (88907) | more than 2 years ago | (#39037775)

Preventing attackers from getting in it only the first line of defense. Detecting then once they are in, and having the logs that show what they did is critical for an adequate response. Unfortunately, as many recently published events show, this seems to be largely unknown or not done due to cost reasons. At the same time, most corporate systems are relatively easy to break in for high-competence attachers. Something needs to change here, and the only thing I can think of is personal criminal liability of those that fail to put reasonable security on their IT installations.

OH noo (0)

Anonymous Coward | more than 2 years ago | (#39038081)

You mean Chinese hacker has been download all the non working Nortel code and now that code is at H*wei ?

Chinese hackers == Chinese Govt? (1)

RJBeery (956252) | more than 2 years ago | (#39038083)

When I hear about Russian hackers, for example, I don't instantly conclude that the Russian Government was involved, but that isn't the general sense I get from people when discussing Chinese hackers...and please know that I'm not condoning or excusing this behavior, and I'm also not saying the Chinese Government is innocent here...just making that observation.

Re:Chinese hackers == Chinese Govt? (1)

Dutchmaan (442553) | more than 2 years ago | (#39038677)

It all depends on who is perceived to be in power. In Russia right now you have massive oligarchs, and 'hacking the west' seems more of an aim to cement their wealth and by, extension their power. The Chinese seem to be much more 'party' run, while the people in power undoubtedly have superior wealth to that of the common citizenry, they seem to be more interested in control and wealth is just a means to an end in that regard. The Chinese seem to have 'the ends justify the means' more engrained in their culture than most, IMHO. China wants power, everyone else seems to be out to make a buck for themselves.

More common then you think (1)

TheSkepticalOptimist (898384) | more than 2 years ago | (#39038431)

I worked for a company once that finally noticed anonymous access to an internal unprotected FTP site where the IP's were originating from China. Been going on for months.

Not sure what you can do when it doesn't really require a "hack" to gain access to corporate files. I don't work for them anymore BTW.

"Based in China.." (0)

Anonymous Coward | more than 2 years ago | (#39038499)

Chinese hackers seems to be the hot label these days. Without any arrests or confiscations, how do they know these hackers are actually Chinese? For starters, any intelligent hacker is not going to break into a system directly from their own machine. More than likely these hackers are using proxy servers to mask their true location. Given the rampant piracy in China, it's quite plausible that many desktop machines are unknowingly serving as proxy servers due to rootkits or what not being hidden in the pirated (and tampered) software.

So without creating any ignorant stereotypes based on false evidence, can't we just say "Hackers" until some sort of arrests are made and the nationality is known?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?