(Translated from the original Italian)
By now the news of successful attacks perpetrated against private companies are no longer surprising,except for the disclosure of inefficiencies in the implemented security policies.
The Wall Street Journal has reported the news that the telecom company Nortel Networks has been repeatedly exploited by Chinese hackers for a long time - almost a decade.
Cyber threats are real and can lead to catastrophic consequences. An intense espionage operation conducted for years has effectively exposed all company business to competitors and hostile governments like China.
Former Nortel employee Brian Shields conducted internal investigation regarding possible security breaches and attacks designed to steal sensitive information belonging to the company.
Shields declared that the hackers stole passwords from the company's top executives, the CEO included, and thus have long had access to the entire Nortel network and related data, such as Information related to the private industry in around the world.
Emerging technologies and business strategies have always been targeted by groups of hackers who are often hired by governments, as in the case of China.
The main problem is that the breach was conducted during an entire decade, with obvious consequences. The damage is incalculable if we consider the enormous amount of information stolen through the use of spyware and viruses. Emails containing information on technological solutions, business reports, and other sensitive documents were stolen for years, seriously compromising the intellectual property of the company.
Shields, who has worked at Nortel for 19 years, declared that in the last decade on several occasions suspicious activities have been detected related to external attacks.
For example, the company detected an intrusion in 2004 when several PCs were found to be sending sensitive data to an IP address based in China.
There is no direct evidence of involvement by the Chinese government, however China is not new to these kinds of operations, and modern history has demonstrated it, - cyberspace has no borders.
Responsibility for the intrusions by the company is readily evident, and having underestimated the threat ended up compromising the company's very existence. Remember, Nortel had filed for bankruptcy in 2009.
The event is truly alarming - a nightmare - but at the same time serves asa warning to every other company.
Consider that the hacking of private corporate networks is often a shortcut to access information of governments that contract them, so the risk faced by private industry is huge and at stake is the balance of the global economy - and how many "Nortels" are out there?
We are all potentially at risk and underestimating the threat is a serious mistake. The security landscape of cyberspace requires careful management by every company.
Wake up before it's too late!
Cross-posted from Security Affairs