Nortel Chinese Hack Is A Wake-Up Call To Telecoms Security

Hacker

Hackers – probably from China – have been quietly spying on Nortel’s platforms for almost a decade, if an article in the Wall Street Journal is to be believed.

And here’s the bad news: the hackers reportedly have had access to pretty much everything on Nortel’s servers – including business plans, reports, emails and other documents – after they cyberheisted senior management user credentials and then installed monitoring spyware once they were in to the systems concerned.

The big question that Nortel’s many clients will now be asking is: how did this go on for so long? – and how does this affect them? The answer to the former question will probably never be known, but the latter question depends on the level of security defences that the clients have on their telecoms systems.

The situation is made more complex by the fact that, when Nortel filed for bankruptcy some three years ago, its telecoms kit was – and still is – widely used. In addition, many of its assets were sold on to other communications vendors, including Avaya and Ericsson, to mention but a few.

What this does show is that yet again we have another clue that Chinese companies are stealing and using intellectual property to dominate the market and eventually target foreign organisations. It’s also interesting to note that one Telecom industry veteran tweeted on the Internet that around 2004, it was clear to many that Huawei was copying Nortel’s telecom hardware, even its instruction manuals.

Quite how these other vendors will react – or their clients – remains to be seen, but there is clearly a requirement for users of telecoms systems to review their security arrangements, assuming they have not already done so.

The problem facing users of affected systems is that their existing IT security platform probably does not fully extend to cover their telecoms hardware and software. Coupled with the fact that a growing number of companies are now using Internet telephony systems,  the overlap between Internet-facing systems and telecoms systems needs to be addressed.

The good news is that there are a wealth of open source utilities available – and which can be cost-effectively deployed to defend a firm’s IT and telecoms systems, without breaking the bank. These utilities include a collection of tools designed to aid network administrators in computer security, intrusion detection and prevention. The idea  is to provide a comprehensive collection of tools to give an administrator a view of all the security-related aspects of their system.

All this information can be filtered by networks or sensors in order to provide just the level of information needed by specific users, so allowing for a fine grained multi-user security environment. Using this approach allows IT admins to ensure the highest levels of security for their telecoms kit, as well as increase security levels on their IT systems.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Ask anyone about Jaime Blasco and they'll say he's the man you want on your side when it comes to a hack – the Sherlock Holmes of the Internet. At AlienVault Jaime manages the Lab and runs the Vulnerability Research Team. Prior to working in the AlienVault lab he founded a couple of startups (Eazel, Aitsec) working on Web application security, source code analysis and incident response. His background stems from a number of years working in vulnerability management, malware analysis and security researching. When he's not hunting down the bad guys, and alerting the good ones, he's a guest speaker or lecturer at hacking conferences such as Rooted Con, OWASP. Recently he ran a Cyber Warfare conference for the Head of Defence in Spain demonstrating attacks in real time and showing how to defend against them. He's also a regular contributor to Hakin9 and InSecure magazine. Jaime also advises government on emerging threats.