HW #4

The article I read was entitled “Nortel hacked for years but failed to protect itself” written by Lance Whitney. The article was on CNET News, and talked about Nortel Systems and how their computer system had been hacked over 10 years ago, and the company failed to try to do anything about it. This hacking included a decade-long campaign of stealing technical papers, R&D reports, employee e-mails, and other sensitive documents from the company. The hacking was traced to a hacking site in China; the hackers hacked into the network by obtaining only seven passwords from top execs at Nortel back in 2000. The hackers controlled the company’s personal computers and managed to put spyware onto them. Nortel eventually recovered the hacked passwords in 2004 but failed to really do anything about them. This eventually led multiple layoffs in the company and to the bankruptcy of Nortel in 2009.  Brian Shields, the former security advisor at Nortel was fired as well. When former CEO Mike Zafirovski was asked why Nortel did not act upon these events he answered, “People who looked at the hacking did not believe it was a real issue."

Apparently it became a real issue due to the fact that the company declared bankruptcy in 2009. I think that the company should have handled this situation with a lot more concern when they were originally hacked in 2000 and recovered the passwords in 2004. Since Brian Shields was not too worried about it the company has failed because of his mistake. I cannot see how this was overlooked when it originally happened. If a company’s passwords get hacked I would think that this would be a major concern and it would be one of the main concerns to be fixed.