[ISN] 8 Lessons From Nortel's 10-Year Security Breach

http://www.informationweek.com/news/security/attacks/232601092

By Mathew J. Schwartz
InformationWeek
February 17, 2012

It is every corporate security manager's worst nightmare.

News surfaced this week that Nortel's network was hacked in 2000, after
which attackers enjoyed access to the telecommunications and networking
company's secrets for 10 years.

The intrusions reportedly began after attackers used passwords stolen
from the company's CEO, as well as six other senior executives, together
with spyware. By 2004, a Nortel employee did detect unusual download
patterns associated with senior executives' accounts, and changed
related passwords. The security team also began watching for signs of
suspicious activity, but apparently stopped doing so after a few months.
The full extent of the breach wasn't discovered until 2010, by which
time hackers had been accessing Nortel secrets--from technical papers
and business plans, to research reports and employees' emails--for
nearly a decade.

"This is a clear case of a total failure of an information security
program and should be a wakeup call for other corporations," said Chris
Mark, principal of the Mark Consulting Group, on the Global Security &
Risk Management blog.

What should Nortel have done differently, and what can information
security professionals learn from this example?

[...]

______________________________________________________________________________
Learn how to be a Pen Tester or a CISSP with Expanding Security online. Get
a free class invitation and see how good and fun the program really is.
http://www.expandingsecurity.com/PainPill

• This message: [ Message body ]
• Next message: InfoSec News: "[ISN] Nuclear Plant Safety Report on USB Stick Lost By Official"
• Previous message: InfoSec News: "[ISN] Air Force Special Operations Command eyes Russian security software for iPads"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]