Did Huawei bring down Nortel? Corporate espionage, theft, and the parallel rise and fall of two telecom giants
Jonathan Calof was on a tour of Huawei Technologies’ Shenzen, China campus not long ago when he unexpectedly came across some familiar faces.
On a wall of fame for stars of the Chinese company were several former employees of Nortel, the Canadian telecommunications giant that suffered a spectacular collapse a decade ago.
“These are (now) Huawei employees associated with great technological accomplishments … and I recognized so many of them,” said Calof, a University of Ottawa business professor who was visiting the site with MBA students. “At one level you’re proud to be a Canadian, at the same time you’re upset to be a Canadian.”
Huawei: The Dragon that Caught Nortel off Guard
Recently, the topic of foreign investment and interference in Canada’s technological and telecommunication infrastructure has been the subject of wide debate. At its core, the debate has been centred on the benefits of lower cost 5G infrastructure manufactured by Chinese technology giant Huawei, versus the possible increased threats of cyber surveillance and espionage. These concerns are fuelled by the close relationship between Huawei and the Chinese government, and widespread claims of intellectual property theft by Chinese corporations and government.These claims have been well documented by governments and corporations around the world including the United States Department of Defence.
Connected to this fear of intellectual property theft is the concern that Chinese 5G technology increases the threat to North American security and military infrastructure, a topic that has been explored by Avneet Darred in relation to Canada’s continued relationship with the Five Eyes intelligence infrastructure. Likewise, the idea of a hostile state being able to access critical infrastructure is a topic that NATO and other institutions will have to grapple with in the near future. The economic threat of corporate intellectual property theft is just as real, costing the Canadian economy billions of dollars annually. The most prominent example of this is the former Canadian telecom heavyweight Nortel.
The Real Nortel Story
Most people believe that the failure of Nortel can largely be explained by poor management. In actual fact, a major factor in its demise was the theft of its intellectual property by Chinese hackers.
Up until the eventual bankruptcy of the company in 2009, Nortel was at the forefront of the North American telecom sector. However, at the time it was not known that in the year 2000, Chinese state sponsored hackers infiltrated the company’s networks and gained unlimited access to their data and patents. Subsequently it was found that the hackers were able to access the network by stealing a number of Executive usernames and passwords, including those of the Chief Executive Officer (CEO). Using these credentials, the hackers were able to access proprietary information such as business plans and patent information. Moreover, the hackers were able to plant spyware which allowed the hackers continued access to the network for almost a decade.
The problems surrounding the Nortel hack were exacerbated by the company’s limited appreciation for IT security and the severity of the threat. This is obviously quite ironic for a leader in building the internet. For example, an internal report found that the practice of changing executive passwords did little to counter the efforts of the hacker. When company executives were presented with evidence of unusual cyber activity consistent with a continued breach, they decided not to enhance the cyber security, allowing the problem to be perpetuated.This allowed the hackers unlimited access to research and design (R&D) and business strategies the company sought to employ over an extended period of time. Ultimately, it was found that malware was using executive accounts to transmit data to Beijing, but it was too late.
Huawei: Friend or Foe
…Many people including Brian Shields, the cyber security expert who eventually found the deeply embedded malware in the Nortel systems, believe that Huawei was directly involved in the cyber espionage. Other news outlets including Forbes have noted that the growth of Huawei in the early to late 2000s coincides with the hack and that there appears to be little evidence of Huawei making the investments required to achieve that kind of growth and development.
In a 2019 Globe and Mail article, Huawei founder, Ren Zhengfei, denied his company’s involvement in the Nortel breach and revealed that Huawei had sought to buy Nortel. The deal between Nortel and Huawei eventually fell through, but Huawei continued to benefit from Nortel’s failure. They recruited many of Nortel’s employees including data scientists who were at the top of the field at the time. Some of these employees have been fundamental in the creation and deployment of new technologies including the new 5G networks.
In the end, it is likely that no one will ever completely prove the involvement of the Chinese state in the Nortel breach, or determine if Huawei was truly involved.
January 24, 2019
Cyberwar Flashback: Remembering the Huawei Hacks of Cisco and Nortel
by Jim Lundy
Huawei is under fire and has been accused by many of being a spy for its home country of China. This week, Huawei increased its PR game by claiming that no one can prove that it is spying for China. However, it does have a long history of spying for its own profit.
This blog recalls the hacks of Cisco and Nortel by Huawei.
Australia Has Secret Report Claiming Huawei Helped China Spy
Since the arrest of Huawei CFO Meng Wanzhou, the daughter of Huawei Founder and Chairman Ren Zhengfei, Huawei has gone on a PR offensive. However, even before her arrest, there were already reports in Australia that claim Huawei did help China spy on others by providing usernames and passwords to Huawei accounts.
If this is true, and it appears that it is, these allegations are the basis for many of the bans that are occurring worldwide on Huawei products and services. However, given the PR surge from Huawei, we thought we should remind everyone of the great historical hacks that Huawei has been involved with.
The Hack of Nortel by Huawei
Nortel was once one of the dominant telecom providers globally, but in early 2004, Huawei was caught stealing trade secrets from Nortel. This was proven by Nortel security expert Brian Shields. However, Nortel management had a hand in their own eventual downfall when it outsourced manufacturing to Huawei in the ’90s.
In the hack, Huawei gained credentials of Nortel executives, including CEO Frank Dunn and Brian McFadden. It then simply stole documents that contained the future product and marketing plans of Nortel.
The hack went even further than usernames and passwords. It has never been proven, but U.S. sources discovered that it was most likely Huawei that used sophisticated malware to record nearly every phone call that Frank Dunn made. After all of this, Huawei grew and Nortel faded, eventually going bankrupt.
The Hack of Cisco by Huawei
Cisco got out in front of the hack by Huawei and sued Huawei in U.S. court in 2003. It was over theft of designs and the actual software code. Huawei then did admit to using a few lines of code, but Cisco claimed it copied the entire design. In 2004, the suit was settled out of court, with no admission of guilt.
Jump ahead to 2012. Huawei claimed it never did anything wrong, to which Cisco quickly responded with a powerful blog that released details from the confidential settlement. Here is one snippet of what Cisco said (courtesy of Cisco):
From a section entitled Comments and White Space: “The exactness of the comments and spacing not only indicate that Huawei has access to the Cisco code but that the Cisco code was electronically copied and inserted into [Huawei’s] [CODE NAME REDACTED].”
Conclusion: Huawei Grew by Hacking Others
There are many other firms we could mention that were hacked by Huawei, including Motorola. There is absolutely no doubt that Huawei is a professional hacking organization that steals IP of competitors.
Canada’s Long Memory
So, should anyone be surprised that the Canadian government arrested the Huawei CFO? Remember, Nortel was based in Ottawa, the Canadian capital. You could say that perhaps it was more than happy to assist the U.S. with the arrest.
January 16, 2020
Cyberwar Flashback Part II: China and Huawei Behind Hacks of Apple, Google, and India
by Jim Lundy
A pattern has clearly emerged in the cyberwars of the last 20 years that involve the country of China and one of its growing telecom firms, Huawei. In part I of our cyberwar blog on this topic, we looked at the great hacks of Nortel, which is not defunct, and Cisco. Those hacks are barely remembered because they happened so long ago.
In this blog, we’ll examine other significant hacks over the last ten years. These include the recent hack of Apple and the older hacks of Google, the country of India, and Motorola.
Chinese Nationals Hack Apple’s Autonomous Car Project
In 2018 and 2019, two Chinese nationals were caught with loads of photos about Apple’s autonomous car project. Xiaolang Zhang was arrested in 2018 after he tried to flee the country with Apple trade secrets and is now facing trial in Federal Court.
In January 2019, another Chinese national, Jizhong Chen, was also caught trying to flee the country with sensitive Apple trade secrets on the Autonomous Car project. In his possession they also found classified plans for the U.S. Patriot Missile. Chen was arrested one day before he was due to fly to China.
China Hacks Google
In 2010, I wrote about the hack of Google by the Elderwood Group based in China (see below). These hackers used Advanced Persistent Threat (APT) techniques to gain access to Google’s system which had all the information about Google employees. Google’s statement at the time was: “a highly sophisticated and targeted attack on our corporate infrastructure originating from China [that] resulted in the theft of intellectual property from Google.”
The attack was carried out by the Elderwood Group, which has ties to the People Liberation Army of China. Since 2010, Google pulled out of China and has made security one of its top initiatives since it was hacked.
India Hacked by Huawei and China (APT30)
In both 2009 and again in 2014, Huawei was accused of hacking a state-owned telecom firm Bharat Sanchar Nigam Ltd., also known as BSNL. Nothing really came of this—other than complaints by the Indian Government. However, now Huawei is promising that if it is allowed to do business in India, it will have a “no backdoor” policy, which seems to confirm that it did hack before.
However, what Huawei did pales in comparison to the role of the group called APT30 and the siege of India and other countries in Southeast Asia (including Malaysia, South Korea, Vietnam, Saudi Arabia, and Thailand) and North America (the U.S.).
China Continues to Hack Motorola
Motorola was hacked by a Chinese national in 2009 and at the time it was a famous case. However, a bigger case is now going on involving Hytera Communications, which is accused of stealing over 7,000 pages of information and copying Motorola digital radio products. Motorola didn’t discover the theft until 2016.