An eight -year hacking operation has been uncovered at telecoms firm Nortel, prompting experts to again question whether enterprises are prepared to handle targeted security breaches.
The Wall Street Journal cited a Nortel investigator in reporting that the company was breached without its knowledge for years and that accounts up to the chief executive level were compromised in the operation.
While the origins of the attack and its organisers are not known, investigators traced the attacks to systems located in China. State-sponsored organisations within the country have been implicated in past attacks on businesses, including the Operation Aurora and Shady RAT attacks.
As with those breaches, the Nortel operation is causing many in the corporate security field to question just how prepared enterprises are to handle advanced persistent threat (APT) attacks.
Solera Networks director of threat research Andrew Brandt noted that such attacks can draw on for years, as was apparently the case with Nortel, if administrators are unable to investigate and recognise the signs of a breach.
"With any breach, the potential for grave damage grows increasingly likely the longer an attacker maintains access to a supposedly secured network," Brandt said.
"The persistence of these so-called 'advanced persistent threats" causes more damage in the long term, than how 'advanced' the Trojan is, especially when you have eight years to explore an organisation’s most confidential corporate information."
Brandt recommended that companies make better use of two-factor authentication, including biometric tools, for managing data access.
"Wider adoption of biometrics would permit a greater number of people to use the biometrics software as a password manager, allow the software to create and manage the massive, random passwords, so all they need to remember is to bring their fingers, eyes, or face to work," he said.
"That kind of stuff is here now, and it works."