Michael Katsuya, Brian, Mcfadden discussed on Malicious Life
Follow years after. Michael katsuya visited nortel. An employee at the company's uk branch had very strange day at the office began when he visited live link service. His company used to store documents and other sensitive material. He was there merry to check up on who had accessed his fires recently. He certainly didn't expect to find that. The company's chief research officer. Brian mcfadden had loaded some of his files and the rather odd selection of them to this employee had no particular relationship with mcfadden who worked across the ocean in ottawa. So he sent an email offering to answer any questions. Mcfadden might have had about all of that. Material mcfadden replied. He had no idea what this was in reference to and did not recall downloading any such documents. It was cinly fishy so the employees summoned some guys from the security team to take a look when the security team dug into his live link data. The logs suggested that this incident was just the tip of an iceberg from bloomberg quote. Hackers had stolen. Brian mcfadden's password and those of six others from nortel's prized optical unit in which the company had invested billions of dollars using a script. The intruders swept up entire categories from nortel systems product development research and development design documents and minutes and more and quote the quote unquote more in that sentence refers to everything from emails to sales data business plans and even nortel's highly secretive source code. Sometimes the seven. Zombie accounts would download massive trues of documents. All at once. Brian shields one of the experts who analyzed the data recalled quote. There were taking the whole contents of a folder. It was like a vacuum cleaner reproach and quote in one case for example it was eight forty eight in the morning on saturday. And the ceo of the company frank dunn had sent seven hundred seventy nine seemingly random files to ip addresses. That clearly did not belong to nortel. Computers interestingly done was fired four days after that leak occurred on april twenty eighth. the former wasn't the result of the latter. He was already going to be fired for some shady accounting and the executive board. That fired him wasn't yet aware of this leak. Was it just a coincidence that these two events occurred so close together. Maybe but consider this a great time to st. Lots of sensitive data is right before that. Ceo gets fired when they're distracted and won't have much time to notice or fix. What's happened did the hackers use this reasoning to time out there tack. Did they have such good insight into nortel's day-to-day operations that they knew when the head of the company would be fired before he did the ip addresses. Dunn's count sent those seven hundred seventy nine fis do where one quote shanghai faction coporation a closer look into shanghai faction revealed that not only did they have no business with nortel but the weren't even a real business just a shell company a shell company concealing something much more serious from the globe and mail quote the were clustered into a tiny pinprick of cyberspace stunned because it looked like a room filled with web service. Whoever was behind these hackers shield believed seemed to control charleena's internet and quote shields reflected. On the moment he realized what he was up against quote. It hit me like a ton of bricks and quote but there was one more discovery that perhaps trumped all the others. Something that would have shocked. Anyone beside michel juneau katsuya that according to the server logs the breach had actually begun years ago in the time since the iraq war began since the invention of camera phones and the sims and r. Kelly's ignition hackers had apparently maintained persistent access to the highest levels of nortel's internal networks. Either nobody noticed or nobody did anything about it. Brian shields like michael sweeter for years prior when to his bosses with the kind of news he expected would knock their socks off but if they're socks were even little knocked off. It didn't show. The company decided to change the passwords for the seven compromised high level accounts and that was about it of course. The attackers had already stalled back. Doors onto company machines so changing passwords.