In the early 1980s, China set out on a path to modernize its infrastructure, including its telecommunication networks. Huawei Technologies Co. Ltd. and ZTE Corp. came into being to support the network modernization endeavor. However, as telecommunications and networking technologies evolved, China found that its local technology providers did not have the know-how to build modern equipment independently. It appears that the Chinese government resorted to using its military to steal intellectual property from foreign corporations. The Chinese military subsequently provided the stolen intellectual to local companies. One example was Nortel Network's intellectual property theft to aid Huawei's product and business development.
China's sixth five-year plan (1981-1985) initiated China's focus on telecom and networking [1]. This plan required Chinese bureaucrats to "gather the capital necessary to strengthen the construction of key projects ... in communications..." Subsequently, the seventh plan (1986-1990) asked the bureaucrats to "speed up the construction of ... communications, telecommunications, ... industries" [1]. Huawei got its start in this environment of catching up with the developed countries on communications and networking technologies [2].
In the 1990s, Telecommunications and networking were undergoing multiple changes. First, Transmission Control Protocol / Intenet Protocol (TCP/IP) based data networks replaced portions of the voice network. Second, fiber-based physical connections were replacing copper-wire-based links. Third, cell phones were becoming viable for ordinary businesses and individuals.
Several commercial telecom equipment manufacturers, including Cisco Systems, Nortel Networks, Lucent Technologies, Alcatel S.A., Ericcson, and Nokia Corp., participated in the industry segment. Most of these companies had spent years or decades incrementally developing their technology stack. Some, such as Cisco, were known for their data switching and routing equipment. Others such as Nortel and Lucent were known for their voice, wireless and optical technologies.
Nortel in the 1990s was a powerhouse telecom and networking equipment vendor [3]. It was a prominent supplier of voice products, including Private Branch eXchange (PBX). Nortel was also the dominant supplier of high-speed optical networks and a global leader in wireless technology. Finally, through the acquisition of Bay Networks, Nortel also had a portfolio of data networking products.
In North America, Nortel competed intensely with both Lucent and Cisco.
China's infiltration of Nortel started in the 1990s and lasted until 2009, when Nortel filed for bankruptcy protection. During this time, China employed both traditional and cyber espionage techniques to steal information from Nortel. The sophistication of the long-running infiltration points to the Chinese military as the source of the attack.
Data exfiltration from Nortel to network addresses in China happened as early as the late 1990s. While the Canadian security intelligence service notified Nortel of the exfiltration, Nortel did not seem to take any action - Nortel's management seemed preoccupied with obtaining new business deals in China [4].
In 2004, Nortel security staff discovered that the corporate accounts of seven executives, including the CEO, had been compromised by China. China used the compromised accounts to access and steal intellectual property (technical research) and trade secrets (business information) from Nortel [5], [6].
In some cases, Nortel's security staff founds root-kits, a type of malware, on its executives' laptops that could not be erased even if the computer was re-imaged with a fresh copy of the operating system [7]. In other cases, the security staff found evidence of backdoors on Nortel's servers that allowed Chinese hackers to maintain access to Nortel's systems across long periods [6], [8], [9].
China placed listening devices inside Nortel buildings to augment the intelligence they could gather through their cyber attacks. The presence of these listening devices only became known after some of Nortel's buildings were repurposed for use by the Canadian government - the government swept the buildings for surveillance equipment [8].
A Chinese front company purchased Nortel equipment for the purposes of resale in China. Subsequently, the company returned equipment to Nortel. An examination of the returned equipment revealed that the equipment had been disassembled and then partially re-assembled [8]. Likely, the purchase was part of a reverse-engineering effort conducted by Huawei. Such reverse-engineering is usually prohibited by resale agreements between vendors and their resellers.
A Huawei employee was caught taking photographs of Nortel (and other vendors') equipment during a trade show in 2004. This employee entered the trade show area, where vendors housed equipment for the exhibition. The employee dismantled some of the equipment to access the components inside [8].
China appears to have had a program to place human sources inside Nortel as employees. While public documents clearly documenting China's human intelligence program are not available, Canadian intelligence sources allege that Chinese researchers employed by Nortel were passing Nortel intellectual property back to China [8]. Using legitimate researchers as spies is similar to China's infiltration of U.S., Canadian and Australian universities.
Starting around March 2000, when the Internet bubble burst and until 2009 when it filed for bankruptcy, Nortel repeatedly faltered. China's infiltration of Nortel is unlikely to be the sole cause of Nortel's downfall - Nortel is known to have problems in its management ranks [10], [11]. The Internet euphoria of 1999 and subsequent retrenching in the telecom and networking sector did not help. Neither did the worldwide financial crisis of 2008. However, the loss of business deals and employees - attributable to China - likely played some role in Nortel's demise.
In 2005, Huawei undercut Nortel (and other vendors) for a fiber optics network equipment deal at British Telecom (B.T.) [6]. Similarly, in 2008 Huawei undercut Nortel for a 3G wireless equipment deal in Canada (with Telus Corp. and BCE Inc.) [6]. In both cases, Huawei's offer was significantly cheaper than Nortel's (in one case by up to 40%). Given China's extensive infiltration of Nortel, it stands to reason that the Chinese government had passed on the specifics of Nortel's bids for the projects to Huawei.
One may wonder about the extent of the price under-cutting by Huawei - i.e., did Huawei really need to be 40% cheaper than Nortel and other vendors. In 2005 - 2008, Huawei was still attempting to establish its credentials as a major telecom and equipment vendor. It likely priced low (perhaps at the cost of the equipment) to notch its first few wins at well-known telecom providers. Further, Huawei may not have had the same level of business intelligence from the Chinese military on vendors other than Nortel - i.e., the Chinese military may not have (yet) penetrated other vendors bidding on the same equipment contracts as Huawei. Thus, to win the deal, Huawei may have wanted ensure that no other vendor similar to Nortel that had developed its intellectual property in-house (and therefore had higher cost equipment), could underbid Huawei.
Around 2009, as Nortel plunged deeper into crisis, Huawei hired away some of Nortel's most prominent researchers in Ottawa. Subsequently, in 2010, Huawei opened its own research center in Ottawa. Now, Huawei had not just the stolen intellectual property, but also some of the people who originally created that intellectual property [8].
[1]: Five-year plans of China. Wikipedia. (Retrieved) September 1, 2021.
[2]: Huawei. Acquired Podcast: Season 5, Episode 1. July 22, 2019.
[3]: Nortel. Douglas Hunter. The Canadian Encylopedia. January 5, 2018.
[4]: Did a Chinese Hack Kill Canada's Greatest Tech Company? Natalie Pearson. Bloomberg Businessweek. July 1, 2020.
[5]: Nortel collapse linked to Chinese hackers. CBC News. February 16. 2012.
[6]: Inside the Chinese military attack on Nortel. Sam Cooper. Global News. August 25, 2020.
[7]: China's Unrestricted Cyberwarfare Part 2. Malicious Life Podcast. June 1, 2021.
[8] China's Unrestricted Cyberwarfare Part 3. Malicious Life Podcast. June 15, 2021.
[9]: Nortel hacking attack went unnoticed for almost 10 years. Ryan Naraine. ZDNET. February 14, 2012.
[10]: Nortel hacked to pieces. James Berkow. Financial Post. February 25, 2012.
[11]: An Overview of the Demise of Nortel Networks and Key Lessons Learned: Systemic effects in environment, resilience and black-cloud formation. The University of Ottawa. 2014.
Copyright © 2021 r-dube. All Rights Reserved Worldwide.