The Canadian telecoms company Nortel Networks was reportedly hit by hackers for nearly ten years.
According to a report by the Wall Street Journal, hackers enjoyed widespread access to the corporate computer network of Nortel Networks for nearly a decade.
It claimed that using seven passwords stolen from top Nortel executives, including the chief executive, the hackers penetrated Nortel's computers to at least the year 2000 and stole technical papers, research and development reports, business plans, employee emails and other documents.
Brian Shields, a former employee who spent 19 years at the firm, which filed for bankruptcy in 2009, said the hackers hid spying software so deeply on employee computers that it took the company years to figure out the extent of the problem.
“They had access to everything. They had plenty of time. All they had to do was figure out what they wanted,” he said.
A San Francisco Chronicle story from January revealed that the City College of San Francisco had been infested with viruses since 1999, with poor network design, old equipment, a "Draconian system" for agreeing new policies and little money available for new, virus-resistant technology blamed by the college CTO.
McAfee's Shady RAT report from last summer revealed details of prolonged infections that affected "every company in every conceivable industry with significant size and valuable intellectual property and trade secrets".
James Todd, European technical lead at FireEye, told SC Magazine that this demonstrates how porous sites can be and said that vendors have a responsibility to talk to customers about what is going on.
He said: “The number-one thing that CISOs say to us is that they need to know what is happening with their network, so they need visibility. We realise that we need to do education and work on the language used. After all, what is malware? It is a very general term – how does it get in and propagate?
“The length of this threat shows that no one was looking at it.”