Exclusive: Did Huawei bring down Nortel? Corporate
espionage, theft, and the parallel rise and fall of two
telecom giants
nationalpost.com/news/exclusive-did-huawei-bring-down-nortel-corporate-espionage-theft-and-the-parallel-rise-andfall-of-two-telecom-giants
As Canada decides on whether to allow Huawei a role in the coming 5G wireless networks,
one part of the story is vexing Nortel’s many fans
Author of the article:
Tom Blackwell
Publishing date:
Feb 20, 2020 • February 24, 2020 • 13 minute read •
209 Comments
Jonathan Calof was on a tour of Huawei Technologies’ Shenzhen, China campus not long ago
when he unexpectedly came across some familiar faces.
On a wall of fame for stars of the Chinese company were several former employees of Nortel,
the Canadian telecommunications giant that suffered a spectacular collapse a decade ago.
“These are (now) Huawei employees associated with great technological accomplishments …
and I recognized so many of them,” said Calof, a University of Ottawa business professor
who was visiting the site with MBA students. “At one level you’re proud to be a Canadian, at
the same time you’re upset to be a Canadian.”
The ex-Nortel engineers’ place of honour in Shenzhen underscores how the two companies’
fortunes unfurled for years in striking parallel, and yet with starkly different outcomes.
They produced similar equipment, competed for the same contracts and tried to negotiate
joint ventures. As one grew into a Goliath, the other crumbled to pieces. In Nortel’s waning
days, Huawei reportedly backed a bid to keep it alive, only to ultimately walk away. And then
snap up many of the bankrupt firm’s most-skilled staff.
As Canada nears its long-awaited decision on whether to allow Huawei a role in the coming
5G wireless networks, one part of the story particularly vexes the late-lamented Nortel’s
many fans.
For at least 10 years, it was revealed in 2012, the company was invaded by hackers based in
China who stole hundreds of sensitive internal documents from under the noses of its top
executives.
1/8
Before that, the Canadian Security Intelligence Service (CSIS) warned Nortel of Beijing-led
human spies in its midst. Later reports suggested that actual listening devices had been
planted in Nortel’s Ottawa research and development complex, now Canada’s National
Defence headquarters.
And never previously reported are allegations by former Nortel security personnel that a
customer tied to Huawei returned a piece of equipment that had been pulled apart and
“reverse engineered” to divine its secrets.
Huawei strenuously denies that it played any part in the hacking or other alleged espionage,
or that it benefited from such industrial spying.
But on social media, and among some cyber-security experts and ex-Nortel staff, suspicions
live on that Nortel died at least in part because its intellectual property was plundered, as an
upstart Chinese rival soared past it in the telecom industry.
Such views will not be disabused by a new indictment that U.S. prosecutors filed last week. It
accuses Huawei of using various methods to steal other companies’ intellectual property for
decades.
“What people need to hear is that economic espionage caused Nortel’s failure,” insists Brian
Shields, the security advisor who uncovered the massive hack. “So others better beware lest
they succumb to the same fate.”
That’s by no means a universally held view.
Nortel had in fact been in trouble for years, suffering huge losses when the dot.com bubble
burst, never recovering from that disaster and making widely criticized management
decisions during its final years.
In a major study into the reasons behind the company’s demise, Calof and colleagues at his
university’s Telfer School of Management did not even mention the hacking or other
espionage. Despite its stellar reputation for developing cutting-edge technology, customers
eventually just weren’t buying what it had to sell, he said.
“They lost sales not because of technology copying, not because of inferior technology, they
lost because the customers lost faith in them,” says Calof. “They did not believe that Nortel
would be alive in 10 years.”
Huawei itself says the allegations of espionage are unfounded, and that no government or
customer in Canada has ever accused it of wrongdoing. As part of what is now a $15-billion
annual research and development budget, it has spent $650 million on R&D over the last
decade in Canada, where it has 1,200 employees, notes company spokesman Alykhan Velshi.
2/8
“None of our products or technologies have been developed through the theft of trade
secrets,” said Velshi. “Huawei’s development is the result of our huge investment in R&D and
the hard work of our employees over the past three decades.”
Such words of praise were once commonly uttered about Nortel Networks.
Birthed by Bell Telephone, once known as Northern Electric and then Northern Telecom, it
led the way in developing digital telephone networks worldwide in the 1970s and 1980s. By
the turn of the last century, having expanded to provide a wide array of Internet-based
networking solutions, it boasted over 90,000 employees and a market capitalization that
accounted for a third of the worth of companies on the Toronto Stock Exchange.
Its technological prowess is still legendary. Though never put into production, Nortel
researchers in Ottawa even developed the Orbitor, a mobile phone with a user-interface
screen, nine years before the iPhone revolutionized the market with such a device.
Then, in 2000, the speculative Internet bubble that had so elevated Nortel suddenly burst.
The company’s stock plummeted overnight, decimating Canadian pension funds and
triggering thousands of Nortel layoffs.
The 2000s were generally rocky years for the company, marked early on by an accounting
scandal that saw CEO Frank Dunn and two other executives charged with fraud — though
later acquitted — followed by a desperate struggle for survival.
For Huawei, the decade couldn’t have been more different.
If the telecom industry and Nortel itself can be traced 146 years back to Alexander Graham
Bell’s family farm outside Brantford, Ont., Huawei is a relative baby. Founded by Ren
Zhengfei, a former People’s Liberation Army engineer, it began as a small producer of phone
switches in 1987, branching out into building telecommunications networks and making
mobile phones. Helped by relatively cut-rate prices, it soon began gobbling up market share.
By 2012, it had surpassed Ericsson as the world’s biggest supplier of telecommunications
equipment, and in 2018 became the second-largest smartphone producer.
Its rise became an inescapable reality for Nortel and others in 2005, when Huawei won a
small but significant part of British Telecom’s huge 21Century Network project, its first
breakthrough in the West. Nortel and British counterpart Marconi were frozen out; within a
few years both would be gone.
Battling to turn around the company, Nortel struck a tentative deal with its Chinese rival in
2006. The joint venture to develop “ultra” broadband networks was later quietly shelved, and
subsequent joint venture talks with Huawei also fizzled, then-CEO Mike Zafirovski later
revealed.
3/8
Nortel suffered another Huawei blow, on home turf no less. In 2008, the Chinese firm bested
it to win a major contract with Telus and Bell. In January, 2009, Nortel filed for bankruptcy
protection.
Even then, Huawei figured in its story. A group of former Nortel executives, convinced the
company could be turned around with better management, put together a buy-out bid. It
would be backed, the Ottawa Citizen reported, by Huawei acting as a minority shareholder.
The bid collapsed when Huawei’s board rejected the deal, the Citizen says.
Ren has offered a different version of events, telling the Globe and Mail last year he was
interested in buying Nortel, but that the plan died after the nearly insolvent Nortel said it
wanted a controlling share of Huawei.
Nortel’s financial troubles were well documented, but what didn’t become public until years
later was espionage traced back to China.
Michel Juneau-Katsuya was head of the CSIS Asia-Pacific desk in the late 1990s when the
service became aware of “spying activities the Chinese were conducting” against Nortel.
“What we knew from my point of view was about the agents, the people, human actors in and
around Nortel,” he said. “Definitely Nortel was targeted.”
When the intelligence agency warned the company, it all but ignored CSIS. This led JuneauKatsuya to a startling conclusion:
“To this day, I believe there might have been one or more agents of influence controlled by
the Chinese in [Nortel] which succeeded in neutralizing our warning.”
A little later, around 2000, U.S.-based security staff inside the company believe they got an
early taste of corporate espionage from China with an alleged incident never before
publicized. It involved Huawei itself, say three former employees.
With an office across the freeway from a Nortel facility in Texas, Huawei returned a fibre card
— essentially a computer device — used in Nortel data switches and asked for a refund,
recalls Lawrence Bill, a forensic analyst who worked on the subsequent investigation.
Former colleagues Tony Anastasio and Brian Shields confirmed the incident, though say they
recall it was a front company that had bought the equipment and passed it on to Huawei.
Regardless, when Nortel engineers looked closely, they realized the “bleeding-edge” gear had
been disassembled and reverse engineered, says Bill.
“It was returned in pieces, where things were taken apart,” remembered Anastasio, who was
an assistant to Nortel’s vice president of security then.
4/8
Meanwhile, the company started noticing knock-off versions of some of its products in Asian
markets, he says.
Nortel considered suing, but dropped the matter after the Huawei office across the road in
Texas closed down, says Bill.
Velshi says he asked counterparts in Huawei around the world if they knew anything about
such an episode 20 years ago and came up blank. The Canadian government has never
accused it of anything like that, he says.
Perhaps the most brazen attempt to purloin Nortel’s commercial secrets was executed from
thousands of kilometres away.
It first came to light in the spring of 2004 when a Nortel employee in the U.K. noticed some
documents he’d stored in the company’s “LiveLink” database had been downloaded by a
senior executive in Canada.
The Brit helpfully emailed the manager — optical-networks president Brian McFadden — to
say he was available to answer any questions McFadden might have about the material. The
executive’s response? I have no idea what you’re talking about.
Nortel’s security staff in Raleigh, N.C., were promptly alerted.
Larry Bill, based in Raleigh, noticed a troubling fact: Logs indicated that McFadden had
signed into the Nortel system from multiple locations around the world, places he had never
visited.
“That’s what threw all the alarms,” Bill recalls today. “We just knew that we had a major
problem, that an executive’s credentials are being hacked and being used to exfiltrate
documents.”
The hacking of McFadden’s account turned out to be just the tip of the iceberg.
Security advisor Brian Shields discovered that not one, but seven Nortel executives, including
CEO Frank Dunn, had been hacked, and that the hackers were vacuuming an alarming
volume of sensitive material out of its databases.
By the end of his investigation, Shields says he was able to track the theft of over 1,400
documents from the LiveLink server, and that was only during a six-month period when
bosses allowed him to monitor the stealing. He found evidence the break-in of Nortel’s
internal computer network had started no later than 2000, and probably began in the 1990s.
He says it lasted past 2009, when he was laid off.
He traced most of the hacks back to IP addresses and four Internet service providers (ISPs)
in China. When material was actually downloaded from Nortel, it mostly ended up at an ISP
in Shanghai.
5/8
The structured nature of the IP addresses used to siphon off those Nortel files, not to
mention the sophistication that allowed the incursion to go undetected for years, point to the
involvement of a skilled, government-directed outfit, Shields says.
He cites a 2013 report by cyber-security firm Mandiant, which revealed the existence of a
major Internet-espionage organization in Shanghai, likely “Unit 61398” of the People’s
Liberation Army. Mandiant tracked thefts of data from 141 companies in 20 major industries.
What was pilfered from Nortel during the short window when Shields tracked the losses?
The reams of material, he says, included a document that laid out current Nortel technology
and the direction various products were headed; a sales proposal that would include pricing
and network design; technical papers on aspects of optical circuits; and an analysis of how
Nortel lost a contract with former Internet firm Genuity.
“It was sickening then and it is sickening now to see what was stolen,” says Shields, who was
Nortel’s representative on the Network Security Information Exchange, a U.S. government
initiative to help protect the national telecom infrastructure. “This was a very capable
adversary. You have to be pretty darn good to achieve such a level of stealth.”
He has no evidence of who ultimately received the documents, but notes that only a Nortel
competitor would benefit from the information, helping it develop products, craft sales
pitches and out-sell rivals.
According to Shield, one document taken by the hackers in 2004 was called “high speed data
over UMTS Quad.”
Four years later, Huawei beat out Nortel on that Telus/Bell contract. It was its first major
project in North America, says the company’s milestones page, involving a form of mobile
data transmission called universal mobile telecommunications service — UMTS.
Shields cannot prove that Huawei benefited from the hacking, but is convinced that its rise to
a world telecommunications superpower — as Nortel simultaneously withered away — is no
coincidence.
The National Post has viewed the first two pages of the internal report Shields and Bill
prepared in 2004, the remaining 12 taken up by a list of the stolen documents.
And yet he is certain the Nortel CEO never saw that report. His investigation wound down
after a few months, and it appears no one notified firms that later bought Nortel assets that
its computers might be infected.
CSIS got in touch again early in 2009, offering to help Nortel with the hacks, Shields says,
but by then it was too late. Within a week, the company had filed for bankruptcy protection.
Concerned that buyers of Nortel units were unaware of the Chinese intrusions, Shields finally
6/8
revealed the story to the Wall Street Journal in 2012.
A few years later, as the National Defence Department prepared to take over Nortel’s former
research campus in Ottawa, it discovered evidence of another type of spying — old-school
listening bugs implanted in the building during Nortel days, a senior Defence officer told the
Ottawa Citizen and Globe and Mail.
The U.S. Justice Department indictment last Thursday replaces one filed earlier against
Huawei and its CFO, Meng Wanzhou, now under arrest in Vancouver in response to an
American extradition request. It alleges a systematic campaign by the company to steal
secrets from six U.S. technology companies.
Prosecutors accuse Huawei of using employees of rival firms, university researchers working
for it covertly and other methods to pilfer intellectual property.
In one previously publicized incident, a Huawei employee was allegedly caught opening up
the networking equipment of other companies at a tech conference in Chicago and
photographing the circuit boards. Nortel was among a list of six competitors the engineer had
with him when nabbed by a security guard, the Wall Street Journal reported.
Huawei called the indictment a “contrived repackaging” of old civil claims, and part of a U.S.
attempt to discredit the company for competitive reasons.
Velshi said disagreements over intellectual property are common in international business,
and public records show Huawei has been involved in fewer of them than either Apple or
Samsung.
Still, there seems little doubt that Nortel was the subject of significant industrial espionage,
even if its leaders paid little heed to the incursions. Did that industrial skullduggery play a
part in the corporation’s demise?
The 2014 study that Calof led, arguably the most extensive analysis of why Nortel failed,
involved dozens of interviews with the company’s competitors, former executives and
customers.
It made no mention of IP theft, but attributed Nortel’s fall to a medley of other problems
including “hubris” among its leaders that made it unresponsive to customer needs; ill-chosen
purchases of other companies in the 1990s and a “black cloud” that hung over it due to the
financial troubles.
Nortel failed to secure the British Telecom contract because it did not offer what the
operator’s tender requested, ironically providing a foothold for Huawei itself, Calof argues.
He concedes that some of the Canadian firm’s adversaries may have gained an unfair and
accelerated leg-up in the market by stealing technology.
7/8
But the business professor stresses that others in the telecommunications and networking
equipment industry were subject to IP theft by Asian actors as well, and to lower-cost
competition from companies like Huawei. And most of those firms, such as Cisco, Nokia,
Ericsson and Alcatel-Lucent, found a way to survive.
Meanwhile, telecom operators have often been quoted as lauding Huawei’s speedy work, fine
products and responsiveness to customers.
Tim Dempsey, a former Nortel executive who left in 2001, but later wrote a book examining
its rise and fall, also says he doubts espionage brought his old employer down. He points
instead to poor leadership after Dunn left, unwise acquisitions and a “culture of fear” that put
too much emphasis on quarterly results as opposed to serving clients.
“Leadership took their eyes off the customer, and they started to squabble about internal
financials,” he says. “They were competing internally too much.”
Others, though, still suspect that Nortel’s once-sparkling future was not lost, it was brazenly
stolen.
It’s “entirely plausible” that technology robbed and copied by a rival was the final straw that
took down an already struggling company, says David Skillicorn, a Queen’s University
computing professor.
Bill, the former forensic analyst, says he believes Nortel was hit by a perfect storm: poor
management in later years, discount pricing by Huawei and a hack that funneled away its
“crown jewels.”
“It was shocking,” he says, “when we finally started pulling back the covers.”
8/8