Fallen telecommunications giant Nortel was the subject of international industrial espionage for more than a decade, according to reports obtained by the Wall Street Journal.

Hackers thought to be based out of China downloaded research and development reports, business plans and employee emails from Nortel’s corporate computer network since 2000.

The Chinese embassy told the Journal in a statement that the attacks shouldn’t be assumed to originate in China “without thorough investigation and hard evidence.”

The corporation, now in the process of selling itself off bit by bit after filing for bankruptcy in 2009, was breached by the hackers when seven passwords of top Nortel executives were stolen.

The hackers also placed spyware so deep into some employee computers it escaped detection. The Journal reports that some of those computers may have been moved to the companies that bought up Nortel assets.

Parts of the company now belong to Avaya Inc., Ciena Corp, Telefon AB L.M. Ericsson and Genband Corp.

Nortel did not take the threat of a security breach seriously, said Brian Shields, a former senior advisor in security systems at Nortel who conducted a six-month internal investigation into the matter.

Shields told the Journal that Nortel that the hackers “had access to everything… They had plenty of time. All they had to do was figure out what they wanted.”

His report says Nortel also failed to determine whether its products were compromised by hackers, and did not disclose the security breach to investors or the buyers snapping up parts of the firm.

Michel Juneau-Katsuya, a former senior CSIS agent recently told the Financial Post that corporate espionage costs Canadian companies between $50 billion to $100 billion a year.

“They are stealing economic information from Canada in particular because Canada is a knowledge-based economy and intellectual property is the item of choice,” he said.

A U.S. intelligence report points to China as the most “active and persistent” perpetrators of industrial espionage, according to the Journal.

Google announced in 2010 that Chinese hackers had raided their network in search of their valuable source code.

Last month, it was reported that China-based hackers infiltrated chemical-making company DuPont Co. in 2009 and 2010. The firm also failed to inform investors about the cyber attacks, which has prompted the U.S. Securities and Exchange Commission (SEC) to demand companies disclose this information.

Ron Myles, a corporate espionage expert formerly with CSIS and the RCMP, agrees that companies should reveal when they’ve been hacked.

“It’s a good first step. It’ll quantify the problem and people will get an idea of just how big this is,” he said.

“Then you can get a better idea of how to stop it.”

Loading... Loading... Loading... Loading... Loading... Loading...

It can be very hard to detect some of the more sophisticated cyber attacks, says Joost Houwen, an experienced security professional with Grant Thornton, an international consulting group. But the key to a successful security policy is “active involvement from everyone in the company,” he says.

Companies also need have lines strong lines of communication between IT personnel and senior management, he said.

Meanwhile, Canada is still reeling from an espionage case involving naval intelligence officer Sub-Lt. Jeffrey Paul Delisle. He is accused of passing on sensitive and closely guarded data to a foreign entity and is currently in custody.

Read more about: