Senate officials said Tuesday they are confident the US Senate has not been exposed to potential Chinese cyber-spying in the wake of allegations that the telecommunications company Nortel Networks was penetrated for years by hackers who appeared to be working from China.
The Wall Street Journal reported February 14 that Nortel’s corporate computer network had allegedly been penetrated by hackers as far back as 2000, and documents, technical papers, business plans and employee emails were among the information compromised.
The Journal, citing documents and former Nortel employees, said spyware was so deeply embedded in Nortel’s systems that it took the company years to realize the extent of the problem.
For much of that time, one of the Senate’s largest technology vendors was Nortel Government Solutions, a Nortel subsidiary, CNBC has learned.
The Sergeant at Arms office, which is the principal administrative manager for most support services in the Senate, said that the contract with Nortel Government Solutions called for that company to conduct “cyber security monitoring and other network monitoring.”
The contract was a large one. In several months, the Senate paid Nortel Government Services hundreds of thousands of dollars, according to Senate disbursement records available in the database of Legistorm.com. In March of 2008, for example, the Senate spent $312,335.20 on Nortel services under an expenditure listed as “Management and Professional Support Services.”
However, the Sergeant at Arms says there is no risk to the massive volume of sensitive military, economic and technical information that is transits Senate systems, in part because there was no direct network connection with the contractor.
“There was not any connection between the Senate network and Nortel Government Solutions,” a Sergeant at Arms spokesperson said. “There’s not any chance of compromise of our network as a result of that.”
The spokesperson said the Senate began an internal investigation into its potential exposure to Chinese espionage after the Wall Street Journal report.
In the wake of Nortel’s bankruptcy, Nortel Government Solutions is now known as Avaya Government Solutions, a subsidiary of Avaya.
According to its website, Avaya Government Solutions “engineers, deploys and manages mission-critical solutions for government, including homeland security, criminal justice, defense and civilian agencies within the U.S. Federal Government.”
According to disbursement records, the Senate remained a client of Avaya Government Solutions as recently as last year. In March of 2011, for example, the Senate spent $350,376.95 for “technical support” services from the firm.
Officials at Avaya Government Solutions did not return calls for comment.