June 18, 2014
Hackers Blackmailed Nokia Into Paying To Keep Its Source Code Secret
Peter Suciu for redOrbit.com - Your Universe Online
This week it was reported that hackers attempted to hold the customer data of Domino's France and Domino's Belgium for ransom. In the end the firms refused to pay, and according to online reports other companies have also stood their ground, opting to risk their data going public. However, Finnish-based Nokia apparently did pay out blackmailers to keep its source code from being released.
Six years ago Nokia paid several million Euros to criminals who had threatened to reveal the source code for part of its smartphone operating system. The news was revealed by Finnish TV station MTV on Tuesday.
Local law enforcement had confirmed that that there is now an investigation into a case of alleged blackmail.
"We are investigating felony blackmail, with Nokia the injured party," Detective Chief Inspector Tero Haapala told Reuters, but declined to give further details.
Nokia has not made any comment or released any details on this case.
The Finnish TV station added that the blackmailers apparently acquired part of an encryption key for the core of Nokia's Symbian software – which was used on its mobile handsets prior to the company's adoption of Windows Mobile Phone OS. The blackmailers had threatened to make the encryption key public, which would have made the closed OS very much an open source OS where anyone could have created code for Symbian.
"If that had happened, anyone could’ve written code for the software and been able to pass it off as authentic, which could possibly mean infecting millions of phones with spam or malware," Jay McGregor, contributor to Forbes, wrote on Tuesday.
Reuters further reported that after the blackmail demands were made the mobile phone giant contacted the police. With the assistance of law enforcement Nokia agreed to deliver the cash, but after the money was picked up the police reportedly lost track of the blackmailers. Apparently in this scheme the thieves did get away with the cash and rode off into the sunset.
It is not entirely clear why the news is only coming out now, or is exactly clear why the blackmail demands were paid in the first place.
"With that result in mind we consider the advice given to individuals that find themselves at the receiving end of a shakedown," noted Dave Neal of TheInquirer.net. "Then, with ransomware encryption attacks, punters are advised to resist the temptation to pay the threatened charge, restore from backups and strengthen security instead. This advice is probably solid enough for enterprises to follow, too."
Prior to the time of the blackmail Nokia had about 50 percent market share worldwide and Symbian was a popular mobile OS with other handset makers. However, Nokia lost its market share with the rise of Apple's iOS and Google's Android and Nokia moved from Symbian to Microsoft's Windows Phone OS. Last year Microsoft sought to acquire Nokia's mobile phone business – for which it paid $7.6 billion.
Microsoft finalized the acquisition of Nokia – now called Microsoft Mobile – in April of this year.
As for the blackmailers it appears they never leaked the code. Now it appears that it would be too late given that, according to comScore, Symbian has less than two percent of the market share.