I always wondered how you do paperwork for something like this. It must be a nightmare from an accountant perspective. What is the bill code for "blackmail" when you file the income tax and you write a 6 figure expense. In the end your cash has to balance out, you cannot not declare it. Anybody with experience in something like this?
It was. They could have signed any phone application to pretend like it was developed by Nokia, and therefore could have done anything to the phones (hence the malware angle).
That's absolutely insane! Even after paying the ransom, how could they be sure noone were still sitting on the keys? Assuming it's code signing keys, it sounds incredibly irresponsible to not (force) update all devices anyways.
Is really the only thing protecting the safety of those devices the promise of a blackmailer to not abuse the private keys they were sitting on?
... makes me wonder what else we don't know about all the other vendors...
In 2008, forced updates of mobiles, particularly of the s40 and s60 variety, was not a thing.
It turns out that when an operating system is in service for a very long time without updates, bad things happen. Now if you want a real scare, consider for a moment all of the code running on embedded hardware that makes up the entirety of the world energy grid.
Maybe not forced, but I did update several s60 devices as they had new firmware published. So they should at least have made the updates public and explained that everyone must upgrade.
Imagine, for example, openssl being told about the heartbleed vulnerability, then being pressured into paying big money to prevent disclosure, and then keeping their mouths shut about it for six years. Except this is even worse because at least then someone could look at diffs. I can't even think of a proper analogy here.
Nobody but the nerdiest of phone users bothered to ever connect their phones to a PC and over-the-air updates were not supported. The risk of malware signed with the key showing up was probably weighted against the hassle updating everything would have caused.
The difference is that OpenSSL updating was the responsibility of the admins maintaining the server, not general public. The general public did have to act, but it wasn't something technical like updating firmware on a phone is.
Back in the day, I had an S60 phone but no way to even connect it to a computer to get the firmware.
Also, for those that still remember Heartbleed, read again the above comment and think what embedded hardware is running around you. It is a bit scary.
To be fair, you can't exactly "force" an android or an iOS device to update either. It's easier to coach users to update but goddamn would it have been impossible to get s40/60 users to move even one version up.
I recall doing an s60 software upgrade and having it crash halfway through, which somehow bricked the baseband and the operating system of the device. Go figure.
On S60 there was no separate baseband chip to my understanding, the Symbian kernel was responsible of driving the radio as well. This was said to give Nokia a competitive advantage, as most of the competing smartphone OSes required separate baseband chip with a firmware of its own, which drove costs up back then. Such chips are inside SoCs of course these days and cost next to nothing anyway.
If you or anyone else has any insights: why not airgap energy grid electronics? Companies should two networks, and never let them talk to each other, except perhaps under very controlled and secure conditions. It seems like that would alleviate huge chunks of the security concerns. Now obviously people with physical access could get around that, but if you have physical access, you mostly own computers anyway.
An explanation could be that Nokia, at the time, did not have the keys anymore. A scenario could be that they kept their top level signing key printed on paper in a vault (not that problematic, as your top level key should be used very rarely), and that paper somehow got stolen.
If that were the case, they didn't buy the promise the evil doers wouldn't use the keys, but the ability to start using it themselves again. They still would have to phase out the compromised master key real soon, but that might be easier to do if one has it in hand.
Disclaimer: I know to little about key management to know whether the above makes sense. In particular, I doubt that having your compromised key makes any difference in the difficulty of phasing it out.
I can fully see how this could happen. Too many companies don't understand the value of keys like this, and won't until they have a similar situation.
I wonder how exactly the criminals came to have them in the first place, but would be willing to bet it was ultimately incompetence by someone at Nokia.
Having done a few code signings physically at Nokia Tampere back in the Symbian days, I would say they were pretty serious about these codes. Not that the security was 100% tight, but it did involve having to go to a single locked up computer with someone looking at you, keys to the safe in different places, required two separate persons from the signing to be there etc. Impressed myself at least.
The Helsinki Times article[1 english] says they suspect it was an ex employee.
"Information obtained by Helsingin Sanomat from two different sources indicates that Nokia believes the blackmailer to be a Finnish citizen who participated in the development of the user interface. The suspect was able to obtain the highly-classified encryption key due to a data security vulnerability."
Wow, that's rough. Not much you can do against a vulnerability that'll destroy the trust of your entire customer base. A DDOS is one thing but I probably would have paid the millions in this case.
I wonder how much it would have cost to push out an update to all of the Symbian devices in the wild at the time. It wouldn't have been easy, and would have been a PR nightmare, but it could have been done.
The question is: would it have been worth it? I don't know, but hiding things rarely goes well. Then again, I don't know of any public instances where this has happened, but I'm sure Nokia aren't the only ones to have been hit by this.
Code signing key compromise has happened at least for Red Hat and Adobe quite publicly. Plenty of malware use code signed windows device drivers with stolen(?) hw manufacturer keys, too.
> Had it done so anyone could then have written additional code for Symbian including possible malware which would have been indistinguishable from the legitimate part of the software.
Like a rootkit then ? It's a classic case of robbing the mob, as in 'the people who actually own the phone you think you've bought'.
I'm trying to imagine this happening to someone like Red Hat.
BM: "We have the keys to your software repos give us money or we leak."
RH: "Here's a tarball of the sources it make your life easier, knock yourselves out! Maybe we'll even get some new developers!"
Obviously there are reason's why companies choose to keep their software closed source, but sometimes I wonder.
This would be like someone having the GPG signing key for the Red Hat official repositories. It would give them the ability to insert their own (malicious) software package into the Red Hat update stream without the signature throwing any warnings.
Isn't that why we keep revocation certs around? That doesn't really work for blackmail anyway because it is dependent on preventing the organization from knowing that you have access.
