A couple of days ago, it emerged that Nokia had been blackmailed back in 2008, by someone who had obtained an encryption key for a core component of its Symbian OS. The blackmailer threatened to publish it, which would have made the entire operating system vulnerable to malware and rogue applications indistinguishable from the legitimate OS source code, potentially affecting millions of Symbian handsets worldwide.
As we reported, Nokia paid the ransom of "several million euros" but police lost track of the suspects after the cash had been collected. Further details have since emerged, including the revelation that this was not the only occasion that Nokia found itself capitulating to such threats.
As The Helsinki Times reports, an unnamed "former Nokia executive" revealed that the company has received numerous ransom demands from "third-parties" who discovered "vulnerabilities in its software, hardware or services", and threatened to make them public. The sums demanded in these cases were not disclosed, but were described as "less serious" than the multi-million euro payment that it made in 2008. Nonetheless, the former exec claimed that Nokia frequently paid up.
According to the latest report, citing two separate sources, Nokia believes that the person responsible for the 2008 extortion was "a Finnish citizen who participated in the development of the [Symbian] user interface". The ransom demand was written in English in an email to Nokia, and the decision to pay up "was taken at the highest echelons of the company."
One significant detail not previously known is that the suspect specified that half of the ransom be donated to charity - a demand that the company also complied with - while the other half, as reported earlier, was delivered to a car park in Tampere, Finland.
Source: The Helsinki Times