It has been reported that Nokia had given into a hacker’s black mail and paid a huge sum of ransom to a hacker who threatened disclosure of an encryption key for the Symbian OS.
The incident reportedly took place back in 2007, when Nokia was still one of the world’s biggest handset manufacturers with a market share of around 50%, and Symbian was the main operating system for its devices. It’s not known how the blackmailer got hold of the key, but if it was made public, Nokia risked a huge security headache with the potential there for hackers to write malware for the OS.
The ransom paid is reported to be of the order of several million Euros.
The incident highlights the cost of security weaknesses in big corporates. Many times the mistakes would have been committed by one of the employees and the nature of the mistake could be very silly. however the consequences could be disastrous. A Good corporate management should therefore consider investment in security as a non negotiable aspect.
Those companies including major Banks in India who state in their security policy that “We shall follow such security practices as are commercially feasible” will have to understand that they are taking risks that may one day kill their organizations.