That's absolutely insane! Even after paying the ransom, how could they be sure noone were still sitting on the keys? Assuming it's code signing keys, it sounds incredibly irresponsible to not (force) update all devices anyways.
Is really the only thing protecting the safety of those devices the promise of a blackmailer to not abuse the private keys they were sitting on?
... makes me wonder what else we don't know about all the other vendors...
In 2008, forced updates of mobiles, particularly of the s40 and s60 variety, was not a thing.
It turns out that when an operating system is in service for a very long time without updates, bad things happen. Now if you want a real scare, consider for a moment all of the code running on embedded hardware that makes up the entirety of the world energy grid.
Maybe not forced, but I did update several s60 devices as they had new firmware published. So they should at least have made the updates public and explained that everyone must upgrade.
Imagine, for example, openssl being told about the heartbleed vulnerability, then being pressured into paying big money to prevent disclosure, and then keeping their mouths shut about it for six years. Except this is even worse because at least then someone could look at diffs. I can't even think of a proper analogy here.
Nobody but the nerdiest of phone users bothered to ever connect their phones to a PC and over-the-air updates were not supported. The risk of malware signed with the key showing up was probably weighted against the hassle updating everything would have caused.
The difference is that OpenSSL updating was the responsibility of the admins maintaining the server, not general public. The general public did have to act, but it wasn't something technical like updating firmware on a phone is.
Back in the day, I had an S60 phone but no way to even connect it to a computer to get the firmware.
Also, for those that still remember Heartbleed, read again the above comment and think what embedded hardware is running around you. It is a bit scary.
To be fair, you can't exactly "force" an android or an iOS device to update either. It's easier to coach users to update but goddamn would it have been impossible to get s40/60 users to move even one version up.
I recall doing an s60 software upgrade and having it crash halfway through, which somehow bricked the baseband and the operating system of the device. Go figure.
On S60 there was no separate baseband chip to my understanding, the Symbian kernel was responsible of driving the radio as well. This was said to give Nokia a competitive advantage, as most of the competing smartphone OSes required separate baseband chip with a firmware of its own, which drove costs up back then. Such chips are inside SoCs of course these days and cost next to nothing anyway.
If you or anyone else has any insights: why not airgap energy grid electronics? Companies should two networks, and never let them talk to each other, except perhaps under very controlled and secure conditions. It seems like that would alleviate huge chunks of the security concerns. Now obviously people with physical access could get around that, but if you have physical access, you mostly own computers anyway.
An explanation could be that Nokia, at the time, did not have the keys anymore. A scenario could be that they kept their top level signing key printed on paper in a vault (not that problematic, as your top level key should be used very rarely), and that paper somehow got stolen.
If that were the case, they didn't buy the promise the evil doers wouldn't use the keys, but the ability to start using it themselves again. They still would have to phase out the compromised master key real soon, but that might be easier to do if one has it in hand.
Disclaimer: I know to little about key management to know whether the above makes sense. In particular, I doubt that having your compromised key makes any difference in the difficulty of phasing it out.
Is really the only thing protecting the safety of those devices the promise of a blackmailer to not abuse the private keys they were sitting on?
... makes me wonder what else we don't know about all the other vendors...