KIANEWS 
HMD Global today unveiled its latest smartphone, the HMD Fusion, an affordable device whose idea is to change functions and style with a shell. This is how the HMD Fusion will initially be distributed, but additional devices will be available later this year.
So far, there is no evidence that hackers have breached corporate data
07. 11. 2024 Thursday / By: Robert Denes / The key / Exact time: BST / Print this page
F inland's Nokia continues to investigate IntelBroker's claims of another high-profile data breach, with the cybercriminal group publishing internal data from BreachForums that was allegedly stolen from Nokia via a third-party contractor.
Nokia is investigating an alleged cyber attack in which threat actors claim to have stolen sensitive internal data. However, the company says there is no evidence so far that its data or systems have been breached.
Known threat actor IntelBroker published Nokia's internal data online on Tuesday - including SSH keys, source code and internal credentials - and sold it for $20,000 on the cyber crime website BreachForums, according to a report published by HackRead.
The group claimed it obtained the data through a breach of a third-party contractor linked to Nokia's internal device development, though the report does not appear to have affected customer data.
"Nokia has become aware of reports that an unauthorized actor has allegedly gained access to the data of certain third-party contractors and possibly Nokia's data," a Nokia spokesperson told Dark Reading. "Nokia takes this allegation seriously and is investigating."
However, at this time, the company's investigation has "found no evidence that any of our systems or data were affected," although Nokia is still "closely monitoring the situation,"the spokesperson said.
Given that IntelBroker is a notorious threat actor that has already carried out several high-profile data heists, it seems likely that Nokia will eventually realize that its data has been stolen. The Serbia-based organization began operations in 2022 and has been linked to data breaches that have affected Apple, the US House of Representatives, Europol, General Electric and the Defense Advanced Research Projects Agency (DARPA).
If IntelBroker's claim proves true, the data stolen in the heist and then sold to a malicious actor or actors could potentially be used in other cyber crimes against Nokia. For example, they steal credentials to gain unauthorized access to Nokia systems and compromise other sensitive data or spread malware. Depending on the nature of the data, other organizations may also be at risk.
The incident is yet another example of how organizations are exposed to security risks through the third parties they contract with, notes Jim Routh, director of trust at cybersecurity firm Saviynt. However, the fact that the breach itself happened through a third party isn't a huge surprise, he tells Dark Reading via email.
In fact, several high-profile cyberattacks at global multinationals have resulted from third-party breaches, including those at credit card company American Express, Spanish banking institution Santander, and US-based financial institution Bank of America.
But Routh says the alleged Nokia breach is "a bit of a head-scratcher" because it involves "compromising third-party credentials to access the software supply chain."
"The head-scratching comes from why a third party has access to Nokia's source code,"he notes. However, it's possible that the attackers gained access through a software engineer contributing to an internal project,Routh adds, suggesting that the hackers exploited "credential management to gain access to the software build process."
One possible way for organizations to protect themselves from such an incident is to improve identity management of cloud accounts with access to the software supply chain to avoid the accidental disclosure of sensitive data to threat actors.
Via Link