Tag Archives: sim

SIM card maker Gemalto wants answers on alleged hacks by US, UK spies

Gemalto says it’s looking into a report that its SIM card encryption keys were hacked by the NSA and British surveillance agency GCHQ.

Did the US and UK hack their way into SIM cards used in mobile phones? That’s the question one SIM card maker is trying to investigate.

Dutch company Gemalto manufactures SIM cards for mobile phones, which it sells to around 450 carriers throughout the world, including AT&T, Verizon, T-Mobile and Sprint. The cards certain personal and normally secure information, including your phone number, billing information, contacts and text messages. These cards are protected by encryption keys to resist hacking.

But a story published Thursday by The Intercept claims that a joint unit of spies from the US’s National Security Agency and the UK’s Government Communications Headquarters, or GCHQ, hacked into the internal network of Gemalto and stole the encryption keys used to secure the company’s SIM cards. If true, that means the agencies would’ve been able to access personal data and tap into mobile phone voice and data communications from users around the world. Citing documents from former NSA contractor-turned-whistleblower Edward Snowden, the publication — founded by Glenn Greenwald, the journalist through whom Snowden’s revelations first were channeled — said the hacking occurred in 2010 and 2011.

The issue of government surveillance has been an undercurrent of concern over the two decades since the Internet began to become a part of everyday life for businesses and private citizens. But those worries exploded into a mainstream matter after Snowden’s first revelations two years ago, and others have taken up the torch. Just last week, for instance, security company Kaspersky raised a red flag over reports that the NSA can infect hard drives with surveillance software to spy on computers.

Reacting to the claims about its SIM cards, Gemalto issued a statement Friday saying that it is looking into the matter.

“We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such sophisticated techniques,” the company said. “We cannot at this early stage verify the findings of the publication and had no prior knowledge that these agencies were conducting this operation.”

Gemalto’s stock dove around 10 percent in early trading after The Intercept reported the hack.

But Gemalto wasn’t the only target, according to The Intercept, saying that the goal was to hit as many mobile phones as possible. The overall aim was to spy on mobile communications without the consent or knowledge of users or mobile carriers, The Intercept added. Calling itself the “world leader in digital security,” Gemalto said that it has detected and mitigated other hacking attempts over the years but for now can’t prove any link between the past attempts and the one reported by The Intercept.

“I’m disturbed, quite concerned that this has happened,” Paul Beverly, a Gemalto executive vice president, told The Intercept. “The most important thing for me is to understand exactly how this was done, so we can take every measure to ensure that it doesn’t happen again, and also to make sure that there’s no impact on the telecom operators that we have served in a very trusted manner for many years. What I want to understand is what sort of ramifications it has, or could have, on any of our customers.”

Tagged , , , , , , , , , ,

US and UK accused of hacking Sim card firm to steal codes

US and British intelligence agencies hacked into a major manufacturer of Sim cards in order to steal codes that facilitate eavesdropping on mobiles, a US news website says.

The Intercept says the revelations came from US intelligence contractor turned whistleblower Edward Snowden.

The Dutch company allegedly targeted – Gemalto – says it is taking the allegations “very seriously”.

It operates in 85 countries and has more than 40 manufacturing facilities.

The Intercept says that “the great Sim heist” gave US and British surveillance agencies “the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data”.

It says that among the clients of the Netherlands-based company are AT&T, T-Mobile, Verizon, Sprint and “some 450 wireless network providers around the world”.

Full investigation

The Intercept alleges that the hack organised by Britain’s GCHQ and the US National Security Agency (NSA) began in 2010, and was organised by operatives in the “Mobile Handset Exploitation Team”. Neither agency has commented directly on the allegations.

However GCHQ reiterated that all its activities were “carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate”.

Mobile phone users in the Philippines (January 2015)
How does the hack work?Each Sim card has an individual encryption key, installed by the chip manufacturer, that secures communications between the handset in which it inserted and mobile phone masts.

This means that if anyone were to snoop on conversations or text messages, they would receive garbled, unintelligible data.

That is, of course, unless those carrying out the surveillance get hold of the encryption key. With that information, they can even decrypt previously intercepted communications.

However, this tactic only works for phone conversations and text messages. Communications through mobile applications such as Whatsapp, iMessage and many email services have separate encryption systems.

The stolen encryption allowed the agencies to decode data that passes between mobile phones and cell towers. They were able to decrypt calls, texts or emails intercepted out of the air.

A Gemalto spokeswoman said the company was unable to verify whether there had indeed been a breach, and highlighted that other Sim manufacturers could also have been targeted.

She added: “We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated techniques to try to obtain Sim card data”.

Global ripplesReacting to The Intercept’s revelations, Eric King, deputy director of the campaign group Privacy International, said the NSA and GCHQ had “lost sight of what the rule of law means and how to weigh what is necessary and proportionate”.

He said trust in the security of our communications systems is “essential for our society and for businesses to operate with confidence”. And the impact of these latest revelations will have “ripples all over the world.”


Privacy International is currently engaged in legal action against GCHQ over its alleged hacking practices.

Gemalto makes Sim cards for mobile phones and furnishes service providers with encryption codes to keep the data on each phone private.

The Intercept claims that by first cyber-stalking employees at Gemalto and then penetrating their emails, the spy agencies were able to steal thousands of encryption keys at source.

This would allow them to eavesdrop easily on phone calls and texts without seeking permission from telecoms companies or foreign governments, and without leaving a trace.

The Intercept cites as its source documents leaked by Edward Snowden, the former NSA contractor who is currently living in Russia.

‘Weakest link’Karsten Nohl, a security researcher who has exposed previous Sim card vulnerabilities, told the BBC the leak showed that “it is still not terribly difficult” to circumvent encryptions on mobile phone communications.

He added that since it was Gemalto, and not the mobile providers, which sets Sim encryption codes, this makes the Dutch firm the “weakest link of the security chain”.

Other Gemalto clients, such as passport agencies, buy blank chips and set the codes themselves.

“A lot of telecom companies will be scrambling to find out what went wrong,” said Mr Nohl.

line break

Analysis: Joe Miller, BBC technology reporter


If The Intercept’s report is to be believed, the most striking discovery is how easily those wanting to engage in mass surveillance can eavesdrop on our mobile communications.

Gemalto, the company which was allegedly targeted, manufactures an estimated 30% of all Sim cards worldwide. And crucially, it creates the security key for each item. All security agencies needed to do was obtain (by hacking, allegedly) the list of security keys from the firm. Then, as security expert Karsten Nohl says, they could snoop on phone calls with a “few hundred dollars worth of radio equipment in strategically important locations”.

This contrasts with security procedures used, for example, for chips in passports. Many are are also manufactured by Gemalto. These are delivered to the relevant authorities as a blank chip, and the Passport Office – not the company – creates the security key.

Many of Edward Snowden’s allegations have shone a light on complex surveillance tactics by the NSA. But perhaps this latest leak has done more to highlight how a single company is in control of millions of people’s private data.

Tagged , , ,