Menu
NSA, UK's GCHQ reportedly hacked encryption of SIM card maker

NSA, UK's GCHQ reportedly hacked encryption of SIM card maker

The surveillance agencies reportedly were able to monitor a large portion of the world's mobile traffic

U.S. and U.K. intelligence agencies have reportedly hacked into the computer network of giant SIM card maker Gemalto and taken smartphone encryption keys potentially used by customers of hundreds of mobile phone carriers worldwide.

The Gemalto hack, by the U.S. National Security Agency and the U.K. Government Communications Headquarters (GCHQ), allowed the two spy agencies to monitor a large portion of the world's mobile phone voice and data traffic, according to a story in The Intercept.

The hack was detailed in a 2010 GCHQ document leaked by former NSA contractor Edward Snowden, the story said.

It's unclear how much mobile traffic the two agencies intercepted after the reported hack.

Gemalto, based in the Netherlands, produces about 2 billion SIM cards a year. About 450 mobile carriers, including AT&T, T-Mobile, Verizon Wireless and Sprint, use the company's SIM cards.

With the compromised encryption keys, the surveillance agencies would be able to monitor mobile communications without the approval of the carriers or foreign governments, The Intercept story said. The encryption keys would allow the agencies to intercept mobile traffic without court-ordered warrants or wiretaps, the story said.

Representatives of the NSA and Gemalto did not immediately respond to requests for comments on the story. Gemalto's website was down Thursday afternoon.

Gemalto was unaware of the penetration of its systems, the company told The Intercept. The company is "disturbed" about the possibility, Paul Beverly, a Gemalto executive vice president, told the publication.

GCHQ compromised Gemalto's computer networks and installed malware on several computers, The Intercept story said, quoting a slide from the U.K. intelligence agency provided by Snowden. At the time GCHQ believed it had access to the company's "entire network," the slide said.

GCHQ also said it had access to billing servers of mobile carriers, allowing it to manipulate customer charges in an effort to hide surveillance on phones, the story said.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Paul BeverlysecurityU.K. Government Communications HeadquartersEdward SnowdenGemaltoU.S. National Security Agencymobilegovernmentprivacyintrusion

Featured

Slideshows

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

​Ingram Micro’s Hooked on Lenovo incentive programme recently rewarded 28 of New Zealand's top performing resellers with a full-on fishing trip at Great Barrier Island for the third year​ in a row.

Tight lines as Hooked on Lenovo catches up at Great Barrier Island
Inside the AWS Summit in Sydney

Inside the AWS Summit in Sydney

As the dust settles on the 2017 AWS Summit in Sydney, ARN looks back an action packed two-day event, covering global keynote presentations, 80 breakout sessions on the latest technology solutions, and channel focused tracks involving local cloud stories and insights.

Inside the AWS Summit in Sydney
Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Ingram Micro hosted its third annual Cure Kids Charity Golf Tournament at the North Shore Golf Club in Auckland. In total, 131 resellers, vendors and Ingram Micro suppliers enjoyed a round of golf consisting of challenges on each of the 18 sponsored holes, with Team Philips taking out the top honours.

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day
Show Comments