NSA, UK's GCHQ reportedly hacked encryption of SIM card maker

The surveillance agencies reportedly were able to monitor a large portion of the world's mobile traffic

U.S. and U.K. intelligence agencies have reportedly hacked into the computer network of giant SIM card maker Gemalto and taken smartphone encryption keys potentially used by customers of hundreds of mobile phone carriers worldwide.

The Gemalto hack, by the U.S. National Security Agency and the U.K. Government Communications Headquarters (GCHQ), allowed the two spy agencies to monitor a large portion of the world's mobile phone voice and data traffic, according to a story in The Intercept.

The hack was detailed in a 2010 GCHQ document leaked by former NSA contractor Edward Snowden, the story said.

It's unclear how much mobile traffic the two agencies intercepted after the reported hack.

Gemalto, based in the Netherlands, produces about 2 billion SIM cards a year. About 450 mobile carriers, including AT&T, T-Mobile, Verizon Wireless and Sprint, use the company's SIM cards.

With the compromised encryption keys, the surveillance agencies would be able to monitor mobile communications without the approval of the carriers or foreign governments, The Intercept story said. The encryption keys would allow the agencies to intercept mobile traffic without court-ordered warrants or wiretaps, the story said.

Representatives of the NSA and Gemalto did not immediately respond to requests for comments on the story. Gemalto's website was down Thursday afternoon.

Gemalto was unaware of the penetration of its systems, the company told The Intercept. The company is "disturbed" about the possibility, Paul Beverly, a Gemalto executive vice president, told the publication.

GCHQ compromised Gemalto's computer networks and installed malware on several computers, The Intercept story said, quoting a slide from the U.K. intelligence agency provided by Snowden. At the time GCHQ believed it had access to the company's "entire network," the slide said.

GCHQ also said it had access to billing servers of mobile carriers, allowing it to manipulate customer charges in an effort to hide surveillance on phones, the story said.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Paul BeverlysecurityU.K. Government Communications HeadquartersEdward SnowdenGemaltoU.S. National Security Agencymobilegovernmentprivacyintrusion

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?