Gemalto Will Investigate Alleged SIM Card Hack

Spies from the NSA and British GCHQ are alleged to have infiltrated the firm Gemalto to steal technology needed to decrypt mobile phone communications.
Spies from the NSA and British GCHQ are alleged to have infiltrated the firm Gemalto to steal technology needed to decrypt mobile phone communications.

In-brief: Gemalto said in a statement Friday that it will investigate reports that the company was the victim of a sophisticated campaign of espionage by the U.S. National Security Agency and Britain’s GCHQ. 

The French-Dutch security firm Gemalto said in a statement on Friday that it would investigate reports that intelligence agencies in the U.S. and UK infiltrated the company and gained access to encryption codes that would permit surveillance of mobile phone communications.

The firm was responding to a report in the online publication The Intercept that exposed the program, by the U.S. National Security Agency (NSA) and British Government Communications Headquarters (GCHQ). The report cited documents leaked by Edward Snowden, a former NSA contractor.

The Intercept on Thursday reported that in 2010 and 2011, a joint unit composed of operatives from the British GCHQ and the NSA conducted covert operations against Gemalto employees and the company’s network. The government hackers were after SIM card encryption keys engraved in Gemalto  SIM cards.

The spy agencies “mined the private communications of unwitting engineers and other company employees in multiple countries,” The Intercept reported.

In a statement to The Intercept, Gemalto Executive Vice President Paul Beverly said he was “disturbed (and) quite concerned that this has happened…The most important thing for me is to understand exactly how this was done, so we can take every measure to ensure that it doesn’t happen again, and also to make sure that there’s no impact on the telecom operators that we have served in a very trusted manner for many years.”

In its statement Friday, Gemalto said it the company believes that Gemalto per se wasn’t the target. “It was an attempt to try and cast the widest net possible to reach as many mobile phones as possible, with the aim to monitor mobile communications without mobile network operators and users consent,” the company said.

The company said it could not verify the conclusions of The Intercept report and “had no prior knowledge that these agencies were conducting this operation.”

However, the company said it would investigate. “We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such sophisticated techniques.,” Gemalto said.

Read more via Pages – Information regarding a report mentioning a hacking of SIM card encryption keys.

Comments are closed.