Darkest hour for phone security as Snowden reveals US and UK hacked world’s SIM cards

19 Feb 2015

US and UK security services hacked into the computer network of Gemalto, the world’s largest producer of SIM cards, stealing encryption keys to read any SIM card on the planet, Edward Snowden has revealed.

According to the latest revelation by rogue NSA contractor Snowden with the stolen encryption keys the spy agencies can monitor mobile communications without permission from telecoms companies or overseas governments.

Netherlands-based Gemalto produces 2bn SIM cards a year and according to The Intercept claims to have been unaware of the activities of NSA and GCHQ.

It is reported that GCHQ slides shared by Snowden boasted of being able to access Gemalto’s entire network.

Snowden, who is living in exile in Russia, is the whistleblower who revealed the existence of PRISM, a massive effort by the NSA to tap into the servers of major internet companies including Apple, Yahoo!, Facebook and Microsoft.

As well as Gemalto’s network, the spy agencies are understood to have targeted unnamed mobile operators’ core networks, gaining access to sale staff’s machines as well as network engineer’s computers for network maps.

They also used the operators’ billing servers to suppress charges to conceal spying activities on an individual’s phone.

The spy agencies also penetrated authentication servers to decrypt data and voice communications between a target’s phone and the network.

A Mobile Handset Exploitation Team (MHET) was formed including operators from both GCHQ and the NSA.

The alleged activities contravene Dutch laws which provide explicitly protection for the privacy of digital communications.

Massive data heist

While early 2G SIMs are easy enough to hack, subsequent 3G and 4G cards are encrypted so therefore gaining encryption keys was a massive haul for the spy agencies.

But because mobile networks do not make SIM cards they outsource this activity and the cards’ encryption to players like Gemalto.

It is also understood that GCHQ cyber-stalked Gemalto employees, gaining access to their emails and Facebook accounts to steal information that might help them access encryption keys.

One particular programme called Highland Fling was established specifically to mine the email accounts of Gemalto employees in France and Poland.

The harvesting methodologies developed by the NSA and GCHQ became so great that by 2009 the NSA had the capacity to process between 12m and 22m keys per second to use against surveillance targets.

SIM cards image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com