Slashdot Mirror
Gemalto: NSA and GCHQ Probably Hacked Us, But Didn't Get SIM Encryption Keys
An anonymous reader writes: Last week The Intercept published a report saying agents from the NSA and GCHQ penetrated the internal computer network of Gemalto, the world's largest maker of SIM cards. Gemalto has done an internal investigation, and surprisingly decided to post its results publicly. The findings themselves are a bit surprising, too: Gemalto says it has "reasonable grounds to believe that an operation by NSA and GCHQ probably happened."
They say the two agencies were trying to intercept encryption keys that were being exchanged between mobile operators and the companies (like Gemalto) who supplied them with SIM cards. The company said it had noticed several security incidents in 2010 and 2011 that fit the descriptions in The Intercept's documents. Gemalto had no idea who was behind them until now. They add, "These intrusions only affected the outer parts of our networks – our office networks — which are in contact with the outside world. The SIM encryption keys and other customer data in general, are not stored on these networks." They claim proper use of encryption and isolation of different networks prevented attackers from getting the information they were after.
They say the two agencies were trying to intercept encryption keys that were being exchanged between mobile operators and the companies (like Gemalto) who supplied them with SIM cards. The company said it had noticed several security incidents in 2010 and 2011 that fit the descriptions in The Intercept's documents. Gemalto had no idea who was behind them until now. They add, "These intrusions only affected the outer parts of our networks – our office networks — which are in contact with the outside world. The SIM encryption keys and other customer data in general, are not stored on these networks." They claim proper use of encryption and isolation of different networks prevented attackers from getting the information they were after.
North Korea hacks Sony => Cyber-Terrorism
USA & Great Britain hacks Gemalto => Patriotic-Duty
Of course Gemalto will say anything they can to limit economic damage, but without proper and transparent oversight of secret agencies they is no way to validate any claim by Gemalto that their 3G/4G SIM secrets were not stolen.
The best course of action is for Gemalto to simply be bought out official by the NSA and GCHQ, since they already own their asses, oops I mean assets.
Chances are they have the IMSI Ki keys. This is the info that is given to the carriers with each IMSI(SIM). That's all that is needed to dupe a SIM or decrypt coms. The vast majority(probably all) of these will use the default A3 /A8 encryption, so this will be a walk in the park (load IMSI+Ki into new card) to spin off duplicate SIMs for the next few years.
Once you can dupe a SIM, you can then fool the VLR/HLR into redirecting calls/SMS or access Voicemail. No need to monitor the local airwaves.
Area51 - We are watching...
GCHQ and the NSA were bragging in their internal documents that they have those encryption keys. If true, Gemalto would need to replace billions of SIMs (they manufacture about 2 billion a year) and there is zero chance they could recover the cost from GCHQ.
So no, we can't believe them.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC