YOU ARE AT:DevicesGemalto believes NSA and GCHQ hacked its networks

Gemalto believes NSA and GCHQ hacked its networks

The world’s largest SIM card maker said it has “reasonable grounds” to believe that its networks were hacked by the National Security Agency and the U.K.’s Government Communications Headquarters in 2010 and 2011. However, Gemalto does not think that SIM card encryption keys were compromised.

The French company shared the findings of the investigation it launched after Edward Snowden alleged that the two government agencies had hacked Gemalto’s networks. Gemalto said the attacks breached its office networks, but could not have resulted in massive theft of SIM card keys. Furthermore, if encryption keys were stolen, they would only enable the government agents to intercept communications on 2G networks.

If the U.S. and U.K. agencies did try to compromise Gemalto’s network, they were not alone. The company said its networks are a constant target and that it experienced many attempted hacks during 2010 and 2011. But as it looks back at the data, Gemalto said it finds “two particularly sophisticated attacks [that] could be related to the operations.”

Gemalto said it noticed suspicious activities in the summer of 2010. In one instance, someone was trying to spy on the company’s internal communications network. In another, employees at one of Gemalto’s mobile operator customers were receiving fake e-mails that purported to be from legitimate Gemalto e-mail addresses. The fake e-mails contained contaminated attachments. Gemalto said it immediately notified the mobile operator when the incident was discovered that summer. Now the company thinks both attacks may have been instigated by government agents.

Gemalto outlined three ways that it can defend against future attacks: systematic encryption of data; use of up-to-date SIM cards; and customized algorithms for each mobile operator. The company said that by 2010 it had already implemented a secure transfer system with its customers, making the actual theft of SIM card encryption keys very unlikely.

ABOUT AUTHOR

Martha DeGrasse
Martha DeGrassehttp://www.nbreports.com
Martha DeGrasse is the publisher of Network Builder Reports (nbreports.com). At RCR, Martha authored more than 20 in-depth feature reports and more than 2,400 news articles. She also created the Mobile Minute and the 5 Things to Know Today series. Prior to joining RCR Wireless News, Martha produced business and technology news for CNN and Dow Jones in New York and managed the online editorial group at Hoover’s Online before taking a number of years off to be at home when her children were young. Martha is the board president of Austin's Trinity Center and is a member of the Women's Wireless Leadership Forum.