GCHQ ‘stole codes to hack phones’

p25129UK-News-3-1

Published: Friday 20th February 2015 by The News Editor

Comments (0)

The Government’s spy agency reportedly stole confidential codes from a Dutch Sim card manufacturer to hack into mobile phones around the world, the latest set of leaked intelligence documents suggest.

US news website Intercept said it has seen information given to it by whistleblower Edward Snowden that reveals GCHQ and the US National Security Agency (NSA) hacked into the networks of Gemalto in a joint operation.

Intercept said GCHQ targeted the company’s engineers to gain information that gave them access to the company’s networks.

Spies then reportedly stole encryption keys that allowed them to decode the data that passes between mobile phones and cell towers and unscramble calls, texts or emails.

A GCHQ spokeswoman said they do not comment on intelligence matters.

But she said: “Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the parliamentary Intelligence and Security Committee.

“All our operational processes rigorously support this position. In addition, the UK’s interception regime is entirely compatible with the European Convention on Human Rights.”

The hacks are said to have taken place in 2010 and 2011 and led to the interception of 300,000 keys for mobile phone users in Somalia, as well as wireless network providers in Iran, Afghanistan, Yemen, India, Serbia, Iceland and Tajikistan

A spokeswoman for Gemalto said the manufacturer has so far “made no links” between previous hacking attempts it was already aware of and the new reports.

“We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated technique to try to obtain SIM card data,” she said.

“From what we gathered at this moment, the target was not Gemalto, per se – it was an attempt to try and cast the widest net possible to reach as many mobile phones as possible.

“There have been many reported state sponsored attacks as of late, that all have gained attention both in the media and amongst businesses, this truly emphasises how serious cyber security is in this day and age.”

Gemalto, which has its global headquarters in Texas, America, makes “subscriber identity modules”, or Sim cards, used in mobile phones and credit cards.

It is believed to be one of the world’s largest manufacturers of Sim cards and produces service providers with encryption codes to keep the data on each phone private.

The question of state surveillance of communications was thrust into the spotlight after former NSA intelligence worker Snowden exposed documents of secret mass data collection programmes run by the US and UK authorities.

Published: Friday 20th February 2015 by The News Editor

Comments (0)

Local business search