UK ‘probably hacked Sim card firm’

Published: Wednesday 25th February 2015 by The News Editor

Comments (0)

A Dutch Sim card company allegedly targeted by the UK Government’s spy agency has admitted it was “probably” hacked but denies that large amounts of mobile phone data were at risk.

GCHQ and the US National Security Agency (NSA) reportedly stole confidential encryption codes from Gemalto in an attempt to tap in to mobile phone data around the world, according to the latest set of leaked intelligence documents.

US news website Intercept exposed the alleged hack last week after whistleblower Edward Snowden passed on secret documents.

Intercept said GCHQ targeted the codes to allow them to unscramble data that passes between mobile phones and cell towers and listen in to calls, texts or emails.

Following an investigation, Gemalto, a market leader in the manufacture of Sim cards, said it detected “two particularly sophisticated intrusions which could be related to the operation” in 2010 and 2011.

It said: “The investigation into the intrusion methods described in the document and the sophisticated attacks that Gemalto detected in 2010 and 2011 give us reasonable grounds to believe that an operation by NSA and GCHQ probably happened.

“The attacks against Gemalto only breached its office networks and could not have resulted in a massive theft of Sim encryption keys.

“In the case of an eventual key theft, the intelligence services would only be able to spy on communications on second generation 2G mobile networks. 3G and 4G networks are not vulnerable to this type of attack.

“None of our other products were impacted by this attack.”

The company also criticised the spy agencies for targeting them despite having “no grounds for suspicion”.

“…we are conscious that the most eminent state agencies, especially when they work together, have resources and legal support that go far beyond that of typical hackers and criminal organisations,” it said.

“And we are concerned that they could be involved in such indiscriminate operations against private companies with no grounds for suspicion.”

Gemalto is believed to be one of the world’s largest manufacturers of Sim cards and supplies service providers with encryption codes to keep the data on each phone private.

The question of state surveillance of communications was thrust into the spotlight after former NSA intelligence worker Snowden exposed documents of secret mass data collection programmes run by the US and UK authorities.

Emma Carr, director of Big Brother Watch, said: “The spy agencies should not be able to carry out untargeted fishing trip operations.

“The Government needs to be very clear about whether this operation was authorised and whether there was adequate grounds for suspicion.”

Published: Wednesday 25th February 2015 by The News Editor

Comments (0)

Local business search