Gemalto, a digital security firm considered to be the world’s largest maker of SIM cards, said it is looking into reports that operatives of the United States National Security Agency and the British Government Communications Headquarters (GCHQ) hacked the company’s encryption keys in order to monitor calls, text messages and emails of mobile phone users around the world.
On Thursday, The Intercept, an online publication that publishes top secret documents provided by NSA whistle blower Edward Snowden, detailed how the British and American spy agencies hacked into the internal computer network of Gemalto (EPA: GTO) and stole the encryption keys used to protect mobile phone communications. The Franco-Dutch company makes SIM cards used in mobile phones. Gemalto operates in 85 countries and owns 40 manufacturing facilities and it serves more than 450 wireless network providers around the world.
The Intercept article included a link to a slide which the publication said came from the GCHQ. The slide appears to show that the British agency was successful in penetrating Gemalto’s network.
The slide said the GCHQ was able to access the sales staff machines for customer information, network engineers’ machines for network maps and authentication servers.
A note that accompanied the slide said the GCHA was “very happy with the data so far and (was) working through the vast quantity of product.”
According to The Intercept the breach provided the agencies the potential “to secretly monitor the world’s cellular communications, including both voice and data.”
In a statement today, Gemalto said it is too early to verify published reports and it had no prior knowledge that the NSA and the GCHQ were conducting such an operation.
The company said that according to report the target of the attack “was not Gemalto per se” but rather to monitor mobile communications “without mobile network operators’ and users’ consent.”
“We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such sophisticated techniques,” Gemalto said. ”There have been many reported state sponsored attacks as of late, that all have gained attention both in the media and amongst businesses, this truly emphasizes how serious cyber security is in this day and age.”
