Edward Snowden: US, British spies hacked cell phone SIM card encryption keys

In the latest revelation to come from NSA whistle-blower Edward Snowden, The Intercept reports that US and British intelligence services hacked into the world’s largest maker of SIM cards used in cell phones and next-generation credit cards.

Edward Snowden, left, appears with Glenn Greenwald in a scene from "Citizenfour," a documentary about Snowden's leak of NSA documents. The film is nominated for an Oscar for documentary feature.

Radius TWC/AP

February 19, 2015

The US National Security Agency (NSA) and Great Britain’s Government Communications Headquarters (GCHQ) hacked into the world's largest SIM card manufacturer, stealing encryption information, according to documents released by whistle-blower Edward Snowden and reported by The Intercept Thursday.

This gave the agencies the ability to secretly monitor a large portion of the world’s cellular communications, including both voice and data, according to The Intercept report, “The Great SIM heist.”

“With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments,” the report asserts. “Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.”

Tracing fentanyl’s path into the US starts at this port. It doesn’t end there.

Gemalto, the Netherlands-based company allegedly targeted, produces some 2 billion SIM (subscriber identity modules) cards a year used in mobile phones and next-generation credit cards.

Among its clients are AT&T, T-Mobile, Verizon, Sprint, and some 450 wireless network providers around the world. The company operates in 85 countries and has more than 40 manufacturing facilities. One of its three global headquarters is in Austin, Texas, and it has a large factory in Pennsylvania, according to The Intercept report.

“As part of the covert operations against Gemalto, spies from GCHQ – with support from the NSA – mined the private communications of unwitting engineers and other company employees in multiple countries,” the report states.

The full impact of this latest revelation about the NSA may never be known. But if Snowden’s latest claim as reported by The Intercept is true, it raises questions about the security of cell phone voice and data communications around the world.

“The breach is disastrous for mobile security, which has historically already been on shaky ground,” writes T.C. Sottek, senior news editor at The Verge, a technology news and media network.

“Once you have the keys, decrypting traffic is trivial,” Christopher Soghoian, principal technologist for the American Civil Liberties Union, told The Intercept. “The news of this key theft will send a shock wave through the security community.”

Officials at Gemalto say they knew nothing about the security breach until the company was contacted by The Intercept. After ordering its security team to look for signs of a breach on Wednesday, it found none, company officials told thenextweb.com.

“I’m disturbed, quite concerned that this has happened,” said Paul Beverly, an executive vice president at Gemalto. “What I want to understand is what sort of ramifications it has, or could have, on any of our customers.”

In a major speech on NSA data collection programs in January 2014, President Obama talked about the balance between national security and privacy rights. His mention of Edward Snowden was brief.

“I’m not going to dwell on Mr. Snowden’s actions or his motivations,” the president said. “I will say that our nation’s defense depends in part on the fidelity of those entrusted with our nation’s secrets. If any individual who objects to government policy can take it into their own hands to publicly disclose classified information, then we will not be able to keep our people safe, or conduct foreign policy. Moreover, the sensational way in which these disclosures have come out has often shed more heat than light, while revealing methods to our adversaries that could impact our operations in ways that we may not fully understand for years to come.”

This latest revelation comes on the heels of a new report by Russian research firm Kaspersky Lab, which says the US has found a way to hide spyware in almost any hard drive built by the world’s top computer manufacturers.

Five hundred infections in more 30 countries have been documented by the Moscow-based lab, with the highest levels of infection reported in Iran, Russia, Pakistan, and Afghanistan, the Monitor’s Jessica Mendoza reported this week. Manufacturers Western Digital Technologies, Samsung Electronics, and Seagate Technology are among the top brand names affected worldwide.