NSA and GCHQ hacked world's biggest SIM card manufacturer to steal your data
In mid-2013, Edward Snowden revealed that the government-backed agency NSA monitored everything happening on the Internet, including spying on individuals' phone calls, messaging, and emails to glean information and pinpoint suspicious activities in an attempt to stop the growing terrorist acts.
Since the revelations -- which changed everyone's perspective on privacy -- the leaked information from Snowden and acceptance from major technology companies have given us an understanding of how the NSA managed to get our data from the services we heavily rely on. Essentially, either providers agreed to turn over our data or the NSA found another way, a backdoor, to obtain it. But how it manage to tap our phone calls was mostly unclear. Last year, Vodafone did acknowledge that it allowed the NSA to place surveillance tools inside its data centers. But as it turns out, the agency had more ways to log our phone activities.
A new report based on the documents provided by former NSA contractor Edward Snowden reveals that United States' NSA and Great Britain's GCHQ spying agencies hacked the world's biggest SIM card manufacturer to steal the encryption keys, and silently and seamlessly eavesdrop on people without a warrant.
The agencies hacked Gemalto, a multinational firm based in the Netherlands that makes SIM card chips used in mobile phones, tablets, as well as next-generation credit cards. The company provides the chips to more than 450 wireless operators, including AT&T and Verizon, spread across more than 80 countries. The report also sheds light on how NSA in conjunction with GCHQ gamed its way into Gemalto, and eventually millions of people's mobile handsets.
The keys, in question, are what ensures data -- both audio and data -- encryption between the user’s mobile handset and the respective carrier. By gleaning the encryption keys, the agencies were able to decrypt that and directly eavesdrop into user’s mobile handset.
"[We] believe we have their entire network", reveals one of the slides about the operation against Gemalto. When approached by the publication to check whether the company was aware, or had suspicion of any such activities, one of the company’s executives said that they didn’t have any prior knowledge on this matter. "It’s unbelievable. Unbelievable", a member of Dutch Parliament told The Intercept.
The direct access also allowed the agencies to find a route to circumvent federal court order, consent of the concerned government, and permission of the mobile carrier to access the logs and data in a user’s handset. To make sure they weren’t leaving any trail behind, the spying agencies also manipulated bills in a user’s mobile phone. The report discloses the existence of the Mobile Handset Exploitation Team (MHET) which has been operating since April 2010. The group finds and targets vulnerabilities in cellphones and penetrates computer networks of corporations that manufacture SIM cards.
As absurd as it may sound, SIM cards are not designed to provide adequate levels of encryption. The chip was originally manufactured to facilitate carrier’s control on billing and other information. And not much has changed in the last couple of years as mobile operators never bothered to resolve it.