Gemalto, SIM card producer for top wireless carriers in the United States, is preparing to release the results of its investigation of itself amid reports that the U.S. National Security Agency (NSA) and Britain's Government Communications Headquarters (GCHQ) stole encryption keys from the Dutch firm.
In documents allegedly leaked by former NSA agent Edward Snowden, Gemalto is said to have fallen victim to a cyber attack perpetrated by GCHQ agents and backed by the NSA. The theft of Gemalto's encryption keys would have given the NSA and GCHQ the ability to decrypt cellular communications from the more than 450 wireless carriers around the world that use SIM cards manufactured by Gemalto, including T-Mobile, Sprint, Verizon and AT&T.
In a Feb. 20 statement, Gemalto asserted it wasn't the primary target of the NSA and GCHQ offensive. Gemalto said it had no prior knowledge of the alleged cyber attack and hadn't found any evidence that it had been compromised, but it admitted it was still in the early stages of its internal investigation.
"Gemalto, the world leader in digital security, is especially vigilant against malicious hackers, and has detected, logged and mitigated many types of attempts over the years," stated Gemalto. "At present we cannot prove a link between those past attempts and what was reported yesterday. We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such sophisticated techniques."
Gemalto said it intends to share the results of its internal investigation in a press release on Feb. 25 and a press conference in Paris.
A day before Gemalto's official statement, it was reported the NSA and GCHQ had obtained the SIM card encryption keys and key identifiers necessary to establish an automated system for decrypting cellular communications.
In a slide accompanying the documents said to be leaked by Snowden, the GCHQ stated it had infiltrated several Gemalto systems and the agency believed it had gained access to the SIM card manufacturer's entire network. It said its "TDSD" was in the process of working on the data the agency had stolen during the operation.
In a document titled "PCS Harvesting at Scale," the GCHQ's TDSD detailed its success at manually hacking into cellular communications using the stolen encryption keys. The organization also explained the progress it was making in having the entire process automated, which was enabling it to cast a net large enough to scour the communications of entire countries.