On Thursday last week, The Intercept published its latest exclusive courtesy of NSA whistleblower Edward Snowden.
According to the report, intelligence agencies in the United States and Great Britain joined forces to hack Gemalto, a company which manufactures billions of SIM cards every year, and stole encryption keys used to protect the privacy of communications around the world.
Gemalto’s customers include 450 mobile telecom operators globally, including Verizon, AT&T and Vodafone.
If the hacking claims are true, GCHQ and the NSA would be able to use the stolen encryption keys “to monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments.” In other words, no need for a warrant or a wiretap, and no awkward evidence left on a communications provider’s network that communications were snooped upon.
That is, for anyone who cares about privacy, a nightmare scenario with potentially billions of calls, texts and emails vulnerable to covert spying by intelligence agencies.
According to Snowden’s documents, the alleged hacking operation took place during 2010 and 2011.
But today, Gemalto – which also produces ID chips for passports and other technologies – is trying to reassure the public, its partners and investors.
The corporation has today published a short statement saying it will hold a press conference on Wednesday 25 February about its investigation into the alleged hacking, but that it already believes that “Gemalto SIM products (as well as banking cards, passports and other products and platforms) are secure.”
A question, clearly, remains. If GCHQ’s slide was accurate in boasting “[we] believe we have their entire network”, how on earth can Gemalto say with any confidence what occurred in 2010/2011? After all, any digital fingerprints that the hackers might have left could have been entirely wiped by the hackers if they truly owned Gemalto’s computer system.
We shouldn’t forget, GCHQ is perfectly prepared to hack innocent, law-abiding companies if they believe that it will help them gather intelligence. Just look what happened at leading telecoms firm Belgacom, for instance.
I don't understand why in the midst of this big data revelation and whistleblowing they would provide a redacted slide from GCHQ. What's being withheld there?
Snowden was careful to make clear that he would withold information that could CRUCIALLY compromise methods, operations, and personnel.
Nota Bene: I have put 'crucially' in all-caps. Just in case it wouldn't be noticed.
in this age of murdering b………………. terrists i suppose they have to be 1 step ahead—the risk is haveing info on us all—-its open to curruption human nature as it is