Intelligence agencies from the USA and UK hacked into the internal computer network of the largest manufacturer of SIM cards in the world, to steal encryption keys used to protect the privacy of cellphone communications across the globe.
According to documents provided to The Intercept by whistleblower Edward Snowden, the hack was enabled by a joint unit consisting of operatives from the NSA and GCHQ and gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data.
Specifically targeted was Gemalto, who produces two billion SIM cards a year and whose clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world. With the encryption keys, intelligence agencies can monitor mobile communications and bypass the need for a warrant or a wiretap, or decrypt communications.
According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ secret access.
The goal of the intelligence agencies was to find information that would aid in breaching Gemalto’s systems, making it possible to steal large quantities of encryption keys. The agency hoped to intercept the files containing the keys as they were transmitted between Gemalto and its wireless network provider customers.
The report claimed that GCHQ operatives identified key individuals and their positions within Gemalto, and then dug into their emails. In one instance, GCHQ zeroed in on a Gemalto employee in Thailand who they observed sending PGP-encrypted files, noting that if GCHQ wanted to expand its Gemalto operations, “he would certainly be a good place to start.”