Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


11:30 AM
Connect Directly

Gemalto: NSA, GCHQ May Have Been Behind Breaches It Suffered In 2010 And 2011

But the 'sophisticated' attacks hit only Gemalto office networks--not 'massive theft' of SIM crypto keys, vendor says, and such an attack, if waged, would only affect 2G networks, not 3G or 4G.

The mobile SIM card vendor that was reportedly hacked by the National Security Agency and the UK's GCHQ in order to spy on mobile communications unfettered, today acknowledged that the spy agency hacks likely occurred, but only affected its office networks and didn't lead to the widespread theft of its coveted SIM encryption keys.

Gemalto, based in Amsterdam, announced findings from its own investigation into the latest round of NSA/GCHQ documents leaked by Edward Snowden. The Intercept last week reported that documents it obtained from Snowden showed an NSA-GCHQ project to hack Gemalto and steal its SIM encryption keys used to scramble mobile voice and text communications for privacy. The $2.7 billion Gemalto supplies SIM chips to AT&T, Verizon, Sprint, T-Mobile, and some 400 wireless providers worldwide; its chips also are used in bank cards, passports, and identity cards.

The stolen keys would give the spy agencies the ability to surreptitiously intercept and monitor wireless conversations and communications without a wiretap warrant, and to decrypt any communications protected by the SIM cards. SIM encryption keys allow mobile carriers to authenticate a mobile device on their network, and Gemalto and other SIM vendors give carriers a copy of those keys.

Gemalto, which was careful to say it is not confirming the report by The Intercept, said it studied logs and documentation surrounding two "sophisticated" attacks it discovered against its network in 2010 and 2011, the timeframes in question as reported by The Intercept. The attacks "gave us reasonable grounds to believe that an operation by NSA and GCHQ probably  happened," the company said today.

"At the time we were unable to identify the perpetrators, but we now think that they could be related to the NSA and GCHQ operation," Gemalto said. "These intrusions only affected the outer parts of our networks – our office networks - which are in contact with the outside world. The SIM encryption keys, and other customer data in general, are not stored on these networks."

Gemalto said it's network architecture is layered and segmented such that data is isolated and "clustered."

But renowed security expert Bruce Schneier dismissed Gemalto's assessment, saying there's no way Gemalto realistically can be confident of its findings. Schneier says it appears to be more of a PR move to "salvage a very bad situation."

"It makes no sense that in a couple of days they are anything resembling confident that the NSA didn't break their security. An NSA attack would be undetectable," Schneier says. Plus, it takes weeks to fully investigate attacks, not days, says Schneier, who is CTO of Co3 Systems. 

Schneier says Gemalto's effort to assuage concerns "is a shame, because it's not their fault. Their security is not up to the NSA and there's no reason it should be," he says.

The leaked documents reportedly reveal how the NSA assisted the GCHQ to tap into the communications of Gemalto employees, for example, and the initiative included the UK spy agency placing malware on Gemalto's networks for remote access to the SIM card vendors' systems.

The Attacks on Gemalto

In June of 2010, Gemalto detected "suspicious activity" at one of its French sites: someone was trying to spy on the corporate network there. "Action was immediately taken to counter the threat," Gemalto said.

In July of that year, Gemalto's security team spotted emails sent to one of its mobile operator customers that spoofed real Gemalto email addresses. "The fake emails contained an attachment that could download malicious code. We immediately informed the customer and also notified the relevant authorities both of the incident itself and the type of malware used," the company said.

Attackers also tried to gain access to the PCs of Gemalto employees who work closely with its customers. "While the intrusions described above were serious, sophisticated attacks, nothing was detected in other parts of our network. No breaches were found in the infrastructure running our SIM activity or in other parts of the secure network which manage our other products such as banking cards, ID cards or electronic passports. Each of these networks is isolated from one another and they are not connected to external networks."

Gemalto says by 2010, it had configured a "secure transfer system" between the company and its customers, so any theft of information would be "only rare exceptions." And if such a theft had transpired, the company said, it would only affect 2G mobile networks, anyway, since 3G and 4G are not vulnerable to such an attack.  "None of our other products were impacted by this attack," Gemalto said.

"It is extremely difficult to remotely attack a large number of SIM cards on an individual basis. This fact, combined with the complex architecture of our networks, explains why the intelligence services instead chose to target the data as it was transmitted between suppliers and mobile operators, as explained in the documents," Gemalto said in its report.

Gemalto pointed out that it wasn't the sole target of the NSA and GCHQ noted in the leaked documents, and that among the mobile operators listed in the documents, it supplies SIM cards to eight of the 12 providers. The company also disputed other elements of the documents, including claims that it had SIM card personalization centers in Japan, Colombia, and Italy during that time period.

"We are conscious that the most eminent state agencies, especially when they work together, have resources and legal support that go far beyond that of typical hackers and criminal organizations. And, we are concerned that they could be involved in such indiscriminate operations against private companies with no grounds for suspicion," the company said in its report.

Encrypting data in storage as well as in transit is the best defense, Gemalto says, as well as employing the latest SIM card technology and custom algorithms for its mobile operator.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Pablo Valerio
Pablo Valerio,
User Rank: Strategist
2/26/2015 | 11:24:45 AM
Re: it would only affect 2G mobile networks?
@Kelly, if there is a strong believe that the keys are compromised they could start replacing the SIM cards, but that could be really expensive.

Some users could ask for a replacement if they have SIM cards issued during 2010-2012, it costs around $4 each. 

I would also recommend forcing the phones to stay in 3G/4G mode, which usually works well in most areas. I remember that AT&T was talking about phasing out their 2G networks by 2016
Kelly Jackson Higgins
Kelly Jackson Higgins,
User Rank: Strategist
2/25/2015 | 5:44:48 PM
Re: it would only affect 2G mobile networks?
@Pablo--Thank you for sharing this. The forced 2G tactic is very interesting, indeed. I agree with Bruce Schneier that there is a lot more here than their postmortem, and they were in a tough situation here. The question is how do these companies and carriers react security-wise now. 
Pablo Valerio
Pablo Valerio,
User Rank: Strategist
2/25/2015 | 4:58:40 PM
it would only affect 2G mobile networks?
@Kelly, I know people working for Gemalto. I believe it is a great company and they take security seriously. But their claims that users are secured using 3G or 4G networks is not entirely true.

One method mentioned on The Intercept article is to force users to drop down to 2G networks by overloading the 3G service. Most mobile devices are configured to switch to 2G when the 3G/4G service is not reliable. And the switch happens without the user knowlegde.

I do believe Gemalto is now taking precautions to deliver the keys securely, but that was not probably the case a few years ago. The carriers receiving the SIM cards and keys are also to blame.

The fact that they decided not to file charges is abit strange. At least they could ask the French and Dutch governments, or the EU commission, to launch a probe.

I'm sure this topic will be present next week at the MWC here in Barcelona... We'll see
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Zero Trust doesn't have to break your budget!
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-17
Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.16.1, a malicious app on the same device could have gotten access to the shared preferences of the Nextcloud Android application. This required user-interaction as a victim had to initiate the sharing flow and choose t...
PUBLISHED: 2021-06-17
In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive.
PUBLISHED: 2021-06-17
In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF.
PUBLISHED: 2021-06-17
HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.
PUBLISHED: 2021-06-17
An XSS issue was discovered in manage_custom_field_edit_page.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.