comscore Gemalto investigation confirms NSA and GCHQ cyber attacks, denies any significant security implications

Gemalto investigation confirms NSA and GCHQ cyber attacks, denies any significant security implications


As reported, Gemalto today revealed the findings of its investigation against the reported NSA and GCHQ hack. The world s biggest SIM manufacturer has acknowledged that the spy agencies did hack its office networks, but denies that there was a massive theft of SIM encryption keys. Also Read - Hackers are successfully attacking Gmail, Yahoo Mail and ProtonMail by beating two-factor authentication

Also Read - Gemalto issues public apology for Aadhaar data breach report

Gemalto issued a press release saying, Also Read - Tesla faces investigation from the Department of Justice over Elon Musk's claims to take the company private

The investigation into the intrusion methods described in the document and the sophisticated attacks that Gemalto detected in 2010 and 2011 give us reasonable grounds to believe that an operation by NSA and GCHQ probably happened.

The attacks against Gemalto only breached its office networks and could not have resulted in a massive theft of SIM encryption keys.

The Dutch company further said that the spy operation was aimed at intercepting the encryption keys when they were being shipped from its production facilities to mobile operators. But it says that the breach had little effect, since they had deployed a secure transfer system back in 2010.

By 2010, Gemalto had already widely deployed a secure transfer system with its customers and only rare exceptions to this scheme could have led to theft.

In the case of an eventual key theft, the intelligence services would only be able to spy on communications on second generation 2G mobile networks. 3G and 4G networks are not vulnerable to this type of attack.

Gemalto further allayed fears saying that none of its products were impacted by this attack.

Last week, a bunch of documents released by whistle blower Edward Snowden revealed that NSA and Britain s GCHQ conducted joint operations to hack Gemalto and steal its encryption keys.

RELATED: Snowden documents reveal NSA, GCHQ have keys to everyone s SIM cards

The agencies were said to have managed to harvest encryption keys burnt on SIM cards that are used to authenticate them on cellular networks. These keys enable the spy agencies to gather surveillance data from cellular networks and decrypt any conversation both voice and data at their leisure.

For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel. Also follow us on  Facebook Messenger for latest updates.
  • Published Date: February 25, 2015 2:43 PM IST

new arrivals in india