NSA, GCHQ reportedly stole mobile network encryption keys

Private information protected by the little SIM card in your handset might not be so private after all. Based on new documentation from former NSA-employee-turned-whistleblower, Edward Snowden, The Intercept is reporting on a state-sponsored theft of encryption keys from Gemalto; a company that makes 2 billion SIM cards annually.

encryption theft

According to The Intercept’s report, the U.K.’s GCHQ, working with the U.S. National Security Administration, was behind the hack on Gemalto, providing government agencies with the information by infiltrating the company.

What exactly does that mean to individuals and their privacy? Quite a bit, The Intercept said:

With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.

Snowden’s documentation suggests for the first time the formation of a Mobile Handset Exploitation Team (MHET), with the purpose of seeking ways to gain access to handsets and cellular communications. This would allow the agencies to decrypt cellular communications with the knowledge of either private citizens or the cellular network providers, and without requiring a court order.


In short, such a situation removes the potential for any semblance of privacy for individuals using default smartphone services.

Any data, including contacts or saved messages, stored on a SIM card could be at risk for harvesting; but that’s just the tip of the iceberg. Mobile phone communications could be harvested in bulk and later decrypted by the agencies, so it’s not just a “real-time” communications problem.

Essentially, then, with these encryption keys compromised, I don’t see how carriers can effectively guarantee privacy on their networks, depending on how widespread the theft really is.

And that points to the core of the problem: With clandestine acts such as this, do we even know if we have all of the information on the agency’s activities? It’s unlikely, at best and extremely concerning.

In light of the report, Gemalto has provided the following email statement to Gigaom:

“In the digital world we all live in, Gemalto is especially vigilant against malicious hackers and of course has detected, logged and mitigated many types of attempts over the years, and at present can make no link between any of those past attempts and what was reported by The//INTERCEPT.  We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated technique to try to obtain SIM card data. From what we gathered at this moment, the target was not Gemalto, per se – it was an attempt to try and cast the widest net possible to reach as many mobile phones as possible.  There have been many reported state sponsored attacks as of late, that all have gained attention both in the media and amongst businesses, this truly emphasizes how serious cyber security is in this day and age.”

This post was updated at 1:16pm with Gemalto’s statement.