Gemalto SIMs May Have Been Compromised By Western Security Agencies

The reach of Western intelligence agencies is once again in the media spotlight, with the allegation that both US and UK authorities hacked into a major SIM card manufacturer’s systems, and made off with codes that allowed them to spy on mobile users.

The stolen encryption keys meant that the NSA and GCHQ could successfully decode data intercepted travelling between phone and cell tower, so intelligence staff could listen to calls and read texts or emails.

This information comes from US website Intercept (via the BBC), who passed it on from – yes, the whistleblower extraordinaire, Edward Snowden. The alleged hack happened some time ago; back in 2010, in fact.

Gemalto is the SIM vendor in question, and its business spans some 85 countries. The extent of the code theft means that, according to the Intercept, the US and UK agents have had the potential to “secretly monitor a large portion of the world’s cellular communications, including both voice and data”.

Big clients of Gemalto include all the major US networks for starters – AT&T, T-Mobile, Verizon and Sprint.

And if Gemalto was hit, there’s a good chance that other SIM card makers were also targeted and perhaps stripped of codes as well.

The accusation follows another major PR blow for the NSA earlier this week, with strong claims coming forward that the intelligence agency has infected firmware on hard disks from major vendors including Western Digital, Seagate and Toshiba, allowing the NSA to spy on most of the computers in the world.

So, that would appear to be most of the PCs and mobile phones across the globe tapped up.