New information provided to The Intercept by Edward Snowden suggests that SIM cards used on carriers around the globe were compromised during a hack by the spies working for the NSA in the U.S. and the Government Communications Headquarters (GCHQ) in the U.K.
Snowden told the news outlet that spies working on behalf of both agencies hacked into a database owned by Gemalto, a major SIM card company based in the Netherlands, and stole encryption keys for SIM cards that could provide access to private communications.
“Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world,” The Intercept explained. The encryption keys would essentially provide the NSA and GCHQ with backdoor access to the networks, and communications traveling across them, without the networks ever being aware of the taps.
In one slide provided to The Intercept, GCHQ confirms it “successfully implanted several machines and [believes it] has their entire network.” On the same slide, the spy agency used “sales staff machines for customer information and network engineers machines for network maps.”
It seems neither Gemalto nor its carrier customers were ever aware of the intrusions. ““I’m disturbed, quite concerned that this has happened,” Gemalto executive vice president Paul Beverly told The Intercept. “The most important thing for me is to understand exactly how this was done, so we can take every measure to ensure that it doesn’t happen again, and also to make sure that there’s no impact on the telecom operators that we have served in a very trusted manner for many years.” Beverly said his company now needs to figure out how extensive the hack was, and which carrier partners might have been affected.
The report details plenty of spying on Gemalto employees, too, including “cyberstalking” of employee Facebook accounts and e-mails through programs executed by the GCHQ titled “DAPINO GAMMA” and “HIGHLAND FLING.” The spies also tapped into firms such as Nokia, Ericsson, Huawei, MTN Irancell, Beglacom, Bluefish, and other “employees of targeted companies who used email providers, such as Yahoo and Google.”
The report goes into additional details into how the NSA and GCHQ were able to execute the attack, and why they targeted specific individuals, and you can read it all in the source below.
The Galaxy S20 Ultra's Space Zoom camera is amazing and a bit creepy
The Galaxy S20 Ultra supports up to 100X zoom, which Samsung calls Space Zoom, but is it any good? Can a phone really product usable photos at 100x zoom? We've got our Galaxy S20 Ultra already so join us to find out!
Win an iPhone, iPad and Apple Watch with the Reader's Choice giveaway!
What's the best phone of 2019? Is it the iPhone 11 Pro, Pixel 4 or OnePlus 7T? What about the best laptop, games console, tablet and more? Vote NOW in the Reader's Choice awards and win BIG in time for the holidays!
Here are the best products from IFA 2019!
Here are the products announced at IFA 2019 that were worthy of our Best of IFA 2019 awards. Also featuring MrMobile's single best product at the show!
Step into your favorite film with a pair of 3D glasses
Experience movies and video games in the most realistic way with a pair of 3D glasses. Our guide has the best to help you narrow down your choice.
