Gemalto: No major theft of keys to smartphone kingdom
Yes, it seems US and UK spy agencies tried to snoop on people's smartphones, the company says. But privacy and security harm to users is limited by Gemalto's own network security and newer encryption used on modern networks.
PARIS -- US and UK spy agencies likely did indeed try to break into the network of Gemalto, a company that supplies carriers worldwide with the SIM cards that identify phones and encrypt communications, but the attack could have had only limited effectiveness, the company said Wednesday.
"The attacks against Gemalto only breached its office networks and could not have resulted in a massive theft of SIM encryption keys," Gemalto said in a statement at a press conference held in response to a report in the Intercept alleging a massive theft by the US National Security Agency and UK Government Communications Headquarters. The report said millions of SIM card encryption keys had been stolen through the joint NSA and GCHQ operation.
"Gemalto -- successfully implanted several machines and believe we have their entire network," said one GCHQ slide, a 2010 document leaked by former NSA contractor Edward Snowden.
The report sent shock waves around the security world since it indicated spy agencies could eavesdrop on smartphone calls, text messages and data transfers -- even if they didn't have a search warrant or equivalent judicial authorization. Smartphone monitoring added another element to NSA and GCHQ surveillance efforts that, according to the Snowden documents, already included logging the phone numbers people called and tapping into Yahoo and Google's private data center communications.
Gemalto, which is one of the world's largest SIM card makers, said successful attacks only could have worked on older second-generation "2G" wireless networks, and the attacks didn't affect related technology used in credit cards, debit cards and passports.
However, Gemalto said, it appears that other SIM card manufacturers were targeted, so privacy and security concerns can't be dispelled. For example, the spy agency documents pointed to 300,000 keys stolen from a Somali carrier that isn't a Gemalto customer. Indeed, that's the case for four of the 12 carriers identified in the documents, Gemalto said.
SIM cards are small chips that are used to identify mobile phones (the acronym stands for subscriber identity module) and authenticate them on a carrier's mobile network without the password hassles Wi-Fi users face. SIM cards also are instrumental in encrypting data and voice communications. Companies such as Gemalto and Giesecke & Devrient (G&D) manufacture SIM cards for the carriers, which supply them to consumers when they buy phones or mobile subscription plans.
News of the theft attempt hammered Gemalto's stock price Friday, sending it down from Thursday's closing price of €72.56 ($82.37) to €67.75 ($76.89). On Wednesday, though, the stock recovered much of its loss, with midday trading at €71.42 ($81.06).
Gemalto wasn't alone in launching an investigation. "Until now, G&D had no knowledge that SIM card keys were stolen," said Stefan Auerbach, head of G&D's mobile security business unit, in a statement Tuesday. "Immediately after the attacks were brought to light we did, however, introduce additional measures to review the established security processes together with our customers."
Only 2G vulnerable
2G networks have outdated encryption that can be cracked even without a key, but having the key makes it easier, Piou said. But simply having the key doesn't automatically grant access to the contents of over-the-air communications between a phone and a carrier's network base station.
"It lets you organize another attack -- a man-in-the-middle attack," Piou said. With the man-in-the-middle technique, an attacker intercepts data traffic by inserting its own network equipment between two communicating devices. Such an attack is difficult because it's specific to the model of phone used, Piou said, but once accomplished, full eavesdropping is possible.
However, later encryption standards were optionally added to 2G that make the attack harder, and 3G and 4G use different methods immune to the type of key theft used, said Serge Barbe, Gemalto's vice president of embedded software and card products. "It does not involve the exchange of files," Barbe said of the 3G and 4G networks.
The company added in a statement, "If someone intercepted the encryption keys used in 3G or 4G SIMs, they would not be able to connect to the networks and consequently would be unable to spy on communications."
By 2010, Gemalto by default used more secure key-exchange techniques that wouldn't have been vulnerable to the NSA and GCHQ methods, the company said.
Gemalto network attacked
Gemalto is subject to ceaseless network attacks, but it identified two "particularly sophisticated intrusions" in 2010 and 2011 that gives the company "reasonable grounds to believe that an operation by NSA and GCHQ probably happened."
In one, Gemalto found a third party trying to spy on Gemalto's office network, which is separate from the network used to handle SIM card encryption keys. In the other, fake emails purportedly sent from Gemalto to a customer contained malware attachments.
Gemalto didn't contact NSA or GCHQ about the situation.
"It would be a waste of time," Piou said. "What would they say?"