According to a report this week from Glenn Greenwald’s leak-happy publication The Intercept, new documents out of the Snowden archive suggest that the NSA and GCHQ have been actively hacking the world’s largest provider of SIM cards in order to eavesdrop on cellphones on a global scale.
The program, helmed by the Mobile Handset Exploitation Team (MHET), was used to hack into and exploit the manufacturing process of the company Gemalto, who produces more than two billion SIM cards for every major cell phone manufacturer annually.
By targeting employees of the company through their Facebook profiles and email accounts, the team was then able to get into the company’s network once they had logged in from various sites in every country Gemalto operates.
The agency gave the greenlight for operation DAPINO GAMMA (these names seem to be getting more obscure by the day) on their hunt for the much-valued Ki encryption keys. Ki is an algorithm used to protect the data contained on SIM cards, including mobile identification numbers, contacts, GPS location information and carrier authentication data.
More importantly, it’s the main tool that almost all cell phones rely on to encrypt the content of outgoing and incoming phone conversations. By gaining access to the Ki library, the NSA and GCHQ could effectively render the entire protection method obsolete, and scan any calls they had collected for keywords that might pertain to their surveillance missions.
By breaking down the basic building blocks of security that both 2G and 3G/4G networks rely on to keep their callers safe, the GCHQ was opened up to smorgasbord of data that would have otherwise been out of their grasp. One of the more recent efforts, the documents claim that the MHET went live in 2010, and have since been able to increase their capacity to handle not just the networks of Gemalto, but all of the major SIM card distributors active today.
In a response to the reveal, Gemalto denied their systems had been infiltrated by the NSA without their knowledge.
“In the digital world we all live in, Gemalto is especially vigilant against malicious hackers and of course has detected, logged and mitigated many types of attempts over the years, and at present can make no link between any of those past attempts and what was reported by The Intercept,” the SIM card firm said in a statement.
Despite their assurance that the company was safe from the NSA’s blatant attempts to absorb all the data it could off their network, it would be altogether strange for the NSA’s internal memos to lie about the agency’s ability to infiltrate a proposed target.
“We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated technique to try to obtain SIM card data.
From what we gathered at this moment, the target was not Gemalto, per se – it was an attempt to try and cast the widest net possible to reach as many mobile phones as possible.”