Edward Snowden: NSA, GCHQ Stole Phone SIM Card Encryption Keys And Snooped On You

The National Security Agency (NSA) and comrades at Britain's Government Communications Headquarters (GCHQ) have been stealing encryption keys for SIM cards so that they could spy on cell phone communications, according to the latest revelations from former NSA agent Edward Snowden.

Snowden alleges that the NSA and GCHQ targeted Dutch firm Gemalto and its SIM card production, in a series of attacks that gave it the keys needed to crack just about any SIM card. Gemalto produces chips for credit cards and SIM cards used by all four of the US' top wireless carriers and approximately 450 telecommunications companies around the world.

According to a document Snowden allegedly gave to The Intercept, the NSA and GCHQ hacked into Gemalto and stole the encryption keys needed to crack open the SIM cards' security. NSA-backed GCHQ agents tapped into the communications of Gemalto employees, prying until they got their hands on the encryption keys.

In an alleged GCHQ slide, the agency list current and completed objectives for its computer network exploitation of Gemalto. The objectives include "billing servers to suppress SMS billing"; "authentication server to obtain: keys, key identifiers and over-the-air keys" and "sales staff machines for customer information and network engineer machines for network maps."

One of the objectives the agents apparently completed was successfully implanting "Several machines," stating "[we] believe we have their entire network -- TDSD are working the data."

A document, entitled PCS Harvesting at Scale, detailed the "TDSD's" effectiveness in harvesting SIM card keys and the entities move from a manual process to an automated system.

"TDSD's key harvesting methodology centers around collecting Ki values in transit between mobile network operators and SIM card personalization centers."

And with those keys in hand, "known individuals" can be targeted by key holder in proximity of the targets by using "simple search terms" to obtain their personal key identifiers.

The object of the phase in key harvesting described in the document was to streamline a process that would later be automated, so that TDSD didn't have to use manpower on extracting key identifiers. It would also enable TDSD to gauge the process's effectiveness and help it determine which wireless carriers were most vulnerable to the targeting.

The automated process is already up and running. It has been used to recover a large batch of Somali Kis, which would have been missed by manually profiling targets, the document states.

"Somali providers are not on [GCHQ's] list of interest, hence it is likely this item would have been missed by manual collections," states the document. "However, this was usefully shared with NSA. A number of other unexpected providers were brought to light, including Babilon-Mobile in Tajikistan and Icelandic provider Nova 3G."

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics