Gemalto and the Great Sim Encryption Key Theft

Edward Snowden leaked via the Intercept, The National Security Agency (NSA) and the Government Communications Headquarters (GCHQ) jointly hacked into the internal network of the largest Subscriber Identity Module (SIM) card creator and manufacturer, who also puts the chips into credit cards, in order to get the encryption keys the very fundamental part of every phone that makes calls and data private.

Gemalto produces 2 billion SIM cards a year.

With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted.

Here is a basic video on how key exchange works.

This entry was posted in Security Blog and tagged , , , , , , . Bookmark the permalink.