Last week we saw the emergence of a troubling report, one claiming that the GCHQ and NSA compromised the security of SIM-card-maker Gemalto, accessing encryption keys that would in theory allow the spy agencies to passively monitor cellular communications as they moved from our phones to cellular towers. It was quite the alarming claim, but one that was difficult to immediately quantify in terms of its impact on end users: just what could such a hack conceivably mean for the security of your data? Today Gemalto has released a follow-up statement looking into the scope of the attack on its networks, while another report warns of some even more severe consequences.

The general tone of Gemalto’s internal inquiry is that for the most part, this hack probably isn’t a big deal. It claims that the agencies in question would have had, at worst, access to some office networks that wouldn’t empower them to steal encryption keys en masse. While it acknowledges that some attacks may have been possible, it suggests we’re not looking at a situation where these spies have access to the keys protecting billions and billions of SIMs. And though keys could have been grabbed when sharing them with certain carriers, Gemalto uses a secure communication scheme for the majority of such transfers, one it does not believe is implicated in these hacks.

That said, in cases where the NSA and GCHQ did get their dirty little hands on keys, it’s possible that they could be up to a lot worse than simply monitoring cellular traffic. Possession of SIM OTA keys would enable these agencies to remotely install malicious software directly to the SIM cards of targeted phones. These programs could force SIMs to turn against their users, continually reporting location data back to the agencies, or selectively interfering with communications.

Source: Gemalto, The Verge

You May Also Like

Possible iOS 14 video leak shows new iPhone multitasking

This could probably be the first look at the new multitasking user interface that may come with the new iOS 14 software update

We could have the first Mac without an Intel processor soon

It seems that we won’t get Intel processors in a Mac after 2020 since Apple could be getting ready to include custom-designed ARM chipsets in its devices

Huawei Mate Xs launched with improved hinge design and Kirin 990 5G SoC

Huawei Mate Xs costs a fortune at €2,499, and despite running on Android 10, it misses out on all the essential Google apps and services.