Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world. The company operates in 85 countries and has more than 40 manufacturing facilities. One of its three global headquarters is in Austin, Texas and it has a large factory in Pennsylvania.
In all, Gemalto produces some 2 billion SIM cards a year. Its motto is “Security to be Free.”
With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted but did not yet have the ability to decrypt.
As part of the covert operations against Gemalto, spies from GCHQ — with support from the NSA — mined the private communications of unwitting engineers and other company employees in multiple countries.
Gemalto was totally oblivious to the penetration of its systems — and the spying on its employees. “I’m disturbed, quite concerned that this has happened,” Paul Beverly, a Gemalto executive vice president, told The Intercept....
According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ secret access. We “believe we have their entire network,” the slide’s author boasted about the operation against Gemalto.
Additionally the spy agency targeted unnamed cellular companies’ core networks, giving it access to “sales staff machines for customer information and network engineers machines for network maps.” GCHQ also claimed the ability to manipulate the billing servers of cell companies to “suppress” charges in an effort to conceal the spy agency’s secret actions against an individual’s phone. Most significantly, GCHQ also penetrated “authentication servers,” allowing it to decrypt data and voice communications between a targeted individual’s phone and his or her telecom provider’s network. https://theintercept.com/2015/02/19/great-sim-heist/
................................................................................................................................
9-24-15 The director of the NSA, Admiral Michael Rogers, just admitted at a Senate hearing that when Internet companies provide copies of encryption keys to law enforcement, the risk of hacks and data theft goes way up.
The government has been pressuring technology companies to provide the encryption keys that it can use to access data from suspected bad actors. The keys allow the government “front door access,” as Rogers has termed it, to secure data on any device, including cell phones and tablets.
Rogers made the statement in answer to a question from Senator Ron Wyden at the Senate Intelligence Committee hearing Thursday.
Wyden: “As a general matter, is it correct that anytime there are copies of an encryption key — and they exist in multiple places — that also creates more opportunities for malicious actors or foreign hackers to get access to the keys?
Rogers: Again, it depends on the circumstances, but if you want to paint it very broadly like that for a yes and no, then i would probably say yes.”
...“The NSA chief Admiral Rogers today confirmed what encryption experts and data scientists have been saying all along: if the government requires companies to provide copies of encryption keys, that will only weaken data protection and open the door for malicious actors and hackers,” said Morgan Reed of the App Association in a note to VentureBeat. https://venturebeat.com/2015/09/24/nsa-director-just-admitted-that-government-copies-of-encryption-keys-are-a-security-risk/
...................................................................................................................
10-15-15 For years, privacy advocates have pushed developers of websites, virtual private network apps, and other cryptographic software to adopt the Diffie-Hellman cryptographic key exchange as a defense against surveillance from the US National Security Agency and other state-sponsored spies. Now researchers are renewing their warning that a serious flaw in the way the key exchange is implemented is allowing the NSA to break and eavesdrop on trillions of encrypted connections.
The cost for adversaries is by no means modest. For commonly used 1024-bit keys, it would take about a year and cost a "few hundred million dollars" to crack just one of the extremely large prime numbers that form the starting point of a Diffie-Hellman negotiation. But it turns out that only a few primes are commonly used, putting the price well within the NSA's $11 billion-per-year budget dedicated to "groundbreaking cryptanalytic capabilities."
"Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous," researchers Alex Halderman and Nadia Heninger wrote in a blog post published Wednesday. https://arstechnica.com/information-technology/2015/10/how-the-nsa-can-break-trillions-of-encrypted-web-and-vpn-connections/
.................................................................................................................................
10-30-17 A Moscow court has rejected a lawsuit filed by Ekho Moskvy journalist Alexander Plyushchev against the Federal Security Service (FSB) over the popular encrypted messaging app Telegram.
Plyushchev and another prominent journalist, Oleg Kashin, filed the suit against the FSB over its demand that the popular Telegram messaging app turn over encryption keys to the government. https://themoscowtimes.com/news/russian-journalists-case-against-the-fsb-over-telegram-encryption-rejected-59417