1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

NSA, British spies 'hack SIM card company'

Manasi GopalakrishnanFebruary 20, 2015

US and British spies have stolen encryption keys of the world's largest SIM card manufacturer, according to a report citing NSA documents. As a result, mobiles can be monitored worldwide, The Intercept website claims.

https://p.dw.com/p/1EerQ
Image: PeJo/Fotolia

Operatives from Britain and the NSA hacked into the internal network of Dutch company Gemalto, the world's largest manufacturer of SIM cards for mobile phones, The Intercept reported on Thursday, saying it had the information from documents provided by NSA whistleblower Edward Snowden.

Glenn Greenwald, founder of The Intercept and the man who made Snowden's leaks public tweeted the news:

Access to private information

Gemalto produces two billion SIM cards every year. Its clients include T Mobile, Verizon and AT&T and operate in 85 countries. Its motto is: "Security to be free."

Journalists Jeremy Scahill and Josh Bigley wrote in their findings that the spies breached Gemalto's core networks and could eavesdrop on data and voice communications of a targeted individual's phone.

US whistleblower, Edward Snowden participates via a video link from Moscow, in the Parliamentary Assembly of the Council of Europe.
Edward Snowden: leaked classified information from US' National Security Agency (NSA) beginning 2013.Image: picture-alliance/dpa

Hacking mobile encryption systems gave spy agencies the potential to monitor a substantial portion of global cellular communications.

"Leading privacy advocates and security experts say that the theft of encryption keys from major wireless network providers is tantamount to a thief obtaining the master ring of a building superintendent who holds the keys to every apartment," the authors wrote in their article, citing a classified document from 2010.

'Disturbing' news

The multinational firm was caught unawares by the news. "I'm disturbed, quite concerned that this has happened… The most important thing for me is to understand exactly how this was done, so we can take every measure to ensure that it does not happen again," Paul Beverly, Executive Vice President in Gemalto told The Intercept's journalists.

Dutch leaders also expressed concern over the leak, especially since it concerned foreign agencies spying on Dutch territory where hacking is illegal. Parliamentarian Gerard Schouw tweeted that his country would demand an explanation about the incident.

FBI and other US agencies can ask for court orders to be able to intercept phone companies' customers in the US, but this is more difficult on an international level. Cryptography specialist Mathew Green told The Intercept's journalists that this kind of access to a database of keys is "bad news for phone security."