Gemalto presented today the findings of its investigation in the alleged hacking and intrusion of its network by NSA and GCHQ.
Among the findings :
“The investigation into the intrusion methods described in the document and the sophisticated attacks that Gemalto detected in 2010 and 2011 give us reasonable grounds to believe that an operation by NSA and GCHQ probably happened“.
“The attacks against Gemalto only breached its office networks and could not have resulted in a massive theft of SIM encryption keys”.
“The operation aimed to intercept the encryption keys as they were exchanged between mobile operators and their suppliers globally”.
“In the case of an eventual key theft, the intelligence services would only be able to spy on communications on second generation 2G mobile networks. 3G and 4G networks are not vulnerable to this type of attack”.
“Gemalto has never sold SIM cards to four of the twelve operators listed in the documents, in particular to the Somali carrier where a reported 300,000 keys were stolen.”
“If we look back at the period covered by the documents from the NSA and GCHQ, we can confirm that we experienced many attacks. In particular, in 2010 and 2011, we detected two particularly sophisticated intrusions which could be related to the operation”.
“At the time we were unable to identify the perpetrators but we now think that they could be related to the NSA and GCHQ operation.“
