American and British spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.
The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data.
The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world. The company operates in 85 countries and has more than 40 manufacturing facilities. One of its three global headquarters is in Austin, Texas and it has a large factory in Pennsylvania.
In all, Gemalto produces some 2 billion SIM cards a year. Its motto is “Security to be Free.”
With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.
The U.S. and British intelligence agencies pulled off the encryption key heist in great stealth, giving them the ability to intercept and decrypt communications without alerting the wireless network provider, the foreign government or the individual user that they have been targeted.
The Mobile Handset Exploitation Team (MHET), whose existence has never before been disclosed, was formed in April 2010 to target vulnerabilities in cellphones. One of its main missions was to covertly penetrate computer networks of corporations that manufacture SIM cards, as well as those of wireless network providers. The team included operatives from both GCHQ and the NSA.
As part of the covert operations against Gemalto, spies from GCHQ — with support from the NSA — mined the private communications of unwitting engineers and other company employees in multiple countries.
According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ secret access. We “believe we have their entire network,” the slide’s author boasted about the operation against Gemalto.
Additionally, the spy agency targeted unnamed cellular companies’ core networks, giving it access to “sales staff machines for customer information and network engineers machines for network maps.” GCHQ also claimed the ability to manipulate the billing servers of cell companies to “suppress” charges in an effort to conceal the spy agency’s secret actions against an individual’s phone. Most significantly, GCHQ also penetrated “authentication servers,” allowing it to decrypt data and voice communications between a targeted individual’s phone and his or her telecom provider’s network. A note accompanying the slide asserted that the spy agency was “very happy with the data so far and [was] working through the vast quantity of product.”
Gemalto was totally oblivious to the penetration of its systems — and the spying on its employees. “I’m disturbed, quite concerned that this has happened,” Paul Beverly, a Gemalto executive vice president, told The Intercept. “The most important thing for me is to understand exactly how this was done, so we can take every measure to ensure that it doesn’t happen again, and also to make sure that there’s no impact on the telecom operators that we have served in a very trusted manner for many years. What I want to understand is what sort of ramifications it has, or could have, on any of our customers.” He added that “the most important thing for us now is to understand the degree” of the breach.
Beverly said that after being contacted by The Intercept, Gemalto’s internal security team began on Wednesday to investigate how their system was penetrated and could find no trace of the hacks. When asked if the NSA or GCHQ had ever requested access to Gemalto-manufactured encryption keys, Beverly said, “I am totally unaware. To the best of my knowledge, no.”
Leading privacy advocates and security experts say that the theft of encryption keys from major wireless network providers is tantamount to a thief obtaining the master ring of a building superintendent who holds the keys to every apartment. “Once you have the keys, decrypting traffic is trivial,” says Christopher Soghoian, the principal technologist for the American Civil Liberties Union. “The news of this key theft will send a shock wave through the security community.”
“Gaining access to a database of keys is pretty much game over for cellular encryption,” says Matthew Green, a cryptography specialist at the Johns Hopkins Information Security Institute. The massive key theft is “bad news for phone security. Really bad news.”
Neither the NSA nor GCHQ would comment specifically on the key theft operations. In the past, they have argued more broadly that breaking encryption is a necessary part of tracking terrorists and other criminals. “It is longstanding policy that we do not comment on intelligence matters,” a GCHQ official stated in an email, adding that the agency’s work is conducted within a “strict legal and policy framework” that ensures its activities are “authorized, necessary and proportionate,” with proper oversight, which is the standard response the agency has provided for previous stories published by The Intercept. The agency also said, “[T]he UK’s interception regime is entirely compatible with the European Convention on Human Rights.” The NSA declined to offer any comment.
It is unlikely that GCHQ’s pronouncement about the legality of its operations will be universally embraced in Europe. “It is governments massively engaging in illegal activities,” says Sophie in’t Veld, a Dutch member of the European Parliament. “If you are not a government and you are a student doing this, you will end up in jail for 30 years.” Veld, who chaired the European Parliament’s recent inquiry into mass surveillance exposed by Snowden, told The Intercept: “The secret services are just behaving like cowboys. Governments are behaving like cowboys and nobody is holding them to account.”
The French daily L’Express noted today that Gemalto board member Alex Mandl was a founding trustee of the CIA-funded venture capital firm In-Q-Tel. Mandl resigned from In-Q-Tel’s board in 2002, when he was appointed CEO of Gemplus, which later merged with another company to become Gemalto. But the CIA connection still dogged Mandl, with the French press regularly insinuating that American spies could infiltrate the company. In 2003, a group of French lawmakers tried unsuccessfully to create a commission to investigate Gemplus’s ties to the CIA and its implications for the security of SIM cards. Mandl, an Austrian-American businessman who was once a top executive at AT&T, has denied that he had any relationship with the CIA beyond In-Q-Tel. In 2002, he said he did not even have a security clearance.
“Although firmware exploitation is nasty, it’s at least theoretically reparable: tools could plausibly be created to detect the bad firmware hashes and re-flash good ones. This isn’t the same for SIMs, which are flashed at the factory and never touched again. When the NSA and GCHQ compromised the security of potentially billions of phones (3g/4g encryption relies on the shared secret resident on the sim), they not only screwed the manufacturer, they screwed all of us, because the only way to address the security compromise is to recall and replace every SIM sold by Gemalto.
Our governments – particular the security branches – should never be weighing the equities in an intelligence gathering operation such that a temporary benefit to surveillance regarding a few key targets is seen as more desireable than protecting the communications of a global system (and this goes double when we are more reliant on communications and technology for our economy productivity than our adversaries).”
Redditor: So far Gemalto is claiming SIMs are still secure. Not believing them at this point.
“I wouldn’t believe them either. When we’re talking about how to weight reliability between specific government documents detailing specific Gemalto employees and systems (and tittering about how badly they’ve been owned) against a pretty breezy and insubstantial press release from a corporation whose stock lost 500,000,000 EUR in value in a single day, post-report, I know which side I come down on.
That’s not to say Gemalto’s claims are totally worthless, but they have to recognize that their business relies on trust, and if they try to wave away a serious compromise, it’ll cost them more than it saves them.”
In the days since the report published, there’s been concern over an even more frightening line of attack. The stolen SIM keys don’t just give the NSA the power to listen in on calls, but potentially to plant spyware on any phone at any time. Once the stolen keys have bypassed the usual protections, the spyware would live on the SIM card itself, undetectable through conventional tools, able to pull data and install malicious software. If the NSA and GCHQ are pursuing that capability, it could be one of the biggest threats unearthed by Snowden so far.
Our earlier report focused on the Ki keys, used to encrypt traffic between the phone and the tower — but this new attack uses a different set of keys known as OTA keys, short for “over-the-air.” Each SIM card gets its own OTA key, typically used to remotely install updates. Manufacturers can send a binary text message directly to the SIM card, and as long as it’s signed with the proper OTA key, the card will install the attached software without question. If those keys were compromised, it would give an attacker carte blanche to install all manner of spyware. Researcher Claudio Guarnieri, who’s researched the Snowden documents extensively, says the OTA keys could make the Gemalto heist the most important news to come out of the documents so far. “It’s scary,” Guarnieri says. “If the NSA and GCHQ have obtained a large quantity of OTA keys, we’re facing the biggest threat to mobile security ever.”
The OTA key works as a kind of golden key to the SIM card, allowing almost total access to anyone who has it. Karsten Nohl, a researcher best known for his work on BadUSB, explored SIM hacks as part of a Black Hat presentation in 2013 (PDF), and says the OTA keys would be a very likely target for an intelligence agency. The Intercept’s documents also mention compromising Gemalto’s ability to alter SMS records, which could be used to erase any suspicious OTA updates. The result would be a completely invisible program, running in an inaccessible portion of the phone. “It would be completely hidden from the user,” says Nohl.
Earlier leaks show that the NSA has already developed malware that would work in just this way. The NSA’s exploit catalog lists two different SIM-based malware apps: MONKEYCALENDAR sends back location data through hidden SMS messages, while GOPHERSET pulls a user’s phone book, text and call logs. In both cases, the malware lives entirely on the SIM card, leaving no trace on the internal storage of the device. Neither slide says how the malware would be implanted, but once the OTA keys have been stolen, it would be as simple as sending a text.
But while the OTA keys are certainly valuable to the NSA and GCHQ, it’s harder to say whether the agencies are actively harvesting them. The latest batch of documents shows that the agencies had full access to Gemalto’s network, including the authentication servers that manage OTA keys, so at the very least, they could have stolen the keys if they wanted. But while the other documents show a concerted effort to harvest Ki keys, there’s little mention of OTA keys beyond a single slide. The lack of evidence doesn’t mean the agencies were ignoring the keys, of course; they may just have kept the harvesting efforts off Powerpoint.
- The investigation into the intrusion methods described in the document and the sophisticated attacks that Gemalto detected in 2010 and 2011 give us reasonable grounds to believe that an operation by NSA and GCHQ probably happened
- The attacks against Gemalto only breached its office networks and could not have resulted in a massive theft of SIM encryption keys
- The operation aimed to intercept the encryption keys as they were exchanged between mobile operators and their suppliers globally. By 2010, Gemalto had already widely deployed a secure transfer system with its customers and only rare exceptions to this scheme could have led to theft
- In the case of an eventual key theft, the intelligence services would only be able to spy on communications on second generation 2G mobile networks. 3G and 4G networks are not vulnerable to this type of attack
- None of our other products were impacted by this attack
- The best counter-measures to these type of attacks are the systematic encryption of data when stored and in transit, the use of the latest SIM cards and customized algorithms for each operator
Following the release of a report by a news website on February 19, 2015, Gemalto (Euronext NL0000400653 GTO), has conducted a thorough investigation, based in particular on two elements: the purported NSA and GCHQ documents which were made public by this website, and our internal monitoring tools and their past records of attempts of attacks.
All comments in this publication assume that the published documents are real and refer accurately to events that occurred during 2010 and 2011. Our publication here below does not aim at confirming partially or entirely nor at providing elements to refute partially or entirely the contents of those website published documents.
As a digital security company, people try to hack Gemalto on a regular basis. These intrusion attempts are more or less sophisticated and we are used to dealing with them. Most are not successful while only a few penetrate the outer level of our highly secure network architecture.
If we look back at the period covered by the documents from the NSA and GCHQ, we can confirm that we experienced many attacks. In particular, in 2010 and 2011, we detected two particularly sophisticated intrusions which could be related to the operation.
In June 2010, we noticed suspicious activity in one of our French sites where a third party was trying to spy on the office network. By office network we mean the one used by employees to communicate with each other and the outside world. Action was immediately taken to counter the threat.
In July 2010, a second incident was identified by our Security Team. This involved fake emails sent to one of our mobile operator customers spoofing legitimate Gemalto email addresses. The fake emails contained an attachment that could download malicious code. We immediately informed the customer and also notified the relevant authorities both of the incident itself and the type of malware used.
During the same period, we also detected several attempts to access the PCs of Gemalto employees who had regular contact with customers.
At the time we were unable to identify the perpetrators but we now think that they could be related to the NSA and GCHQ operation. These intrusions only affected the outer parts of our networks – our office networks – which are in contact with the outside world. The SIM encryption keys and other customer data in general, are not stored on these networks. It is important to understand that our network architecture is designed like a cross between an onion and an orange; it has multiple layers and segments which help to cluster and isolate data.
While the intrusions described above were serious, sophisticated attacks, nothing was detected in other parts of our network. No breaches were found in the infrastructure running our SIM activity or in other parts of the secure network which manage our other products such as banking cards, ID cards or electronic passports. Each of these networks is isolated from one another and they are not connected to external networks.
It is extremely difficult to remotely attack a large number of SIM cards on an individual basis. This fact, combined with the complex architecture of our networks explains why the intelligence services instead, chose to target the data as it was transmitted between suppliers and mobile operators as explained in the documents.
The risk of the data being intercepted as it was shared with our customers was greatly reduced with the generalization of highly secure exchange processes that we had put in place well before 2010. The report indicates that attacks were targeted at mobile operators in Afghanistan, Yemen, India, Serbia, Iran, Iceland, Somalia, Pakistan and Tajikistan. It also states that when operators used secure data exchange methods the interception technique did not work. In particular it “…failed to produce results against Pakistani networks”. We can confirm that the transmission of data between Pakistani operators and Gemalto used the highly secure exchange process at that time. In 2010 though, these data transmission methods were not universally used and certain operators and suppliers had opted not to use them. In Gemalto’s case, the secure transfer system was standard practice and its non-use would only occur in exceptional circumstances.
The analysis of the documents shows that the NSA and GCHQ targeted numerous parties beyond Gemalto. As the leader in the market, Gemalto may have been the target of choice for the intelligence services in order to reach the highest number of mobile phones. However, we can see in the document that many aspects do not relate to Gemalto, for example:
- Gemalto has never sold SIM cards to four of the twelve operators listed in the documents, in particular to the Somali carrier where a reported 300,000 keys were stolen.
- A list claiming to represent the locations of our personalization centers shows SIM card personalization centers in Japan, Colombia and Italy. However, we did not operate personalization centers in these countries at the time.
- Table 2 indicates that only 2% of the exchanges of encryption keys (38/1719) came from SIM suppliers and states that the use of strong encryption methods by SIM suppliers means that the other groups (98%) are much more vulnerable to these types of attacks.
In 2010-2011 most operators in the targeted countries were still using 2G networks. The security level of this second generation technology was initially developed in the 1980s and was already considered weak and outdated by 2010. If the 2G SIM card encryption keys were to be intercepted by the intelligence services, it would be technically possible for them to spy on communications when the SIM card was in use in a mobile phone. This is a known weakness of the old 2G technology and for many years we have recommended that operators deploy extra security mechanisms. However, even if the encryption keys were intercepted by the Intelligence services they would have been of limited use. This is because most 2G SIMs in service at that time in these countries were prepaid cards which have a very short life cycle, typically between 3 and 6 months.
This known weakness in the original 2G standards was removed with the introduction of proprietary algorithms, which are still used as an extra level of security by major network operators. The security level was further increased with the arrival of 3G and 4G technologies which have additional encryption. If someone intercepted the encryption keys used in 3G or 4G SIMs they would not be able to connect to the networks and consequently would be unable to spy on communications. Therefore, 3G and 4G cards could not be affected by the described attack. However, though backward compatible with 2G, these newer products are not used everywhere around the world as they are a bit more expensive and sometimes operators base their purchasing decision on price alone.
Digital security is not static. Today’s state of the art technologies lose their effectiveness over time as new research and increasing processing power make innovative attacks possible. All reputable security products must be re-designed and upgraded on a regular basis. SIM cards are no different and they have evolved over time. In particular, the technology was massively re-developed for 3G and 4G networks.
Security is even higher for mobile operators who work with Gemalto to embed custom algorithms in their SIM cards. The variety and fragmentation of algorithmic technologies used by our customers increases the complexity and cost to deploy massive global surveillance systems. This is one of the reasons why we are opposed to alternative technologies which would limit operators’ ability to customize their security mechanisms. Such technology would make it much simpler to organize mass surveillance should the technology unfortunately be compromised or fail.
Gemalto would like to reiterate its commitment to providing the best security levels for civilian applications. Our security products, infrastructure and processes are designed to ensure the highest degree of security in a global, open, and commercial environment. These are regularly audited and certified by third-party private and public organizations.
Nevertheless, we are conscious that the most eminent state agencies, especially when they work together, have resources and legal support that go far beyond that of typical hackers and criminal organizations. And, we are concerned that they could be involved in such indiscriminate operations against private companies with no grounds for suspicion.
In light of the recent events our main focus is our customers. Our teams have particularly appreciated the support that they have shown us in the past few days. These events inspire our people to work even closer with our customers and the industry to build even more sophisticated solutions to serve the needs of end users.
In today’s world, any organization could be subject to a cyber-attack. Therefore, it has never been more important to follow security best practices and adopt the most recent technologies. These include advanced data encryption, so that even if networks are breached, third parties cannot access any of the stolen information.
Gemalto will continue to monitor its networks and improve its processes. We do not plan to communicate further on this matter unless a significant development occurs.
This morning, Gemalto tried to downplay the significance of NSA and GCHQ efforts against its mobile phone encryption keys — and, in the process, made erroneous statements about cellphone technology and sweeping claims about its own security that experts describe as highly questionable.
The company was eager to address the claims that its systems and encryption keys had been massively compromised. At one point in stock trading after publication of the report, Gemalto suffered a half billion dollar hit to its market capitalization. The stock only partially recovered in the following days.
After the brief investigation, Gemalto now says that the NSA and GCHQ operations in 2010-2011 would not allow the intelligence agencies to spy on 3G and 4G networks, and that theft would have been rare after 2010, when it deployed a “secure transfer system.” The company also said the spy agency hacks only affected “the outer parts of our networks – our office networks — which are in contact with the outside world.”
Security experts and cryptography specialists immediately challenged Gemalto’s claim to have done a “thorough” investigation into the state-sponsored attack in just six days, saying the company was greatly underestimating the abilities of the NSA and GCHQ to penetrate its systems without leaving detectable traces, and that Gemalto’s statements about its investigation contained a significant error about cellphone technology.
Christopher Soghoian, Chief Technologist at ACLU:
“Gemalto learned about this five-year old hack by GCHQ when the The Intercept called them up for a comment last week. That doesn’t sound like they’re on top of things, and it certainly suggests they don’t have the in-house capability to detect and thwart sophisticated state-sponsored attacks. Their ‘investigation’ seem to have consisted of asking their security team which attacks they detected over the past few years. That isn’t much of an investigation, and it certainly won’t reveal successful nation-state attacks Gemalto is as much of an interesting target in 2015 as they were in 2010. Gemalto’s security team may want to keep looking, not just for GCHQ and NSA, but also, for the Chinese, Russians and Israelis too.”
Matthew Green, Cryptography Specialist at Johns Hopkins Information Security Institute:
“This is an investigation that seems mainly designed to produce positive statements. It is not an investigation at all. No encryption mechanism stands up to key theft, which means Gemalto is either convinced that the additional keys could not also have been stolen or they’re saying that their mechanisms have some proprietary ‘secret sauce’ and that GCHQ, backed by the resources of NSA, could not have reverse engineered them. That’s a deeply worrying statement. I think you could make that statement against some gang of Internet hackers, but you don’t get to make it against nation state adversaries. It simply doesn’t have a place in the conversation. They are saying that NSA/GCHQ could not have breached those technologies due to ‘additional encryption’ mechanisms that they don’t specify and yet here we have evidence that GCHQ and NSA were actively compromising encryption keys.”
In a press conference today in Paris, Gemalto’s CEO, Olivier Piou said his company will not take legal action against the NSA and GCHQ. “It’s difficult to prove our conclusions legally, so we’re not going to take legal action,” he said. “The history of going after a state shows it is costly, lengthy and rather arbitrary.”There has been significant commercial pressure and political attention placed on Gemalto since The Intercept’s report. Wireless network providers on multiple continents demanded answers and some, like Deutsche Telekom, took immediate action to change their encryption algorithms on Gemalto-supplied SIM cards. The Australian Privacy Commissioner has launched an investigation and several members of the European Union parliament and Dutch parliament have asked individual governments to launch investigations. German opposition lawmakers say they are initiating a probe into the hack as well.
On Wednesday, Gerard Schouw, a member of the Dutch parliament, submitted formal questions about the Gemalto hack and the findings of the company’s internal investigation to the interior minister. “Will the Minister address this matter with the Ambassadors of the United States and the United Kingdom? If not, why is the Minister not prepared to do so? If so, when will the Minister do this?” Schouw asked. “How does the Minister assess the claim by Gemalto that the attack could only lead to wiretapping 2G-network connections, and that 3G and 4G-type networks are not susceptible to this kind of hacks?”
China Mobile, which uses Gemalto SIM cards, has more wireless network customers than any company in the world. This week it announced it was investigating the breach and the Chinese government said it was “concerned” about the Gemalto hack. “We are opposed to any country attempting to use information technology products to conduct cyber surveillance,” Foreign Ministry spokesman Hong Lei said. “This not only harms the interests of consumers but also undermines users’ confidence.” He did not mention that China itself engages in widespread, state-sponsored hacking.
While Gemalto is clearly trying to calm its investors and customers, the company’s statements appear intended to reassure the public about the company’s security rather than to demonstrate that it is taking the breach seriously.