Skip to main content

SIM card makers hacked by NSA and GCHQ leaving cell networks wide open

posted onFebruary 20, 2015
by l33tdawg

L33tdawg: On a somewhat related note, Markus Vervier will be talking about an attack that enables active cloning of mobile identities at #HITB2015AMS at the end of May... He'll be showing how he managed to patch baseband firmware on an Android device to enable a virtual SIM card

In a new report on some of the confidential documents leaked by former NSA contractor Edward Snowden, The Intercept wrote that operatives from both the National Security Administration (NSA) and the British Government Communications Headquarters (GCHQ) joined forces in April 2010 to crack mobile phone encryption. The Mobile Handset Exploitation Team (MHET) succeeded in stealing untold numbers of encryption keys from SIM card makers and mobile networks, specifically Dutch SIM card maker Gemalto, one of the largest SIM manufacturers in the world. Gemalto produces 2 billion SIM cards a year, which are used all over the world.

Although the SIM card in a cell phone was originally used to verify billing to mobile phone users, today a SIM also stores the encryption keys that protect a user's voice, text, and data-based communications and make them difficult for spies to listen in on. The mobile carrier holds the corresponding key that allows the phone to connect to the mobile carrier's network. Each SIM card is manufactured with an encryption key (called a “Ki”) that is physically burned into the chip. When you go to use the phone, it “conducts a secret 'handshake' that validates that the Ki on the SIM matches the Ki held by the mobile company,” The Intercept explains. “Once that happens, the communications between the phone and the network are encrypted.”

Source

Tags

GCHQ NSA Security Privacy

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th