Stories
Slash Boxes
Comments

SoylentNews is people

Gemalto Says Reports of its Hack by the NSA and GCHQ were Greatly Exaggerated.

posted by janrinok on Thursday February 26 2015, @12:58PM   Printer-friendly
from the what-else-would-they-say dept.

AnonTechie writes:

In a press release late Tuesday night ( http://www.gemalto.com/press/Pages/Gemalto-presents-the-findings-of-its-investigations-into-the-alleged-hacking-of-SIM-card-encryption-keys.aspx ), Gemalto, one of the world’s largest SIM manufacturers, denied recent allegations that the company had a vast number of sensitive SIM encryption keys stolen by the National Security Agency (NSA) and Britain’s General Communications Headquarters (GCHQ).

The company's statement addressed a number of confidential documents from 2010 which were leaked by former NSA contractor Edward Snowden and published last week by The Intercept. The documents indicated that a task force organized by the NSA and GCHQ broke into Gemalto employee e-mails and found ways to steal the encryption keys corresponding to the SIMs that Gemalto manufactured and sent to mobile carriers. Such a hack would allow state-sponsored spies to decrypt traffic coming to a fake cell tower and thereby watch voice, data, and text messages without a wiretap.

But Gemalto says that after a “thorough investigation,” it concluded that although the company did experience hacks in 2010, it suffered none that could have resulted in the loss of the vast number of SIM encryption keys that The Intercept article referenced. And, the company continued, if some keys had been stolen, then technology pertaining to the 3G and 4G networks that Gemalto builds SIMs for would have prevented substantial hacking. The company believed 2G networks were the only ones that would have truly suffered under such a hack.

http://arstechnica.com/security/2015/02/gemalto-says-reports-of-its-hack-by-the-nsa-and-gchq-were-greatly-exaggerated/

 
This discussion has been archived. No new comments can be posted.
Gemalto Says Reports of its Hack by the NSA and GCHQ were Greatly Exaggerated. | Log In/Create an Account | Top | 10 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Thursday February 26 2015, @02:07PM

    by Anonymous Coward on Thursday February 26 2015, @02:07PM (#149943)

    Unless someone is pushing bad information through Snowden...

  • (Score: 3, Interesting) by Anonymous Coward on Thursday February 26 2015, @02:19PM

    by Anonymous Coward on Thursday February 26 2015, @02:19PM (#149946)
    You make a good point, I would however also keep the possibilities of
    • "that's a nice SIM printing scheme you've got going there... It'd be a shame if you lost all your US customers as well as customers in countries we happen to be able to push around"
    • "Let's tell everyone that nothing of value was stolen even though it is. That's better for business."

    • (Score: 2) by janrinok on Thursday February 26 2015, @02:40PM

      by janrinok (52) on Thursday February 26 2015, @02:40PM (#149954) Journal
      That's an equally plausible explanation.

    • (Score: 4, Insightful) by Ox0000 on Thursday February 26 2015, @03:00PM

      by Ox0000 (5111) on Thursday February 26 2015, @03:00PM (#149967)

      In all fairness, it does appear that the second option is the most plausible one: "let's lie"

  • (Score: 0) by Anonymous Coward on Thursday February 26 2015, @05:53PM

    by Anonymous Coward on Thursday February 26 2015, @05:53PM (#150018)

    Gemalto admitted to being hacked just not to the extent.

    It's in their best interest to say that, yes we were hacked, we investigated, and found nothing was compromised so we are not culpable for not reporting it.