Just days after we reported that the NSA had backdoor access to the firmware level of major HDD manufacturers in Seagate and Western Digital, Edward Snowden is back with new information that the National Security Agency (NSA) and its British partner GCHQ hacked into Gemalto. Gemalto, is a Netherlands SIM card manufacturer, the largest in the world.
Gemalto makes two billion SIM cards each year, with the NSA hacking into the company and stealing its encryption keys, giving them access to secretly monitor both voice calls and data. The Intercept reported on the news, which has reportedly provided spy agencies with the ability of secretly monitoring gigantic portions of the world's cellular communications, which experts have said is a major violation of international laws. Considering Gemalto makes SIM cards for companies like AT&T, Sprint, T-Mobile and Verizon, you can begin to see the scope of this hack by the US government agency. Gemalto itself operates in some 85 countries around the world, providing SIM cards to over 450 wireless network providers.
With the NSA having these encryption keys in its hands, it has the power to monitor mobile communications "without the approval of telecom companies and foreign governments", reports The Guardian. This is something I talked about in my last OpEd, where the Obama administration needs to address it, and as I said "The NSA needs to be ripped apart, and its powers neutered". Most people think that 3G and 4G mobile networks have their calls encrypted, and while they might be, but with the keys that the NSA and GCHQ have, it's like they are living "in the phone".
Chris Soghoian, Principal Technologist at the American Civil Liberties Union, has said that this new hack by the NSA allows them to "put an aerial up on the embassy in Berlin and listen in to anyone's calls in the area". Soghoian added that it's now next to impossible for anyone to fully trust their smartphone. He added: "It is very unlikely that this is an issue that is going to be fixed anytime soon. There is no reason for people to trust AT&T, Verizon or anyone at this point. Their systems are hopelessly insecure".
The full piece by The Guardian is a great eye-opening read, even if it feels like it's a continuation of 1984.