Snowden Report: U.S., U.K. Agencies Breach SIM Card Security

The NSA and Britain's GCHQ reportedly obtained keys to the SIM cards that encrypt wireless traffic between handsets and carriers.
Posted at 10:55 AM, Feb 20, 2015

A new report in The Intercept says as far back as 2010, a joint U.S. and U.K. intelligence task force stole encryption keys for SIM cards used by a wide range of today's wireless carriers.

The NSA and Britain's Government Communications Headquarters, or GCHQ, specifically targeted Dutch SIM manufacturer Gemalto. It's one of the largest card makers and cranks out 2 billion cards a year for use all over the world.

All the big stateside carriers — AT&T, Verizon, T-Mobile and Sprint — use Gemalto's cards, for example.

The little cards can store data, like messages or apps. They're used for mobile payments in some areas and, critically, each one carries an encryption key known as a "Ki," which is physically burned into the structure of the chip and used for communicating with telecom networks.

According to documents leaked by Edward Snowden and obtained by The Intercept, intelligence agents secured millions of these "Kis" and have used them to monitor wireless communications — voice, text and data — without alerting carriers or end users to their activity.

As The Intercept suggests, there's no need for a warrant if telecom companies are oblivious to monitoring activity in the first place.

And getting the Kis might have been easier than it sounds, according to the report. Ars Technica explains SIM makers simply sent emails or files to wireless carriers with lists of these encryption codes for each new delivery of cards.

"By doing basic cyberstalking of Gemalto employees, the NSA and GCHQ were able to pilfer 'millions' of SIM Kis."

As Mark Rumold, staff attorney at the Electronic Frontier Foundation, explained it to The Guardian: "They have the functional equivalent of our house keys. That has serious implications for privacy not just here in the US but internationally."

In a news release on Friday, Gemalto said it is investigating. "We cannot at this early stage verify the findings of the publication and had no prior knowledge that these agencies were conducting this operation."

Security experts told The Guardian intelligence agencies could still be monitoring mobile communications. Remember, it's not easy for wireless providers or end users to spot the tracking.

The EFF offers one alternative: more heavily encrypted voice and text-messaging systems. The foundation does not yet have reason to believe the NSA — or anyone else — has cracked them yet.

This video includes images from Getty Images.