Gemalto: Ok, Yes, We Were Hacked, And Yes Some SIM Cards May Be Compromised, But Not Because Of Us
from the damage-control dept
Last week, The Intercept revealed how the NSA and GCHQ had hacked into the major supplier of SIM cards to swipe encryption keys for tons of mobile phones. Earlier this week, we noted that Gemalto appeared to be taking the Lenovo approach to insisting that no one was put at risk. Today the company presented the “findings” of its internal analysis of what happened, admitting that there were sophisticated hack attacks, but insisting that those attacks could not have reached the goldmine source of encryption keys. First, the admission of the hack:
In June 2010, we noticed suspicious activity in one of our French sites where a third party was trying to spy on the office network. By office network we mean the one used by employees to communicate with each other and the outside world. Action was immediately taken to counter the threat.
In July 2010, a second incident was identified by our Security Team. This involved fake emails sent to one of our mobile operator customers spoofing legitimate Gemalto email addresses. The fake emails contained an attachment that could download malicious code. We immediately informed the customer and also notified the relevant authorities both of the incident itself and the type of malware used.
During the same period, we also detected several attempts to access the PCs of Gemalto employees who had regular contact with customers.
At the time we were unable to identify the perpetrators but we now think that they could be related to the NSA and GCHQ operation.
And then the “but don’t worry about it” part:
These intrusions only affected the outer parts of our networks ? our office networks – which are in contact with the outside world. The SIM encryption keys and other customer data in general, are not stored on these networks. It is important to understand that our network architecture is designed like a cross between an onion and an orange; it has multiple layers and segments which help to cluster and isolate data.
While the intrusions described above were serious, sophisticated attacks, nothing was detected in other parts of our network. No breaches were found in the infrastructure running our SIM activity or in other parts of the secure network which manage our other products such as banking cards, ID cards or electronic passports. Each of these networks is isolated from one another and they are not connected to external networks.
The report also notes that it appears that someone (again, probably NSA/GCHQ) also targeted communications between Gemalto and its carrier partners using highly targeted spearphishing attacks — but that the company sought to block those and has long used a “highly secure exchange process” to protect such transmissions.
The company also says that some of the operators listed in the leaked documents are ones that Gemalto has never worked with anyway, so if NSA/GCHQ got access to their keys, it wasn’t via Gemalto. It further notes that even where the NSA/GCHQ may have gotten access to keys (via other means) it may have only been of limited use, while also noting that the encryption that was targeted was already pretty weak:
In 2010-2011 most operators in the targeted countries were still using 2G networks. The security level of this second generation technology was initially developed in the 1980s and was already considered weak and outdated by 2010. If the 2G SIM card encryption keys were to be intercepted by the intelligence services, it would be technically possible for them to spy on communications when the SIM card was in use in a mobile phone. This is a known weakness of the old 2G technology and for many years we have recommended that operators deploy extra security mechanisms. However, even if the encryption keys were intercepted by the Intelligence services they would have been of limited use. This is because most 2G SIMs in service at that time in these countries were prepaid cards which have a very short life cycle, typically between 3 and 6 months.
This known weakness in the original 2G standards was removed with the introduction of proprietary algorithms, which are still used as an extra level of security by major network operators. The security level was further increased with the arrival of 3G and 4G technologies which have additional encryption. If someone intercepted the encryption keys used in 3G or 4G SIMs they would not be able to connect to the networks and consequently would be unable to spy on communications. Therefore, 3G and 4G cards could not be affected by the described attack. However, though backward compatible with 2G, these newer products are not used everywhere around the world as they are a bit more expensive and sometimes operators base their purchasing decision on price alone.
While I will admit to being pretty skeptical based on Gemalto’s initial comments, its explanation here is somewhat more reasonable. While some may question if Gemalto really was able to figure out what the NSA/GCHQ got access to, it does not appear that the company is merely brushing this off as a non-story. However, if the company was really hacked back in 2010/2011 — one can reasonably question how much the company can actually determine what really happened.
Update: Many of Gemalto’s claims are now coming under scrutiny, with some suggesting that the company’s “research” into things misses the point, and the details…
Filed Under: encryption, encryption keys, gchq, hacking, mobile phones, nsa, sim cards
Companies: gemalto
Comments on “Gemalto: Ok, Yes, We Were Hacked, And Yes Some SIM Cards May Be Compromised, But Not Because Of Us”
Stuxnet shows that air-gapped systems can still be reached, but this would be harder in that info has come back over the air-gap to work in the NSA’s favor.
2010
” fake emails contained an attachment that could download malicious code. We immediately informed the customer and also notified the relevant authorities both of the incident itself and the type of malware used. “
Today
“We now think they could be related to nsa gchq operations”
You know things are bad, when the whole system is built to warn and help them improve their violitions
I’m not holding it against Gemalto that they were hacked by a combined state sponsored attack. What I will hold against them is how they respond to that unstoppable object having met their walls. Undo their efforts to the best of your abilities and try to keep it from happening again or make such attempts return with rubbish that do not help their end goals.
So, let's review
They were hacked by some of the most talented, well-trained, well-equipped, well-practiced people on the planet.
Okay, pretty much anybody’s vulnerable to that.
They didn’t figure it out. They found out after most of five years had gone by.
Okay, that would probably be the outcome for nearly everyone else too — if they were lucky.
And now, in under a week, they’ve been able to conduct a review of their global business so exhaustive that they’re able to draw conclusions about what did and didn’t happen, what was copied and what wasn’t, which systems were compromised and which weren’t.
That’s a rather amazing leap in security expertise and a positively stunning outcome in a ridiculously short time.
In other words: bullshit.
So do they or dont they have access?…….this question is’nt resolved, and thats not a question im planning to forget any time soon…..not when it means there might be a large amount of sim cards out that will be kept vulnrable
You know, I keep wondering why none of these businesses that desire or require security haven’t already made some sort of effort to ban either email in it’s entirety or to filter out click links and images, leaving bare text as the only communications. Nearly every break in now a days involves malware, spearphishing, or linkage to an infected site.
It would seem if security is the objective, a company would inform their customers that they do not accept any communications with a link, image, or attachment, due to those security concerns. If your product is exclusive or better than the best, people will beat down your door for your product.
Should this continue, Russia might not be the only company going back to typewriters for sensitive data.
Re: Re:
Re: Re: Re:
You both appear to have forgotten the typewriter ribbon hacks. IBM Selectrics’ cartridge ribbons were the nicest, and being heavier than paper sank to the bottom of dumpsters.
Been reading Techdirt for a few weeks and have become a fan. Decided to sign-up today to add a comment here.
I am really worried that Gemalto’s comments can be deceiving. Gemalto claims that because of the “proprietary encryption” that carriers have wrapped around SIM encryption, the NSA “would not be able to connect to the networks and consequently would be unable to spy on communications”. I have 2 problems with this:
1) The Intercept article indicated that the agency could pick up signals over the air and decrypt them without the carriers’ awareness. This would mean that the spying would not require the NSA to connect to the carrier’s network. So the first part (being unable to connect to the network) could be true but the second part (consequently be unable to spy) be false.
2) The idea of proprietary encryption is problematic for two reasons: (1) There are open-source encryption schemes which have no known vulnerability; why use a proprietary encryption? (2) because the same phone is usually able to roam on several carrier’s networks, these encryption schemes can’t be held secret by a single carrier.
Finally, Gemalto may be unaware of a successful key exfiltration. The hacking attempts that Gemalto stopped are no indication that there weren’t others undetected. Honestly I’m more inclined to believe the NSA/GCHQ’s interior documents when they claim to have “the entire network” of Gemalto, or to have capture millions of keys. Gemalto has a strong financial incentive to minimize the problem.
Re: Re:
The British GCHQ taps into the undersea conduits as they emerge onto land in Britain. I imagine the same is done in many places throughout the world.
I have a t-shirt from the EFF from about five years ago. It displays an American eagle emblazoned NSA, and in its claws it holds numerous cables plugging into AT&T. That was common knowledge ca. five years ago. I doubt they’ve slacked off since then even if that one op got shut down.
Is the NSA telling them to say this?
I mean, really, at this point I wouldn’t put it past them.
So, this isn't just about NSA or Gemalto
This is about something more simple: Stingrays. Stingrays notably force cellphones back to 2G, which means they’re using the compromised Gemalto information, among others.
So it’s not that Gemalto is only open to the NSA (They probably have no idea) but that their vulnerability is what is exploited in stingrays.
See:http://www.oaklandmofo.com/blog/block-stringray-devices
http://www.computerworld.com/article/2600348/mobile-security/are-your-calls-being-intercepted-17-fake-cell-towers-discovered-in-one-month.html
Re: So, this isn't just about NSA or Gemalto
You know, that’s really sneaky. I didn’t know Stingrays did that 2G thing to phones. I did wonder what Stingrays would give them if they had the keys.
They don’t need the keys.
They hold the keys
Isn’t Gemalto pretty involved in smart card design? Like RSA security, they chose to design a system that required them to generate and hold keys. Unless they’ve actually been trying to move carriers away from this model (e.g. to end-user key generation) they’re kind of responsible.
Security
It’s 2015, people. WTF are critical systems doing being internet accessible? It’s about THE most basic first step in system security.
Go ahead, hack away at the “daily” system – all you’ll get are emails and spreadsheets.
And if it’s a government system, an amazing amount of porn.
Re: Security
Blame it on BYOD. Network and systems types are being run ragged just keeping !@#$ talking to each other, and keep up with the security alerts all this junk generates.
Proprietary means bad
This known weakness in the original 2G standards was removed with the introduction of proprietary algorithms, which are still used as an extra level of security by major network operators.
This generally means weak, non-peer reviewed algorithms.
Re: Proprietary means bad
Ah, an IETF maximalist! Yay!!11 I love you guys.
Er. They’re using security through obscurity (hidden secrets) in order to gain an extra level of security. These are corporate secrets, not gov’t.
I wouldn’t trust them.
Personal Experience
I’m currently employed as a contractor in a small SE Asian country. My job pays very well but it’s not very interesting.
What is interesting is the behaviour of my HTC mobile phone. At odd times of the day it will awaken and sound an alert, do somewhat or another and then go back into hibernation.
I’ve had the phone wiped several times, have even replaced the SIM but, this behaviour persists. My response has been to put an innocuous app on my phone that tracks the activity-to say the least the results have been interesting enough that I got another phone.
I still use my HTC but only for non-work related things such as calling around to the LBFB or my drinking buddies.