from the damage-control dept
In June 2010, we noticed suspicious activity in one of our French sites where a third party was trying to spy on the office network. By office network we mean the one used by employees to communicate with each other and the outside world. Action was immediately taken to counter the threat.And then the "but don't worry about it" part:
In July 2010, a second incident was identified by our Security Team. This involved fake emails sent to one of our mobile operator customers spoofing legitimate Gemalto email addresses. The fake emails contained an attachment that could download malicious code. We immediately informed the customer and also notified the relevant authorities both of the incident itself and the type of malware used.
During the same period, we also detected several attempts to access the PCs of Gemalto employees who had regular contact with customers.
At the time we were unable to identify the perpetrators but we now think that they could be related to the NSA and GCHQ operation.
These intrusions only affected the outer parts of our networks – our office networks - which are in contact with the outside world. The SIM encryption keys and other customer data in general, are not stored on these networks. It is important to understand that our network architecture is designed like a cross between an onion and an orange; it has multiple layers and segments which help to cluster and isolate data.The report also notes that it appears that someone (again, probably NSA/GCHQ) also targeted communications between Gemalto and its carrier partners using highly targeted spearphishing attacks -- but that the company sought to block those and has long used a "highly secure exchange process" to protect such transmissions.
While the intrusions described above were serious, sophisticated attacks, nothing was detected in other parts of our network. No breaches were found in the infrastructure running our SIM activity or in other parts of the secure network which manage our other products such as banking cards, ID cards or electronic passports. Each of these networks is isolated from one another and they are not connected to external networks.
The company also says that some of the operators listed in the leaked documents are ones that Gemalto has never worked with anyway, so if NSA/GCHQ got access to their keys, it wasn't via Gemalto. It further notes that even where the NSA/GCHQ may have gotten access to keys (via other means) it may have only been of limited use, while also noting that the encryption that was targeted was already pretty weak:
In 2010-2011 most operators in the targeted countries were still using 2G networks. The security level of this second generation technology was initially developed in the 1980s and was already considered weak and outdated by 2010. If the 2G SIM card encryption keys were to be intercepted by the intelligence services, it would be technically possible for them to spy on communications when the SIM card was in use in a mobile phone. This is a known weakness of the old 2G technology and for many years we have recommended that operators deploy extra security mechanisms. However, even if the encryption keys were intercepted by the Intelligence services they would have been of limited use. This is because most 2G SIMs in service at that time in these countries were prepaid cards which have a very short life cycle, typically between 3 and 6 months.While I will admit to being pretty skeptical based on Gemalto's initial comments, its explanation here is somewhat more reasonable. While some may question if Gemalto really was able to figure out what the NSA/GCHQ got access to, it does not appear that the company is merely brushing this off as a non-story. However, if the company was really hacked back in 2010/2011 -- one can reasonably question how much the company can actually determine what really happened.
This known weakness in the original 2G standards was removed with the introduction of proprietary algorithms, which are still used as an extra level of security by major network operators. The security level was further increased with the arrival of 3G and 4G technologies which have additional encryption. If someone intercepted the encryption keys used in 3G or 4G SIMs they would not be able to connect to the networks and consequently would be unable to spy on communications. Therefore, 3G and 4G cards could not be affected by the described attack. However, though backward compatible with 2G, these newer products are not used everywhere around the world as they are a bit more expensive and sometimes operators base their purchasing decision on price alone.
Update: Many of Gemalto's claims are now coming under scrutiny, with some suggesting that the company's "research" into things misses the point, and the details...