Connect with us

NSA and GCHQ Have Access To BILLIONS of SIM Cards –– Latest Snowden Leak

Featured

NSA and GCHQ Have Access To BILLIONS of SIM Cards –– Latest Snowden Leak

O2 SIM card

GCHQ and the NSA have pulled off something of a coup, gaining access to BILLIONS of SIM cards. Time to get paranoid?


Features

Until last week it was thought that America’s and Britain’s spy agencies had only been targeting the world’s largest technology companies like Facebook, Google, Apple, and Yahoo to collect everything from the webcam conversations of its users to their emails. But as The Intercept has revealed the NSA and GCHQ have gone much further than that–and the revelations will be unsettling for anyone who has ever used a mobile phone.

The latest trough of papers whistleblower Edward Snowden has dropped show that since at least 2010 Britain and America’s spy agencies have had direct access to the majority of mobile phone communications around the world. That’s right: chances are the very phone you are using can be hacked at will should the NSA or GCHQ so choose. Here’s everything you need to know and what you can do about it.

What happened?

According to classified documents leaked by Edward Snowden and published on The Intercept the NSA and GCHQ worked together in 2010 to hack into the systems of the Dutch company Gemalto. Gemalto is one of the world’s largest SIM card manufacturers, making over 2 billion of those tiny cards that fit into our mobiles every year.

During the hack the spy agencies stole the encryption keys for all the SIMs Gemalto makes. By default all the data an individual SIM transmits–from voice calls to emails to texts–is encrypted right on the SIM. A key is normally sent along with this data allowing the SIM to log into the mobile provider’s network and allowing the data being transmitted to be read. Without the key anyone who tries to intercept the data can’t read it. With the key your phone is an open book to anyone who intercepts your data.

Since the NSA and GCHQ obtained all the keys for the SIMs Gemalto produced, it’s likely that the agencies can read any of the data from mobiles using Gemalto SIM cards.

Who’s affected?

A few billion mobile phone users on the planet. The reason the NSA and GCHQ went after Gemalto is because it’s one of the largest SIM makers in the world. In the US it provides the SIM cards for AT&T, T-Mobile, Verizon, and Sprint. In the UK it provides the SIM cards for Vodafone, EE, O2 and Three. And around the world Gemalto provides the SIM cards for 450 other mobile operators.

So is GCHQ and the NSA listening in on my phone calls?

The honest answer is “who knows?” The likely answer is “probably not”. Though the spy agencies have the capabilities to monitor billions of mobile phones around the world they likely don’t have the manpower. It’s doubtful they are randomly checking in on the communications of you or your next door neighbor. Instead, should they suspect you or your neighbor of being any kind of security threat they’ll now have the option of listing into your calls and gathering your mobile data at will.

Is this legal?

Numerous civil liberty campaigners say there is no doubt GCHQ and the NSA violated Dutch law. As for violating US and British laws, the answers are inconclusive. In the UK law enforcement agencies already have the right to listen in to your phone and data communications if they suspect illegal activity thanks to the Regulation of Investigatory Powers Act (RIPA). In such cases the law enforcement agencies would need to notify the mobile phone operators who would need to comply with the request. Of course the difference between RIPA and what GCHQ and the NSA are doing now is that the latter allows them to listen in on calls without informing anyone.

Are the mobile network providers doing anything to combat this?

It’s too early to tell as the news was only made public last week. However, Chris Soghoian, principal technologist at the American Civil Liberties Union, told The Guardian that it was “very unlikely that this is an issue that is going to be fixed anytime soon. There is no reason for people to trust AT&T, Verizon or anyone at this point. Their systems are hopelessly insecure.”

What can I do to protect myself?

There are a few steps, but know that ripping out your SIM and getting a new one will probably do no good. Chances are you’ll just get another SIM made by Gemalto. And even if you don’t there’s no reason to believe GCHQ and the NSA haven’t hacked into other SIM card manufacturers too.

That being said, even if you have a SIM that has been hacked you can still encrypt your messages via other means, so even though your SIM can be decrypted your data is using an additional layer of encryption that needs a separate key to be accessed.

Apple iMessages use a separate level of encryption, so theoretically data sent through iMessages should be safe. WhatsApp also uses additional encryption and so do the default email clients on iOS and Android. As for voice encryption you can use apps like Signal, RedPhone and Silent Phone.

Using the above apps won’t make your phone hack-proof, but as The Intercept points out, it will make it much more difficult for someone to get into your phone:

“Governments still may be able to intercept communications, but reading or listening to them would require hacking a specific handset, obtaining internal data from an email provider, or installing a bug in a room to record the conversations.”


Richard Goodwin

13:22, 23 Feb 2015

O2 SIM card

GCHQ and the NSA have pulled off one thing of a coup, getting access to BILLIONS of SIM playing cards. Time to get paranoid?

Features

Until final week it used to be idea that America’s and Britain’s undercover agent businesses had handiest been concentrated on the arena’s biggest generation firms like Facebook, Google, Apple, and Yahoo to gather the whole thing from the webcam conversations of its customers to their emails. But as The Intercept has revealed the NSA and GCHQ have long past so much additional than that--and the revelations shall be unsettling for any person who has ever used a cell phone.

The recent trough of papers whistleblower Edward Snowden has dropped display that when you consider that no less than 2010 Britain and America’s undercover agent businesses have had direct get right of entry to to the bulk of cell phone communications around the globe. That’s proper: likelihood is that the very telephone you're the use of can also be hacked at will will have to the NSA or GCHQ so select. Here’s the whole thing you wish to have to understand and what you'll be able to do approximately it.

What came about?

According to categorized files leaked by way of Edward Snowden and revealed on The Intercept the NSA and GCHQ labored in combination in 2010 to hack into the methods of the Dutch corporate Gemalto. Gemalto is one of the arena’s biggest SIM card producers, making over 2 billion of the ones tiny playing cards that have compatibility into our mobiles once a year.

During the hack the undercover agent businesses stole the encryption keys for all of the SIMs Gemalto makes. By default all of the knowledge a person SIM transmits--from voice calls to emails to texts--is encrypted proper at the SIM. S key's typically despatched in conjunction with this knowledge permitting the SIM to log into the cellular supplier’s network and permitting the information being transmitted to be learn. Without the important thing any person who attempts to intercept the information can’t learn it. With the important thing your telephone is an open guide to someone who intercepts your knowledge.

Since the NSA and GCHQ received all of the keys for the SIMs Gemalto produced, it’s most probably that the businesses can learn any of the information from mobiles the use of Gemalto SIM playing cards.

Who’s affected?

O few billion cell phone customers on the earth. The explanation why the NSA and GCHQ went after Gemalto is as it’s one of the most important SIM makers on the earth. In the United States it supplies the SIM playing cards for AT&T, T-Mobile, Verizon, and Sprint. In the United Kingdom it supplies the SIM playing cards for Vodafone, EE, O2 and Three. And around the globe Gemalto supplies the SIM playing cards for 450 different cellular operators.

So is GCHQ and the NSA listening in on my telephone calls?

The fair solution is “who is aware of?” The most probably solution is “more than likely now not”. Though the undercover agent businesses have the functions to watch billions of cell phones all over the world they most probably don’t have the manpower. It’s in doubt they're randomly checking in at the communications of you or your subsequent door neighbor. Instead, will have to they think you or your neighbor of being any type of safety risk they’ll now be able of record into your calls and collecting your cellular knowledge at will.

Is this criminal?

Numerous civil liberty campaigners say there is not any doubt GCHQ and the NSA violated Dutch regulation. As for violating US and British regulations, the solutions are inconclusive. In the United Kingdom regulation enforcement businesses have already got the fitting to pay attention in on your telephone and knowledge communications if they think criminality way to the Regulation of Investigatory Powers Act (RIPA). In such instances the regulation enforcement businesses may want to notify the cell phone operators who might want to agree to the request. Of direction the adaptation among RIPA and what GCHQ and the NSA are doing now's that the latter permits them to pay attention to calls with out informing somebody.

Are the cellular community suppliers doing anything else to struggle this?

It’s too early to inform as the scoop used to be handiest made public remaining week. However, Chris Soghoian, foremost technologist on the American Civil Liberties Union, advised The Guardian that it used to be “most unlikely that this is a matter that may be going to be fastened every time quickly. There isn't any explanation why for other folks to agree with AT&T, Verizon or somebody at this aspect. Their methods are hopelessly insecure.”

What can O do to offer protection to myself?

There are a couple of steps, however recognize that ripping out your SIM and getting a brand new one will more than likely do no just right. Chances are you’ll simply get some other SIM made via Gemalto. And despite the fact that you don’t there’s no explanation why to consider GCHQ and the NSA haven’t hacked into different SIM card producers too.

That being stated, despite the fact that you've a SIM that has been hacked you'll be able to nonetheless encrypt your messages by means of different way, so despite the fact that your SIM may also be decrypted your knowledge is the use of an extra layer of encryption that wishes a separate key to be accessed.

Apple iMessages use a separate degree of encryption, so theoretically knowledge despatched thru iMessages will have to be protected. WhatsApp additionally makes use of further encryption and so do the default e mail shoppers on iOS and Android. As for voice encryption you'll be able to use apps like Signal, RedPhone and Silent Phone.

Using the above apps gained’t make your telephone hack-evidence, however as The Intercept points out, it's going to make it a lot more tricky for anyone to get into your telephone:

“Governments nonetheless could possibly intercept communications, however studying or paying attention to them will require hacking a selected handset, acquiring inside knowledge from an e-mail supplier, or putting in a malicious program in a room to report the conversations.”

Richard Goodwin 13:22, 23 Feb 2015
Comments

More in Featured

Popular

Featured

Advertisement
To Top