If privacy conscious folk aren’t already using encrypted mobile communications apps (I can personally vouch for WhatsApp or TextSecure for texts, and RedPhone or Signal for calls), they should be convinced to do so by the latest Edward Snowden revelations in The Intercept. They outline GCHQ’s “DAPINO GAMMA” attack on the world’s biggest provider of SIM cards,
From the slides obtained from Snowden, it’s apparent GCHQ acquired emails and other communications of targeted Gemalto employees to obtain access to the crucial encryption keys held in SIM cards, each one known as a “Ki”. These keys encrypt calls, texts and internet usage between the mobile user and their telecoms provider. By stealing them, GCHQ could harvest communications data, as the agency is known to do, and unlock the content of the messages any time they wanted.
An extensive list of telecoms companies use Gemalto’s SIMs (the little chips that act as the core of a modern mobile phone’s telecommunications functions) and their services can now also be considered compromised by intelligence agencies. These include
The brazen hacking methods used by GCHQ on telecoms companies detailed by The Intercept is fairly startling too. Glenn Greenwald’s publication claimed that since 2010, a GCHQ unit called the Mobile Handset Exploitation Team (MHET) has been given sole responsibility for subverting all kinds of mobile comms. The Intercept said snoops accessed the email and Facebook accounts of engineers and other key targets at SIM manufacturers and telecoms businesses. These included many firms along the supply chain, including hardware manufacturers Ericsson and Nokia, mobile operators like MTN Irancell and Belgacom (another company that GCHQ allegedly hacked), and SIM card providers Bluefish and Gemalto. They used the NSA’s now-notorious X-KEYSCORE hacking tool to do this.
Once they’d gained access to emails, they would mine them for terms related to the SIM keys. During their initial trials of such techniques that showed that by mining just six email addresses, they acquired 85,000 keys. In June 2010, GCHQ boasted about obtaining 300,000 keys for mobile phone users in Somalia. The number of keys it’s now sitting on must be astonishing. One NSA document claimed that in 2009, the US was already able to process up to 22 million keys per second.
Though they might not have a clue they've been successfully hacked, as is the case with Gemalto, telecoms suppliers aren’t guiltless in all this either. They seem to have been fairly lax in securing those crucial encryption keys, often using File Transfer Protocol (FTP) online stores, potentially leaving them open to spies. One leaked document noted wireless network providers would transmit them “by email or FTP with simple encryption methods that can be broken … or occasionally with no encryption at all.” Some industry giants have already been complicit in working with the NSA and its British partner. In some cases the agencies had agents installed at ISPs.
The world already knew US and UK snoops were tapping internet cables. From the latest Snowden leak, it can be assumed that GCHQ and the NSA have access to most mobile infrastructure too. The tentacles of governmental surveillance have reached far and wide. Will they ever be cut off?