Subscribe free to our newsletters via your
. 24/7 Space News .




CYBER WARS
Stolen SIM card keys could be powerful spy tool
By Rob Lever
Washington (AFP) Feb 21, 2015


US, British spies hacked mobile SIM card keys: report
Washington (AFP) Feb 19, 2015 - US and British intelligence services can tap into mobile voice and data communications of many devices after stealing encryption keys of a major SIM card maker, a report said Thursday.

The report, from investigative website The Intercept, said the US National Security Agency and its British counterpart GCHQ obtained encryption keys of the global SIM manufacturer Gemalto.

Citing a 2010 document leaked by former NSA contractor Edward Snowden, the report said that with the encryption keys, the intelligence services can secretly monitor a large portion of global communications over mobile devices without using a warrant or wiretap.

The Intercept said a covert operation led by GCHQ with support from the NSA was able to mine private communications of unwitting engineers at Gemalto, which is based in the Netherlands.

The report suggests the intelligence services could have access to a wider range of communications than has been previously reported. Other documents have indicated NSA can monitor email and traditional phone communications.

The NSA did not immediately respond to an AFP request for comment.

A Gemalto spokeswoman said in an email to AFP that the company "is especially vigilant against malicious hackers and of course has detected, logged and mitigated many types of attempts over the years."

Gemalto "at present can make no link between any of those past attempts and what was reported by The Intercept," the statement said.

"We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated technique to try to obtain SIM card data."

It added that the intended target was "not Gemalto, per se -- it was an attempt to try and cast the widest net possible to reach as many mobile phones as possible."

US State Dept blocks thousands of hack attacks every day
Washington (AFP) Feb 20, 2015 - The State Department faces thousands of cyber attacks every day, a top US official said Friday, refusing to confirm that hackers who breached their system in November were reportedly still lurking in the network.

"We have robust security to protect our computer systems and our information, which includes access to an unclassified, open-net system," State Department spokeswoman Jen Psaki said.

But she acknowledged the attacks on an increasing list of public and private institutions were growing more sophisticated.

"We deal successfully with thousands of attacks every day, and we deal with them in conjunction with other relevant government agencies," Psaki said.

The Wall Street Journal reported that three months after the November breach forced the State Department to shut down its unclassified email network, the government had not been able to evict the hackers from the system.

Sources told the business daily that "each time investigators find a hacker tool and block it, the intruders tweak it slightly to attempt to sneak past defenses."

The original attack appeared to have been linked to the Russian government, and the hackers had taken State emails related to the crisis in Ukraine, the sources told the Journal.

Psaki refused to confirm or reveal any details, adding only "we work every day to fight back on these attacks and take a number of steps."

The Journal's report comes a week afer President Barack Obama led a cybersecurity summit at Stanford University and called on Silicon Valley to put aside distrust of the government to become allies in defending cyberspace from terrorists, hackers and spies.

He also signed an executive order aimed at spurring better and faster sharing of cyber threats between the private sector and government.

It would be another powerful tool in the arsenal of US and British spy services: encryption keys for a large share of the SIM cards used for mobile phones.

A report by the investigative news website The Intercept, citing leaked documents from former National Security Agency contractor Edward Snowden, said the US and British agencies "hacked into" European manufacturer Gemalto to gain these keys.

The report, if accurate, could allow the NSA and its British counterpart GCHQ to secretly monitor a large portion of global communications over mobile devices without using a warrant or wiretap.

"This is a huge deal," said Bruce Schneier, a cryptographer who is chief technology officer at the security firm Resilient Systems, and a fellow at Harvard's Berkman Center.

"The things that are the most egregious are when the NSA hacks everybody to get a few people," Schneier told AFP.

"They're getting encryption keys of everybody, including you and me. It's a scorched earth policy."

The report suggests the intelligence services could have access to a wider range of communications than has been previously reported. Other documents have indicated that the NSA can monitor email and traditional phone communications.

Schneier said the report is credible and probably indicates other SIM card makers were hacked as well.

"Do we think this is the only company? Odds are low," he said.

David Perry, threat strategist at the security firm F-Secure, called the revelations "the biggest story on mobile privacy we've seen so far."

The report is troubling, Perry said, because of the methods described.

"Intelligence services are hacking all the time," he said. "What concerns me is that they would go into a factory and spoil the security at the point of origination."

The NSA did not immediately respond to requests for comment.

Gemalto said in a statement that it takes the matter "very seriously and will devote all resources necessary to fully investigate" the allegations.

It added that the intended target was "not Gemalto, per se -- it was an attempt to try and cast the widest net possible to reach as many mobile phones as possible."

- Unanswered questions -

Yet the report leaves many questions unanswered, and some experts were cautious about jumping to conclusions about the documents.

"One of the reasons I'm skeptical is that different governments have been using other methods to grab communications and wireless data which are unsecured to begin with," said Darren Hayes, director of cybersecurity at Pace University's School of Computer Science and Information Systems.

"I'm not sure that the US or UK governments would use hackers in the same way that the Chinese or Russians are doing."

Schneier said more information is needed to know exactly what the encryption keys would provide, but says it is likely that they would allow access to the phone communications rather than the data transfer, so SMS or voice messages might be accessed but not Skype or other Internet-based services.

"I think the company should do what Sony did (after being hacked) -- hire a forensics team," Schneier said.

"We need details on how this was done and what can be done to remedy it."

Greg Nojeim, a lawyer for the Center for Democracy & Technology, a digital rights organization, said the revelation suggests privacy of people around the world is at risk.

"Almost everyone in the world carries cell phones and this is an unprecedented mass attack on the privacy of citizens worldwide," Nojeim said.

"While there is certainly value in targeted surveillance of cell phone communications, this coordinated subversion of the trusted technical security infrastructure of cell phones means the US and British governments now have easy access to our mobile communications."

John Pirc, co-founder of the Virginia-based security firm Bricata, said the report is "plausible" and, if true, could undermine confidence in mobile communications.

"If someone had access to the SIM card and put malware on it, that means anyone can get in," Pirc said.

He added that the revelations could end up hurting manufacturers or carriers if they fail to take steps to correct any security weaknesses.

"If this turns out to be true, every consumer should ask for a new SIM card," Pirc said.

rl/oh

GEMALTO


Thanks for being here;
We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain.

With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords.

Our news coverage takes time and effort to publish 365 days a year.

If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Contributor
$5 Billed Once


credit card or paypal
SpaceDaily Monthly Supporter
$5 Billed Monthly


paypal only


.


Related Links
Cyberwar - Internet Security News - Systems and Policy Issues






Comment on this article via your Facebook, Yahoo, AOL, Hotmail login.

Share this article via these popular social media networks
del.icio.usdel.icio.us DiggDigg RedditReddit GoogleGoogle




Memory Foam Mattress Review
Newsletters :: SpaceDaily :: SpaceWar :: TerraDaily :: Energy Daily
XML Feeds :: Space News :: Earth News :: War News :: Solar Energy News





CYBER WARS
Winning the Internet war is key in IS fight: experts
Washington (AFP) Feb 19, 2015
The Internet has become a crucial battleground in the fight against jihadist propaganda and Western nations need to step up their game, according to participants in a Washington meeting on countering radical groups. Experts say governments must engage in corporate-style marketing if they are to combat the Islamic State, which is using slick videos to lure foreign nationals to the battlefield ... read more


CYBER WARS
Application of laser microprobe technology to Apollo samples refines lunar impact history

NASA releases video of the far side of the Moon

US Issuing Licenses for Mineral Mining on Moon

LRO finds lunar hydrogen more abundant on Moon's pole-facing slopes

CYBER WARS
Mars One cuts list of potential colonists to 100

Scientists fail to explain strange plumes spotted on Martian surface

NASA's Curiosity Analyzing Sample of Martian Mountain

Mars Rover Nearing Marathon Achievement

CYBER WARS
Industry: Risk aversion costs more than 'fast failure'

Boeing's Space Efforts to Be Managed by Newly Created Organization

The ISS Menu: Mayo, Espressos, Booze? Cosmonauts Reveal Their Secrets

London workshop teaches nuts and bolts behind tech

CYBER WARS
More Astronauts for China

China launches the FY-2 08 meteorological satellite successfully

China's Long March puts satellite in orbit on 200th launch

Countdown to China's new space programs begins

CYBER WARS
Russia Launches Fresh Fruit, Oxygen to Crew on ISS

Europe destroys last space truck to ISS

NASA, Space Station Partners Announce Future Mission Crew Members

Camera to record doomed ATV's disintegration - from inside

CYBER WARS
Moog offers "SoftRide" for enhanced spacecraft protection during launch

Russian-Ukrainian Satan Rocket to Launch South Korean Satellite as Planned

Leaders share messages, priorities at AFA Symposium

Soyuz Installed at Baikonur, Expected to Launch Wednesday

CYBER WARS
Scientists predict earth-like planets around most stars

"Vulcan Planets" - Inside-Out Formation of Super-Earths

Dawn ahead!

Habitable Evaporated Cores

CYBER WARS
SSL-Built High-Throughput Satellite For Telenor Ready For Launch

DSCOVR: Mission Success for Moog Engines Over a Decade Later

NASA Team Develops New Ka-Band Communications System to Break Through the Noise

3-D printing with custom molecules creates low-cost mechanical sensor




The content herein, unless otherwise known to be public domain, are Copyright 1995-2014 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement All images and articles appearing on Space Media Network have been edited or digitally altered in some way. Any requests to remove copyright material will be acted upon in a timely and appropriate manner. Any attempt to extort money from Space Media Network will be ignored and reported to Australian Law Enforcement Agencies as a potential case of financial fraud involving the use of a telephonic carriage device or postal service.