Dutch SIM card manufacturer Gemalto will report back on Wednesday regarding its investigation into allegations raised last week by The Intercept that spies from the UK and US hacked into its servers and stole encryption keys embedded in its smartchips.
The allegations were made as part of a release of documents from the cache held by Edward Snowden, and if true would give intelligence agencies the ability to listen in to calls and access data without going through the process of requesting access from network providers. Gemalto produces around 2bn SIM cards a year – and provides the chips for South Africa’s new smart ID cards. According to the files published on The Intercept, spies at Britains Government Communications HQ (GCHQ) believed they had access to Gemalto’s “entire network”.
The vendor seems confident however. It’s put out a short press release this morning with details of what will be published and when over the next two days, with the main press conference called for 11,30am (South African time) in Paris. In this latest update, it says: “Initial conclusions already indicate that Gemalto SIM products (as well as banking cards, passports and other products and platforms) are secure and the Company doesn’t expect to endure a significant financial prejudice.”
[Image – CC by 2.0/MIKI Yoshihito]