25 February 2015
Gemalto has said that attacks detected on its networks in 2010 and 2011 were likely carried out by US and UK intelligence agencies.
security company said the attacks breached its office networks
but did not result in a massive theft of SIM encryption keys.
The operation was allegedly intended to intercept the
encryption keys as they were exchanged between mobile operators
sophisticated attacks that Gemalto detected in 2010 and 2011
give us reasonable grounds to believe that an operation by NSA
[the US’ National Security Agency] and GCHQ [the
UK’s Government Communications Headquarters]
probably happened," said the company.
conducted an investigation after The Intercept
reported last week that US and UK intelligence spies allegedly
hacked into its computer network, citing documents from former
NSA contractor Edward Snowden.
that by the time the attacks took place, it had "already widely deployed a secure
transfer system with its customers and only rare exceptions to
this scheme could have led to theft."
said the intrusions only affected the external parts of its
networks – its office networks – which are in
contact with the outside world and nothing was detected in
other parts of its network.
its commitment to providing the best security levels, Gemalto
said state agencies have the resources and support that go far
beyond that of typical hackers and criminal organisations.
"We are concerned that
they could be involved in such indiscriminate operations
against private companies with no grounds for suspicion," it