On Thursday, Snowden's leaks revealed that NSA secret services and GCHQ had broken the networks of the largest SIM card maker, Gemalto. Immediately after the disclosure of the hack carried out by the NSA and GCHQ, the Dutch company lost 470 millions ευρώ λόγω της πτώσης της τιμής των μετοχών της.
Gemalto showed to be surprised by the revelation that secret services had broken their systems and stole encryption keys for millions of SIM cards used to encrypt phone calls around the world. Gemalto supplies SIM to 450 networks worldwide.
The event, however, had immediate "side effects" as the Dutch company on Friday saw its share price fall eight points with the opening of the stock market before recovering slightly to minus 2,69 (3.70%) at the close.
Obtaining SIM encryption keys allows intelligence services to decrypt wiretapping without anyone knowing – from users, mobile network providers, even mobile phone manufacturers.
The company issued a statement in which he promised the complete restoration of hack:
"At Gemalto we are very careful about malicious hackers, and we detect, record and repel many types of attacks over the years. At the moment we can not prove the hack mentioned yesterday.
However, we will take this publication very seriously and dedicate all the resources needed to fully explore and understand the scope of this advanced technique. "
Security Observers praised the company for its immediate and honest response and of course many people were outraged by the latest revelations about massive surveillance by GCHQ and NSA without warrants.
The World Wide Web Foundation called for urgent measures to be taken to safeguard private calls and, more generally, electronic communications.
Chief Anne Jellema said any security vulnerabilities or backdoors in a cryptographic system could also be exploited by cybercriminals, and called for an investigation into GCHQ, along with "a full and honest revelation as to why a private company based in an allied country. ”
Other security experts have warned that other secret services may be using the same tricks. Andrew Conway, research analyst at Cloudmark, said:
"The ease with which the NSA and GCHQ have been able to disrupt all mobile communications is shocking. But there are many other sophisticated hackers who work for governments. In particular, the Chinese team Axiom has shown remarkable skills in penetrating Western targets. ”
Ultimately, it may require full redesign of mobile security comm, Conway said.
In the short term, companies that require secure voice communications may consider developing mobile devices with additional layers of encryption, such as Blackphone or Cryptophone. "In the long run, we need to do a better job of end-to-end encryption of all mobile and landline communications, not based on a single master encryption key."