Gemalto confirms data break-in attemptsPublished 25.02.2015
Gemalto, suspected to be a target for a data theft related to SIM cards, told at a press conference held in Paris that it has detected several data break-ins and attempted break-ins whose purpose was to hack into the company's network. FICORA continues to assess possible impacts on Finnish users and investigates the information security procedures related to telecommunications operators' handling of SIM cards. This information is used in the prevention of similar cases.
Gemalto is a multinational company which manufactures e.g. chip cards and SIM cards. It was reported last week that a data break-in was targeted against Gemalto. In the same context, it was reported that the British and American intelligence service had observed e-mail communications of the company's employees. The information in the news story was based on internal data of the intelligence services, leaked out by Edward Snowden.
Gemalto held today, on 25 February, a press conference where it stated that it has investigated the alleged incidents. According to Gemalto, the data break-in concerns SIM cards of the GSM network (2G) which have been taken into use during 2010 and 2011. According to the company's internal investigation, it is possible that keys have been taken when they have been transferred to operators, not by hacking into the company's production systems. Gemalto also mentions that the information security of its other products has not been endangered due to the revealed incidents.
FICORA continues the assessment of possible impacts on users of Finnish mobile networks. With current information available, FICORA is of the opinion that the impacts are technically very limited: possibility to tap would only concern part of telecommunications operators' customers and it would require access to a reasonable distance from the phone that is tapped. The method does not enable mass surveillance of users.
A suspicion that confidential communications has been endangered is always taken seriously. A risk that a similar incident could happen again must be taken into account in the prevention of possible future cases. FICORA has started to investigate the information security procedures of mobile operators with regard to SIM cards.
Determining investigation needs for other security products than security products related to mobile networks and other SIM card manufactures has started. As part of this, FICORA investigates with the Population Register Centre impacts on the reliability of qualified certificates (electronic identity cards and organisation cards). On the basis of current information, the information security of qualified certificates has not been endangered.
Jarna Hartikainen, Information Security Adviser, National Cyber Security Centre at FICORA, tel. +358 295 390 557
Antti Kiuru, Chief, National Cyber Security Centre at FICORA, tel. +358 295 390 559