GCHQ and NSA likely capable of attacking large volumes of cellphone communications
The Intercept came up with a story that should not be surprising. For some reason however we were surprised. And I'm no exception to that.
According to the article the GCHQ and the NSA attacked Gemalto. Gemalto is the Netherlands based global leader in SIM cards. It is safe to assume Gemalto is not the only target. Another high profile target would be Germany based G&D as well as the other end of the transmission channel, which would be their customers. In this case mostly large - or particularly interesting - mobile phone operators.
It's not conclusive how they obtained the keys but it appears to be a well known problem. Spear-attacks against employees with access to Ki-generating systems or keys provisioned for transfer to customers.
The documents infer that this heist might be going on for years with potentially billions of affected SIMs. This is damage of truly epic proportions. It seems to mean that GCHQ and associated agencies have likely access to voice and data communications of huge amounts of cellphones.
We were rather blue-eyed to not see this attack vector and I'm no exception to that. Which is quite embarrassing since it's totally obvious. Why attack hundreds of operators or billions of targets if that one ring that bends all is just around the corner waiting to be picked up? The ingenious - and scarily obvious - attack leaves everyone involved completely oblivious to the eavesdropping. It is a perfect heist with massive collateral damage that will be costly to fix. It depends a lot on the actual reason for the fuck-up. My guts are all in for Gemalto. But there is a small chance for a different reason.