checkAd

     677  0 Kommentare Gemalto presents the findings of its investigations into the alleged hacking of SIM card encryption keys - Seite 2

    If we look back at the period covered by the documents from the NSA and GCHQ, we can confirm that we experienced many attacks. In particular, in 2010 and 2011, we detected two particularly sophisticated intrusions which could be related to the operation.
    In June 2010, we noticed suspicious activity in one of our French sites where a third party was trying to spy on the office network. By office network we mean the one used by employees to communicate with each other and the outside world. Action was immediately taken to counter the threat.
    In July 2010, a second incident was identified by our Security Team. This involved fake emails sent to one of our mobile operator customers spoofing legitimate Gemalto email addresses. The fake emails contained an attachment that could download malicious code. We immediately informed the customer and also notified the relevant authorities both of the incident itself and the type of malware used.
    During the same period, we also detected several attempts to access the PCs of Gemalto employees who had regular contact with customers.

    At the time we were unable to identify the perpetrators but we now think that they could be related to the NSA and GCHQ operation. These intrusions only affected the outer parts of our networks - our office networks - which are in contact with the outside world. The SIM encryption keys and other customer data in general, are not stored on these networks. It is important to understand that our network architecture is designed like a cross between an onion and an orange; it has multiple layers and segments which help to cluster and isolate data.

    While the intrusions described above were serious, sophisticated attacks, nothing was detected in other parts of our network. No breaches were found in the infrastructure running our SIM activity or in other parts of the secure network which manage our other products such as banking cards, ID cards or electronic passports. Each of these networks is isolated from one another and they are not connected to external networks.

    Lesen Sie auch

    It is extremely difficult to remotely attack a large number of SIM cards on an individual basis. This fact, combined with the complex architecture of our networks explains why the intelligence services instead, chose to target the data as it was transmitted between suppliers and mobile operators as explained in the documents.

    Seite 2 von 6
       



    Aktuelle Themen


    GlobeNewswire
    0 Follower
    Autor folgen
    RSS-Feed abonnieren

    Verfasst von GlobeNewswire
    1 im Artikel enthaltener WertIm Artikel enthaltene Werte
    Gemalto presents the findings of its investigations into the alleged hacking of SIM card encryption keys - Seite 2 The investigation into the intrusion methods described in the document and the sophisticated attacks that Gemalto detected in 2010 and 2011 give us reasonable grounds to believe that an operation by NSA and GCHQ probably happened  The attacks …

    Auch bei Lesern beliebt

    Schreibe Deinen Kommentar

    Disclaimer