After Edward Snowden’s revelations that UK and U.S. intelligence agencies had broken into Gemalto’s web servers to steal encryption keys for mobile devices so that they could spy on the entire world, Gemalto is saying they have found no evidence to support that claim.
Gemalto, a giant in the SIM card production industry, said they had no prior knowledge of any agency using their servers and that they intended to investigate thoroughly after hearing the news of the supposed infiltration last week. The company did identify a number of sophisticated attacks during the timeframe in question, but none compromised the secure network where the SIM infrastructure and other sensitive data sits.
According to their statement,“No breaches were found in the infrastructure running our SIM activity or in other parts of the secure network which manage our other products such as banking cards, ID cards or electronic passports. Each of these networks is isolated from one another and they are not connected to external networks.”
Gemalto also went on to say that attempts to hack in to their system happen on a regular basis, and that while a few penetrate outer rings of security, most are not successful at all. The two sophisticated attacks that they saw during 2010 and 2011, were aimed at employee communication networks and directly at customers(via phishing). At the time, they did not identify the attackers, but now believe this might have been an attempt by the NSA and the GCHQ. However, they failed.
For information on how you can prevent your organization from being breached, visit www.miltonsecurity.com or call 714-515-4011.