Your iPhone has been hacked by the NSA.

The NSA has just hacked 2 billion SIM cards around the globe. Photo: Wikicommons

That iPhone in your hands? It’s been compromised by the National Security Agency through its SIM card, and government spies can access your phone through a backdoor installed on it without even needing a court order.

Sound scary? It is, and it’s the latest bombshell to be dropped by American whistleblower Edward Snowden.

According to new documents leaked by Snowden to The Intercept, the NSA and its U.K. counterpart, the Government Communications Headquarters, hacked into the network of Gemalto, a Dutch company that manufactures SIMS for all four major U.S. carriers, as well as 450 other carriers worldwide.

While the NSA was hacked into Gemalto’s mainframe, they stole encryption keys used to protect every SIM from snooping. The result? Over 2 billion SIM cards are now compromised. The Intercept explains:

With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.

This is a huge violation of privacy for pretty much everyone around the world, and Apple is just as vulnerable as any other device maker to this massive blow to mobile security. Still, the tech community takes its lead from Apple: A public letter from Tim Cook, openly condemning the NSA for this violation of iPhone users’ privacy and security, would certainly be welcome right now.

For more — much more! — about the NSA’s hacking of Gemalto SIMS, check out The Intercept’s full report at the link below. In the meantime, if you’re wondering what you can do to limit your exposure to this hack, send email with Transport Layer Security turned on, make calls through encrypted VoIP apps like FaceTime, and use encrypted messaging apps like iMessages instead of SMS.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s