So, it turns out that, for the past 5 years, the US and UK intelligence agencies have been able to listen in on almost every mobile phone conversation in the world, and it is all thanks to the inadequate security of a company right here in Amsterdam.
Gemalto, which is listed on the Amsterdam stock exchange and has its headquarter in the city’s Zuidas district, is the world’s main manufacturer of SIM chips, which are used to secure everything from bank cards to passports to the vast majority of the world’s mobile phones.
The American NSA (National Security Agency) and its British counterpart, GCHQ (Government Communications Headquarters) agreed to form a special team with the express aim of hacking into Gemalto’s company systems and obtaining the encryption codes that would allow them to not only decrypt, in real-time, most of the world’s mobile phone traffic but, also, access the contents of all the phone calls they had captured in the past but been unable to decrypt.
To gain access, the team targeted Gemalto employees and hacked their personal communications to obtain the information they needed to penetrate the company’s servers. The company remained completely unaware of the security breach, as did the major telecom companies who rely on their technology.
The spies’ success meant that, for the past five years, they had access to billions of phone conversations without ever once having to obtain a warrant, ask the telecom companies or even let the local governments know. As American commentator John Gruber noted, “At this point we pretty much have to assume anything we do on a phone can be monitored”.
The only reason any of this ever even came to light is that it was contained in the latest tranche of top secret documents released by NSA whistleblower Edward Snowden, who is now in hiding in Russia. Previous Snowden revelations revealed the breath-taking extent of US espionage, even against allied countries, causing a great deal of upset in countries such as Germany, a supposed friend of the United States, where American spooks even listened in on the phone calls of the Chancellor, Angela Merkel. Her meeting with Obama, just weeks after that set of revelations broke, was unlikely to have been a barrel of laughs.
These new revelations are even more explosive, as the use of stolen encryption keys to gain access to private communications is a straightforward crime in almost all countries. The president of Brazil, Dilma Rousseff, has already accused the United States of violating international law. There is also the small matter of the actually hacking which took place right here in Amsterdam, leaving the government of the Netherlands in the awkward position of having to decide how to respond to the actions of a powerful ally.
Edward Snowden is regarded by many in his home country, to which it is now unlikely he will ever be able to return, as a traitor, with some high profile voices calling for the return of the death penalty so that he can be executed if they ever do get their hands on him. Americans should remember, however, that one of the most worrying revelations what that the NSA were partnering with the UK’s GCHQ as a way to get around the rule that American espionage agencies cannot spy upon American citizens: they could simply hand that job over to GCHQ.
This cynical undermining of essential protections provided by the 4th Amendment to the American constitution is why Snowden felt compelled to become a whistleblower and, with this latest SIM revelation, his actions are now seeming downright heroic. It is no coincidence that the NSA partnered with GCHQ for this SIM project as that then gave them indirect access to the information gleaned from billions of phone calls by American citizens.
As for the rest of us, it is now time to switch to the only truly secure form of communication, telepathy.