Updated with new title to reflect the comment from BlackBerry added at foot of post.
The huge controversy over the US government’s PRISM program has barely bitten the dust, and now it’s blowing over to the UK and entangling struggling phone maker BlackBerry, threatening to cause severe damage to the company’s reputation.
A report has surfaced alleging that the UK Government Communications Headquarters managed to penetrate the security on delegates’ BlackBerry smartphones while hosting foreign politicians and officials during two Group of 20 summit meetings in London in 2009. The Guardian report says according to “top secret” documents uncovered by the NSA whistleblower Edward Snowden, email messages and phone calls were monitored.
BlackBerry’s claim that its security measures are impenetrable has been a core reason for countless multinational companies and government organizations to use its software and phones. These latest allegations (if proven true), could suggest that BlackBerry was either working with the government or its system had been unknowingly accessed by a third-party. Any of the scenarios, if they had really occurred, would sully the company’s reputation for watertight enterprise security, and could deal a devastating blow to BlackBerry if customers flee from the product due to a fear of security leaks.
Terming the actions as “ground-breaking intelligence capabilities”, the documents in the Guardian report were cited as saying: “New converged events capabilities against BlackBerry provided advance copies of G20 briefings to ministers… Diplomatic targets from all nations have an MO of using smartphones. Exploited this use at the G20 meetings last year.”
Ironically, the GCHQ had in 2011 published guidelines recommending the use of the BlackBerry to keep sensitive data safe.
Some delegates were also reportedly duped into using Internet cafes which had been set up by British intelligence agencies that ”were able to extract key logging info, providing creds for delegates, meaning we have sustained intelligence options against them even after conference has finished”.
Last year, BlackBerry confirmed that it set up a dedicated server in India to allow the government to monitor its network, but insisted that the BlackBerry Enterprise Server - which the Guardian report claims were breached - would not be compromised. Back then, BlackBerry had emphasized that it “cannot access, or provide access to information encrypted through BlackBerry Enterprise Server (BES) given that neither RIM nor the wireless operators are ever in possession of the encryption keys.”
BlackBerry dominated the smartphone market in the past thanks to high usage among enterprises customers. In recent times it has faced fierce competition from the likes of iOS and Android in the consumer market, resulting in a massive drop in overall market share (according to Gartner its share declined to 2.0 percent in 2012 from an already-paltry 2.9 percent in 2011), while it fell out of the NASDAQ-100 late last year.
It has also come under pressure from the BYOD (bring your own device) trend – symbolized by the US Department of Defence’s recent decision to pass security approval for the Samsung Galaxy S4 and Apple iPhone, breaking the BlackBerry’s traditional stronghold.
We have reached out to BlackBerry for comment and will update with any response provided.
Update: BlackBerry has sent us the following statement:
“While we cannot comment on media reports regarding alleged government surveillance of telecommunications traffic, we remain confident in the superiority of BlackBerry’s mobile security platform for customers using our integrated device and enterprise server technology.
Our public statements and principles have long underscored that there is no “back door” pipeline to that platform. Our customers can rest assured that BlackBerry mobile security remains the best available solution to protect their mobile communications.”
You can find our full PRISM coverage here
Image Credit: Kevork Djansezian via Getty Images