Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

US, German Spies Plundered Global Secrets Via Swiss Encryption Firm: Report

US and German intelligence services raked in the top secret communications of governments around the world for decades through their hidden control of a top encryption company, Crypto AG, US, German and Swiss media reported Tuesday.

US and German intelligence services raked in the top secret communications of governments around the world for decades through their hidden control of a top encryption company, Crypto AG, US, German and Swiss media reported Tuesday.

The Swiss company was a top supplier of devices for encoding communications to some 120 countries from after World War II to the beginning of this century, including Iran, South American governments, and India and Pakistan.

Unknown to those governments, Crypto was secretly owned by the US Central Intelligence Agency together with Germany’s BND Federal Intelligence Service.

Together they rigged Crypto’s equipment to be able to easily break the codes and read the government’s messages, according to reports by the Washington Post, German television ZTE and Swiss state media SRF.

– ‘Coup of the century’ –

Citing a classified internal CIA history of what was originally called operation “Thesaurus” and later “Rubicon,” the reports said that in the 1980s the harvest from the Crypto machines supplied roughly 40 percent of all the foreign communications US codebreakers processed for intelligence.

Meanwhile, the company took in millions of dollars in profits that went to the CIA and BND.

“It was the intelligence coup of the century,” the history says, according to the Washington Post.

Advertisement. Scroll to continue reading.

“Foreign governments were paying good money to the US and West Germany for the privilege of having their most secret communications read by at least two (and possibly as many as five or six) foreign countries.”

The BND had no immediate reaction to the story. CIA spokesperson Timothy Barrett declined to comment on it.

– Portable coding machine –

Crypto AG was founded by Russian-born entrepreneur Boris Hagelin who fled Scandinavia to the United States in 1940 when the Nazis occupied Norway.

He had created a portable mechanical encryption machine that could be used in the field, Some 140,000 were produced for US troops during the war by the Smith Corona typewriter company in New York.

After the war Hagelin moved to Switzerland and began producing more advanced encryption machines American spies worried would allow governments everywhere to shield their communications.

But the premier US cryptologist, the National Security Agency’s William Friedman, persuaded Hagelin to restrict sales of his most advanced machines to countries approved by Washington, while older machines — with penetrable encryption — were sold to others.

– Cutting out the French –

When integrated circuits replaced mechanical encryption in the 1960s, the NSA helped Hagelin design new machines, which included coding that US cryptologists knew how to crack.

When Hagelin sought to retire, the United States headed off a French government effort to buy his company and arranged its own takeover.

In 1970, the US and Germany reached a deal to take it over for $5.75 million — with the stipulation that the French be excluded.

They then controlled virtually all Crypto AG’s operation, hiring the staff, designing the technology, and directing sales.

The intelligence operation underlying Zug-based Crypto Ag had long been suspected and was alluded to, but never proven, in documents that surfaced decades ago. The company’s true ownership was masked by front companies in Liechtenstein registries.

While scores of countries bought Crypto’s coding machines, the top Western adversaries, Russia and China, never trusted them.

Apparently nervous about being exposed and uncomfortable with the CIA’s aggressive targetting of both friends and rivals with Crypto machine sales, BND pulled out of the relationship and the CIA bought its shares in the 1990s.

Bernd Schmidbauer,former secret service coordinator for the German government, confirmed the story to ZTE.

“The Rubicon operation clearly contributed to making the world a little safer,” he said.

– Overtaken by apps –

With online technology, including advanced encryption apps, now more powerful than the kind of machines that Crypto AG made, the CIA finally sold the company in 2018, the Post reported.

It was broken into two companies. Its Swiss-client business remained in Zug under the new name CyOne, and the international business and company name were taken over by Swedish investor Andreas Linde.

The Swedish company, Crypto International, called the news reports “very distressing.”

“We have no connections to the CIA or the BND and we never had,” the company said in a statement on its website.

“We are currently assessing the situation and will be commenting once we have a full picture.”

Carolina Bohren, a Swiss Defense Ministry spokeswoman, said the government was informed of the Crypto AG case last November and has named a retired federal judge to investigate. Meanwhile the country has suspended export licenses for Crypto’s successor companies.

“The events in question began in 1945 and are difficult to reconstruct and interpret today,” Bohren said.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...