newsletter


How Governments used Swiss Crypto AG Encryption Devices to Spy on Countries for Decades

626

On the 11th of February 2020, The Washington Post and German ZDF revealed that from 1970 onwards, intelligence agencies in the US and West Germany secretly owned a controlling stake in the Swiss firm, Crypto AG. The intelligence agencies proceeded to use the company’s encrypted communications equipment to spy on over 100 countries. The Washington Post claimed it is the “Intelligence coup of the century.” Crypto AG was a Swiss company founded in 1952, which specialised in communications and information security, manufacturing encryption machines and cipher devices. In World War 2, Crypto AG was a major producer of old school mechanical encryption machines for the US government. However, by the early 1950s, American spies began to worry that Crypto AG might sell the same technology to US enemies. Therefore, US cryptographers in the US Central Intelligence Agency (CIA) made an unwritten ‘gentleman’s agreement’ with Boris Hagelin (founder) to sell technology only to countries approved by the US. With the aid of NSA, the CIA began to tamper with these products for selected countries.

In 1970, the CIA set in motion a plan to secretly take a major financial stake in Crypto AG, along with West Germany’s spy agency, the BND. Both intelligence agencies had greater access to equipment, as well as having the ability to rig the company’s devices so they could easily break codes that other countries used to send encrypted messages. When technology evolved from mechanical to electronic, the NSA and CIA built backdoors which allowed them to manipulate algorithms used by crypto devices to eavesdrop on adversaries and allies. Therefore, two versions of the machines were being made, a secure version, and a rigged system. By 1970, most of the world’s governments were unwittingly handing the CIA their money and secrets and by 1980, 40% of foreign communications were being processed by US intelligence officials through the supply of Crypto AG’s machines.

The recent report has revealed that the likes of Iran, Italy, Saudi Arabia, Iraq and South Korea, all inadvertently fell victim to these rigged machines. It is believed that American and German spies were able to pull valuable intelligence during the 1979 Iran hostage crises and also the 1982 Falkland war. The Washington Post stated: “foreign governments were paying good money to the US and West Germany for the privilege of having their most secret communications read by at least 2 other foreign countries.” It is believed that the likes of the UK, Canada, Australia, New Zealand and the US all benefited from the relationship, they are referred to as ‘Five Eyes’. Russia and China never trusted the machines so they never used them.

For decades the CIA and West Germany had so much control, the two governments effectively controlled everything. Until 1995, when The Baltimore Sun ran a story on how the NSA secretly rigged Crypto AG encryption machines, this caused many countries to stop buying from the company. Around this time, the CIA bought out the German BND intelligence service for $17 million. They then continued to control the company until 2018, when it was liquidated and sold to two other companies, due to the advancements in online encryption technology. However, the Chairman of the now Crypto International, Andrea Linde told ‘The Post’ that he feels “betrayed” by the recent revelation as it seemed to be designed as a cover up for the CIA.

The recent revelations about the relationship between the CIA and Crypto AG comes at a time when the US Government is not only warning about the possible cyber espionage by other countries, but also at a time when they are pushing for domestic law enforcement agencies to be able to access encrypted communications. Along with Trump administrators warning about Huawei equipment in their 5G networks, due to the fear of having their telecommunications traffic being intercepted by the Chinese Government. With government communications being at the forefront of the news again, with one scandal after another, there is widespread concern about how governments handle data and communications, in terms of both internal and external communication channels.

The need for secure communications is more important than ever in this day and age. Governments must be more selective in how they choose to communicate critical data, information or even state secrets. SaltDNA provides the best armour for organisations, offering a high security system that protects all trade secrets and other sensitive, strategic and proprietary information when communicating on electronic devices. SaltDNA gives peace of mind by allowing governments to select their own encryption libraries to deploy within the SaltDNA framework. This flexibility completely removes the threat of an unauthorised party building an encryption backdoor.

By Daisy McElherron of SaltDNA

About SaltDNA

SaltDNA – ranked in the top half in the Cybersecurity 500, provides a fully enterprise-managed software solution that enables absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest security standards. SaltDNA offers ‘Peace of Mind’ for Organisations who value their privacy, by giving them complete control and secure communications, to protect their trusted relationships and stay safe. SaltDNA is headquartered in Belfast, Ireland, for more information visit www.saltdna.com.