For decades, the CIA spied on governments across the globe by using a Swiss company to sell hacked encryption equipment to unsuspecting clients, including both allies and foes, according to The Washington Post and German broadcaster ZDF.
The report, which cites classified CIA documents, focuses on the company Crypto AG, which was a major producer of old-school mechanical encryption machines for the US government during World War II. By the early 1950s, American spies began to worry Crypto AG might sell the same technology to the US’s enemies during the Cold War, including Russia and China.
So in response, the CIA struck a partnership with Crypto AG to sell only the best encryption tech to countries approved by the US. However, CIA spies eventually saw an even bigger opportunity; with the aid of the NSA, the agency decided to tamper with the products themselves. In 1970, the CIA set in motion a plan to secretly buy Crypto AG with West Germany’s spy agency, the BND.
In the two decades since, Crypto AG’s sales flourished as the company sold new electronic-based encryption machines to government customers, including Saudi Arabia, Iran, Italy, Indonesia, Iraq, Libya, and South Korea. Little did they know the products were actually rigged to send encrypted messages that could be easily decoded. This allowed American and German spies to pull in valuable intelligence concerning the 1979 Iran hostage crisis, the Falklands War, and track assassination campaigns in South America. (China and Russia, however, were never customers.)
The ruse managed to go largely undetected until 1992, when Iran detained a Crypto AG salesman, who was later released and began voicing his suspicions to Swiss news organizations about the true nature of his company’s business. In 1995, The Baltimore Sun also ran a story on how the NSA had secretly rigged Crypto AG encryption machines.
Around the same time, Germany’s BND exited the Crypto AG business. However, the CIA maintained control of the company while buying up at least two other firms, presumably to circulate more rigged encryption technology. It was only in 2018 when the CIA sold off Crypto AG’s assets due to the company’s products falling out of favor as online encryption became the norm.
The reporting from the Post and ZDF provides a fuller account of a CIA-led effort to rig a top encryption provider at a time when the US government has been demanding Apple and Facebook backdoor their own encryption technologies for law enforcement purposes.
The reporting also helps explains why the US has been trying to stop Chinese vendor Huawei from selling its telecommunications technology to mobile carriers across the globe. Ironically, US officials fear the Chinese government will do the same and use Huawei as springboard to spy on customers. To counter Huawei, US Attorney General William Barr last week advocated for the federal government to consider buying a majority stake in European networking vendors Nokia or Ericsson.
The CIA declined to comment on the Post's reporting.
Further Reading
- Malwarebytes Report: Mac Threats Up 400 Percent
- US Charges 4 Chinese Military Officers With Equifax Breach
- Hackers Hijack Facebook's Twitter Account
- New Bug Hacks Android Devices Via Bluetooth
- More in Security
More Security Reviews
- Qustodio
- Virtru Email Protection for Gmail
- ShieldApps Cyber Privacy Suite
- Net Nanny
- Ghostery Midnight