Operation Rubicon

Last updated
The CX-52 Hagelin CX-52-IMG 0568-white.jpg
The CX-52

Operation Rubicon (German: Operation Rubikon), until the late 1980s called Operation Thesaurus, was a secret operation by the West German Federal Intelligence Service (BND) and the U.S. Central Intelligence Agency (CIA), lasting from 1970 to 1993 and 2018, respectively, to gather communication intelligence of encrypted government communications of other countries. [1] [2] This was accomplished through the sale of manipulated encryption technology (CX-52) from Swiss-based Crypto AG, which was secretly owned and influenced by the two services from 1970 onwards. [1] In a comprehensive CIA historical account of the operation leaked in early 2020, it was referred to as the "intelligence coup of the century" in a Washington Post article. [1]

Contents

History

Involved countries .mw-parser-output .legend{page-break-inside:avoid;break-inside:avoid-column}.mw-parser-output .legend-color{display:inline-block;min-width:1.25em;height:1.25em;line-height:1.25;margin:1px 0;text-align:center;border:1px solid black;background-color:transparent;color:black}.mw-parser-output .legend-text{} Spying countries Knowing countries Countries spied upon Operation Rubikon Lander.svg
Involved countries
  Spying countries
  Knowing countries
  Countries spied upon

The origins of Crypto AG go back to the Swedish engineer Arvid Damm; the company was founded in Switzerland in 1948 by the Swede Boris Hagelin. Crypto AG was considered one of the leading manufacturers of encryption technology. The company supplied to about 130 states; Operation Rubicon is said to have affected about 100 states.

According to The Washington Post, the nuclear powers India and Pakistan as well as the Vatican and several other countries, mostly from the global south, used devices from Crypto AG. [2] [3] However, the manipulated devices from Crypto AG also allowed the United States' National Security Agency (NSA) and German Federal Intelligence Agency (Bundesnachrichtendienst, BND) to read the military and diplomatic communications of allied EU or NATO countries such as Ireland, Italy, Spain, Portugal and Turkey across the board. According to German public service media company ZDF, there were repeated disputes between the CIA and BND about this: German intelligence did not want allies to be spied on, while the CIA wanted to spy on basically every government. [2]

According to ZDF, the contract for the operation was signed on the German side by the then head of the Federal Chancellery and Federal Minister for Special Tasks, Horst Ehmke. [4] In this respect, it can be assumed that the Federal Chancellery, as the superior authority, was informed about the operation. When the BND and CIA began operations in 1970, the two intelligence agencies each became half owners of Crypto AG. Within Operation Rubikon, Crypto AG was given the code name Minerva. The ownership structure was concealed. [5] They bought Crypto AG because Boris Hagelin retired and they had no confidence in Hagelin's son Boris Jr. The latter was sales manager for North and South America. He died in a car accident the same year. His father had the cause of the accident investigated and did not believe it was an accident. Crypto AG profited externally from Swiss neutrality and the image of the country's integrity. [2] Through encryption technology sold as secure, but in reality manipulated, messages transmitted could be read by the CIA, NSA and BND intelligence agencies involved.

The Munich-based Siemens AG worked closely with Crypto AG and, among other things, manufactured the teleprinters for them. Siemens provided the management of Crypto AG for 20 years and had a five percent share of the profits. Siemens engineers helped develop the application equipment.

According to reports by Deutsche Welle (DW), the two owners, BND and CIA, shared Crypto AG's profits, which in 1975 amounted to CHF  51 million (about DM  48.6 million; in 2018, taking inflation into account, the equivalent of €42.6 million). According to DW, BND employees handed over their share to the CIA in cash at secret meetings in underground garages. [5]

In 1992, Hans Bühler, a Swiss employee of Crypto AG, was detained in Iran. After nine and a half months in custody, he was released on January 4, 1994, on payment of 1.4 billion rial bail (about €925,000 or CHF 1.5 million), after originally being asked for $1 million. [6] The amount was paid by the BND, but Bühler was fired by his employer shortly after his release. It later emerged that Bühler had not known about the tampered devices and had begun to make critical comments about the operation to the media. [7] According to CIA accounts, the HYDRA affair, the internal code name for what happened to Bühler, was "the most serious security breach in the history of the program".

In 1993, the BND sold its shares in Crypto AG for $17 million. [8] According to Bernd Schmidbauer, a former Chancellery Minister under Helmut Kohl, the Chancellery decided to pull out of the operation because the political risks were now rated much higher after Bühler's arrest. For example, the threat situation for Germany was apparently assessed differently after the end of the Cold War than in previous years, and relations between the states of Europe improved. [4] After the U.S. withdrew from the company, Crypto AG was split into two companies in 2018. The new management claimed when asked that it had no knowledge of activities prior to 2018. [9]

On the part of the BND, the Zentralstelle für das Chiffrierwesen (ZfCh) apparently played an important role in the execution of Operation Rubicon. Apparently, it provided the weakened encryption algorithms. [4] The ZfCh gave rise to the Central Office for Information Security (ZSI), which later became the Federal Office for Information Security (BSI). The head of the ZfCh until 1972, after the start of the operation, was Erich Hüttenhain, later Otto Leiberich, who also became the founding president of the BSI.

Decryption and geopolitical significance

On behalf of the German government, the BND received diplomatic and military radio traffic from many states that encrypted with Crypto AG equipment. The BND was able to read these communications across the board thanks to manipulated encryption procedures. [10]

According to the leaked documents, at times over 40 percent of the NSA's total machine decryption could be traced back to Operation Rubicon, which was considered an "irreplaceable resource". For the BND, the operation was even more important as the centerpiece of cooperation with the Americans, as it accounted for 90 percent of reports on diplomatic operations, according to CIA figures. [1] At the same time, the weakness of the algorithms of the exported Crypto AG devices continued to be exploited by the BND well after the operation was terminated in 1992, according to media reports. For example, Italian traffic was reportedly still being deciphered around 2001. [4]

The German and U.S. governments were much better informed about domestic and geopolitical events in many countries than was known until the operation was uncovered. This subsequently raised questions about the actions or inaction of the actors involved.

Coup in Chile

In the United States intervention in Chile, the United States relied on decrypted communications from the government of Salvador Allende. [11]

Negotiations on the Middle East conflict

In the course of the 1978 Camp David Accords negotiations, the NSA was able to read communications from the Egyptian side and therefore knew their negotiating position. The agreement, negotiated under then U.S. President Jimmy Carter, resulted in the Israeli-Egyptian peace treaty in 1979.

Falklands War

During the 1982 Falklands War between Argentina and the United Kingdom, it was apparently possible to decipher a large part of Argentina's encrypted communications by the NSA and BND, as weakened Crypto AG devices were also used there. The resulting intelligence was made available to the British. [4]

US conflict with Libya

After the attack on the Berlin discotheque La Belle in April 1986, the BND and NSA intercepted communications between the Libyan embassy in East Berlin and Tripoli. [10] Then-U.S. President Ronald Reagan stated that he had clear evidence that dictator Muammar Gaddafi was behind the operation, and his country could track all Libyan communications. The disclosure of his own capabilities was linked to the need to justify U.S. attacks on the country (Operation El Dorado Canyon).

U.S. invasion of Panama

In 1989, the United States invaded Panama (Operation Just Cause). Through Operation Rubicon, U.S. intelligence agencies knew that wanted President Manuel Noriega was in the Vatican embassy in Panama City.

Detection

In 1995, hot on the heels of the Hans Bühler affair (HYDRA), The Baltimore Sun reported for the first time that Crypto AG had been selling manipulated cipher devices until the late 1980s, and made the connections to the NSA and CIA. In a series of articles, Scott Shane and Tom Bowman questioned the relationship between Crypto AG and Motorola, showing the minutes of a meeting held at Motorola in August 1975. At this meeting, two members of the American intelligence community — Nora Mackabee (NSA) and Herb Frank (CIA) — had been present. [12]

In 1996, Der Spiegel followed suit with a similar story in which they made the connections to the NSA and ZfCh. In its print issue No. 36 (1996), under the title "'Wer ist der befugte Vierte?'" ("'Who is the Authorized Fourth?'"), Der Spiegel devoted an article to the business practices of Crypto AG. [13]

The actual exposure of Operation Rubicon happened in February 2020 through the joint research of SRF, ZDF, and the Washington Post . They evaluated a 280-page intelligence dossier that proved that the BND and CIA were comprehensively behind Crypto AG. The dossier proves that Crypto AG sold manipulated encryption devices to about 130 countries as part of Operation Rubicon. The communication encrypted with the devices could be read by the services without any problems. [2] [1] According to Austrian intelligence expert Siegfried Beer, such devices were also in use in Austria.

Bernd Schmidbauer, Minister of State to the Federal Chancellor under Helmut Kohl, confirmed the Rubikon operation to ZDF in 2020, claiming that it helped make the world a little "safer and more peaceful". [2]

Criticism

Through Operation Rubicon, which lasted for decades, various German and U.S. governments had extensive detailed knowledge of human rights violations worldwide. Argentina's armed forces used Crypto AG technology during Argentina's military dictatorship from 1976 to 1983. The junta had thousands of regime critics thrown alive into the sea from military planes over the Atlantic; around 30,000 people in total fell victim to the dictatorship. Although the German government under Helmut Schmidt was aware of this through the interception technology of Crypto AG, the Germany national football team participated in the 1978 World Cup held in Argentina. [2] It must be noted, however, that an obvious use of the information obtained would most likely have resulted in the unmasking of the politically highly sensitive operation, which was extremely important for the intelligence services involved.

Research by ZDF shows that the weaknesses of the algorithms in the manipulated devices could also have been exploited by opposing intelligence services. In the 1980s, the GDR's Ministry of State Security and the KGB had succeeded in deciphering the encryption of Turkish diplomatic reports throughout, thereby reading them. Turkey was also one of the states that purchased encryption devices with weakened keys from, among others, Crypto AG. [4] Thus, the weakened crypto products supplied to Allies ultimately jeopardized the security of the Alliance as a whole due to the increased risk of third parties skimming the information.

Investigations

On January 15, 2020, the Swiss Federal Council decided to entrust former federal judge Niklaus Oberholzer with an investigation. [14] On February 13, 2020, an investigation was also launched by the Parliament's Business Audit Delegation (GPDel) under GPDel President Alfred Heer. [15] The GPDel decided to merge Niklaus Oberholzer's Federal Council investigations with theirs, and Oberholzer continues to work under the auspices of the GPDel. Some parliamentarians called for a Parliamentary Investigation Commission (PUK), which would have more powers. The office of the National Council spoke out against a PUK for the time being, first the report of the GPDel should be waited for. [16] The report was published on November 10, 2020. Not published, however, is the report, which was prepared by Niklaus Oberholzer on behalf of the GPDel. The report reveals, among other things, that the Strategic Intelligence Service (SND) knew from 1993 that foreign intelligence services were behind Crypto AG; however, both the Federal Council and the leadership of the intelligence service denied having knowledge of this fact. The GPDel subsequently raised the question of why the Federal Council was not informed – or did not want to be informed – in a matter that endangered Swiss neutrality in a massive way. [17] The Swiss Federal Council was asked to comment on the GPDel's remarks and recommendations by June 1, 2021. [18] During the GPDel's investigation, it became known that other companies besides Crypto AG were selling manipulated cipher devices. [19]

In May 2021, it became known that Jean-Philippe Gaudin would end his post as head of the Swiss intelligence service NDB at the end of August 2021, as he had informed the Federal Council too late about the affair and the relationship of trust had been shattered. The GPDel was also responsible for the investigation. [20]

Related Research Articles

<span class="mw-page-title-main">Boris Hagelin</span> Swedish businessman and inventor (1892–1983)

Boris Caesar Wilhelm Hagelin was a Swedish businessman and inventor of encryption machines.

<span class="mw-page-title-main">Crypto AG</span> Swiss company specialising in communications and information security

Crypto AG was a Swiss company specialising in communications and information security founded by Boris Hagelin in 1952. The company was secretly purchased for US $5.75 million and jointly owned by the American Central Intelligence Agency (CIA) and West German Federal Intelligence Service (BND) from 1970 until about 1993, with the CIA continuing as sole owner until about 2018. The mission of breaking encrypted communication using a secretly owned company was known as "Operation Rubikon". With headquarters in Steinhausen, the company was a long-established manufacturer of encryption machines and a wide variety of cipher devices.

<span class="mw-page-title-main">Federal Intelligence Service</span> Foreign intelligence agency of Germany

The Federal Intelligence Service is the foreign intelligence agency of Germany, directly subordinate to the Chancellor's Office. The BND headquarters is located in central Berlin. The BND has 300 locations in Germany and foreign countries. In 2016, it employed around 6,500 people; 10% of them are military personnel who are formally employed by the Office for Military Sciences. The BND is the largest agency of the German Intelligence Community.

<span class="mw-page-title-main">Schweizer Fernsehen</span> Former Swiss German-language public television broadcaster

Schweizer Fernsehen was the German-language division of SRG SSR, in charge of production and distribution of television programmes in Switzerland for German-speaking Switzerland. It had its head office in Zürich. Its most viewed programme was Tagesschau (news), daily at 7:30 pm.

<span class="mw-page-title-main">C-52 (cipher machine)</span> 1950s cipher machines by Crypto AG

The (Hagelin) C-52 and CX-52 were cipher machines manufactured by Crypto AG starting 1951/1952. These pin-and-lug type cipher machines were advanced successors of the C-38/M-209. The machine measures 8+12 by 5+38 by 4+38 inches. The device is mechanical, but when combined with an electric keyboard attachment, the B-52, the resultant system is termed the BC-52. The B-52 is larger, measuring 12+12 by 8+12 by 6+38 inches.

<span class="mw-page-title-main">Iran–Switzerland relations</span> Bilateral relations

Iran–Switzerland relations are foreign relations between the Islamic Republic of Iran and the Swiss Confederation.

Rohde & Schwarz GmbH & Co KG is an international electronics group specializing in the fields of electronic test equipment, broadcast & media, cybersecurity, radiomonitoring and radiolocation, and radiocommunication. The company provides also products for the wireless communications, electronics industry, aerospace and defense, homeland security and critical infrastructures.

<span class="mw-page-title-main">2010s global surveillance disclosures</span> Disclosures of NSA and related global espionage

During the 2010s, international media news reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked by ex-NSA contractor Edward Snowden. The documents consist of intelligence files relating to the U.S. and other Five Eyes countries. In June 2013, the first of Snowden's documents were published, with further selected documents released to various news outlets through the year.

<span class="mw-page-title-main">Global surveillance</span> Mass surveillance across national borders

Global mass surveillance can be defined as the mass surveillance of entire populations across national borders.

The German Parliamentary Committee investigation of the NSA spying scandal was started on March 20, 2014, by the German Parliament in order to investigate the extent and background of foreign secret services spying in Germany in the light of the Global surveillance disclosures (2013–present). The Committee is also in search of strategies on how to protect telecommunication with technical means.

<span class="mw-page-title-main">Regula Rytz</span> Swiss historian and politician

Regula Rytz is a Swiss historian and politician of the Green Party of Switzerland. She was a member of the National Council from 2011 to 2022. From 2012 to 2016, she was the co-president of the Green Party of Switzerland. She was the party president from 2016 to 2020.

<span class="mw-page-title-main">National Intelligence Agency (Thailand)</span>

The National Intelligence Agency (NIA) is an intelligence and security agency of Thailand. It serves as part of the Office of the Prime Minister. Its headquarters is in Paruskavan Palace, Bangkok.

<span class="mw-page-title-main">Fabian Molina</span> Swiss politician

Fabian Molina is a Swiss politician who currently serves on the National Council (Switzerland) for the Social Democratic Party since 2018. He succeeded Tim Guldimann and became the youngest member of the National Council (Switzerland) ever to be elected aged 28. He previously served as President of the Young Socialists between 2014 and 2016 as well as on the Cantonal Council of Zürich from 2017 to 2018. Since 2019, he is co-president of Swissaid.

<span class="mw-page-title-main">Maximator (intelligence alliance)</span> Intelligence alliance comprising Denmark, Germany, France, the Netherlands, and Sweden

Maximator is an alliance between the secret services of Denmark, Germany, France, the Netherlands and Sweden, comparable to the Five Eyes. It was founded in 1976 on the initiative of the Danish secret service and has operated largely undetected since then. The most important tool for reconnaissance and decryption was the sale of encryption devices with weak encryption methods. This was done via Crypto AG, a supposedly private Swiss company secretly owned by the BND and the CIA.

<span class="mw-page-title-main">2023 Swiss federal election</span>

Federal elections were held in Switzerland on 22 October 2023 to elect all members of the National Council and Council of States. The elections were followed by elections to the Federal Council, Switzerland's government and collegial presidency, on 13 December.

<span class="mw-page-title-main">Roche Tower 2</span> Skyscraper in Basel, Switzerland

Roche Tower 2 is a skyscraper in the Swiss city of Basel. With a height of 205 metres (673 ft), the building replaced Roche Tower 1 as the tallest building in Switzerland after it opened on 2 September 2022.

<span class="mw-page-title-main">Frank Garbely</span> Swiss investigative journalist

Frank Garbely is a Swiss independent journalist, non-fiction writer, author and director of documentary films. He is one of Switzerland's best known investigative journalists and has uncovered numerous scandals in his home country as well as abroad.

Nadine Andrina Riesen is a Swiss footballer who plays as a defender for Eintracht Frankfurt and for the Switzerland national team.

<span class="mw-page-title-main">Eric Nussbaumer</span> Swiss politician

Eric Nussbaumer is a politician of the Social Democratic Party of Switzerland (SP) and member of the National Council, the lower chamber of the Swiss Parliament. He is the current President of the National Council.

Ruth Waldburger is a Swiss film producer.

References

  1. 1 2 3 4 5 "The CIA secretly bought a company that sold encryption devices across the world. Then its spies sat back and listened". The Washington Post. Retrieved 2021-12-29.
  2. 1 2 3 4 5 6 7 ""Operation 'Rubikon'": #Cryptoleaks: Wie BND und CIA alle täuschten". www.zdf.de (in German). Retrieved 2021-12-29.
  3. Holland, Martin (11 February 2020). "#Cryptoleaks: CIA und BND steckten jahrzehntelang hinter Verschlüsselungsfirma" [#Cryptoleaks: CIA and BND were behind encryption company for decades]. Heise Online (in German). Retrieved 2023-08-26.
  4. 1 2 3 4 5 6 "Operation Rubikon". ZDF (in German). Retrieved 2021-12-29.
  5. 1 2 Nehring, Christopher (12 February 2020). "Der Geheimdienstcoup des Jahrhunderts". Deutsche Welle (in German). Retrieved 2021-12-29.
  6. Strehle, Res (1994). Verschlüsselt: Der Fall Hans Bühler (in German). Zürich: Werd Verlag. ISBN   3-85932-141-2.
  7. "Crypto AG: Schweiz unter einer Decke mit der CIA" [Crypto AG: Switzerland in cahoots with the CIA]. Infosperber (in German). 2020-02-12. Retrieved 2021-12-29.
  8. "Aktion Rubikon: Jahrelange Beschattung durch den BND" [Operation Rubicon: years of shadowing by the BND] (in German). Retrieved 2021-12-29.
  9. "BND und CIA spähten mittels gemeinsamer Firma Staaten aus" [BND and CIA spied on states through a joint company]. Der Tagesspiegel (in German). 2020-02-11. ISSN   1865-2263 . Retrieved 2021-12-29.
  10. 1 2 "Operation Rubikon – Die wichtigste Spionageoperation der Geschichte? Wie der BND und die CIA die ganze Welt belauschten" [Operation Rubicon – the most important espionage operation in history? How the BND and the CIA eavesdropped on the entire world]. Deutsches Spionagemuseum (in German). 2020-02-11. Retrieved 2021-12-29.
  11. "Cryptoleaks: Wo die Geheimdienste überall mithörten" [Crypto leaks: Where the secret services listened everywhere]. Tages-Anzeiger (in German). ISSN   1422-9994 . Retrieved 2021-12-29.
  12. Reuvers, Paul; Simons, Marc (2023-03-19). "Operation RUBICON". Crypto Museum. Retrieved 2023-12-21.
  13. "'Wer ist der befugte Vierte?'". Der Spiegel (in German). 1996-09-01. ISSN   2195-1349 . Retrieved 2021-12-29.
  14. "Geheimdienstaffäre Cryptoleaks - Weltweite Spionage-Operation mit Schweizer Firma aufgedeckt". Schweizer Radio und Fernsehen (SRF) (in German). 2020-02-11. Retrieved 2021-12-29.
  15. "Geheimdienst-Affäre - Geschäftsprüfungsdelegation untersucht Spionage-Affäre". Schweizer Radio und Fernsehen (SRF) (in German). 2020-02-13. Retrieved 2021-12-29.
  16. "Crypto-Affäre – Büro des Nationalrats gegen eine PUK". Schweizer Radio und Fernsehen (SRF) (in German). 2020-03-02. Retrieved 2021-12-29.
  17. "Untersuchung zu Cryptoleaks – Nachrichtendienst führt Bundesrat – statt umgekehrt". Schweizer Radio und Fernsehen (SRF) (in German). 2020-11-10. Retrieved 2021-12-29.
  18. "Coresponsabilité des autorités suisses, sur le plan politique, dans les activités de la société Crypto AG : la Délégation des Commissions de gestion clôt son inspection" [Co-responsibility of the Swiss authorities, on a political level, in the activities of the company Crypto AG: the Delegation of Management Commissions closes its inspection] (in French). Swiss Parliament. Retrieved 2021-12-29.
  19. "Omnisec: Weitere Schweizer Firma verkaufte manipulierte Chiffriergeräte" [Omnisec: More Swiss companies sold manipulated encryption devices]. Heise Online (in German). 30 November 2020. Retrieved 2021-12-29.
  20. "Nach Meinungsverschiedenheiten – Viola Amherd trennt sich von Geheimdienstchef Gaudin" [After differences of opinion, Viola Amherd separates from secret service chief Gaudin]. Schweizer Radio und Fernsehen (SRF) (in German). 2021-05-12. Retrieved 2021-12-29.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.