Get best of the week

Half a Century Secret: The Whole World in the Palm of the CIA

A secure connection - via ssh, ssl and so on and so forth - is safe for any random person from the street, but not for special services such as the CIA. Everything that happens in the world, all messages, personal photos, correspondence, absolutely everything is available for the right people. If now we all voluntarily picked up and put in our pocket the device of the most successful project for total tracking - a mobile phone, then more than half a century ago when there were no computers, and it could not be assumed that everything was controlled by one special service.



The intellectual revolution of the century - such a headline is replete with an article in the Washington Post about how for decades the CIA read encrypted messages of allies and opponents. Such a confession, or a demonstration of the power of the Central Intelligence Agency.

For more than half a century, governments around the world have been trusting in keeping their company secret materials from one company.

Crypto AG received its first cryptocurrency machine contract for the U.S. Army during World War II. The following decades held the position of the undisputed leader in the manufacture of encryption devices: first mechanical devices, later machines on electronic circuits, and finally devices on silicon chips, software.

For the 21st century, a Swiss company has managed to earn millions of dollars by selling equipment in more than 120 countries. Among the customers were Iran, military juntas in Latin America, nuclear rivals India and Pakistan, and even the Vatican.

But! none of them suggested that Crypto AG is in fact the secret property of the CIA in a secret partnership with West German intelligence. This is how intelligence agencies managed to install the company's devices; it is easy to crack codes used by other countries to send encrypted messages.

The long-standing, carefully concealed information from the Cold War era has become the public domain. The story of a CIA covert operation was revealed in The Washington Post as part of a joint project with German public television company ZDF.

The story mentions not only the CIA officers who oversaw the program, but also company executives. It will be about the history of the creation of the enterprise, about internal conflicts that almost became the reason for its “death”. The theme of exploiting the United States and its allies of naive nations for their own monetization and profit, as well as the art of stealing secrets nationwide, will be highlighted.

The operation, originally codenamed Thesaurus and then the Rubicon, can rightfully be considered the most daring in the history of the CIA.

In conclusion to the CIA report: this operation is a reconnaissance coup of the century. Foreign governments paid a lot of money to the US and West Germany for the “privilege” of being among the countries whose secret messages were read as open books by at least two (and possibly as many as five or six) foreign countries.

Since 1970, the CIA and his fellow National Security Agency code cracker have controlled almost all aspects of Crypto's business: coordinated decision making, led technology development, set sales goals.

American and West German agents could successfully wiretap and monitor everything that was happening around. They monitored Muslim clergy during the hostage-taking in Iran (1979), broadcast intelligence about Argentine forces to Britain during the Falkland War, tracked the killing campaigns of South American dictators, and intercepted messages from Libyan officials congratulating themselves on the bombing of the Berlin disco " La Belle (La Belle) in 1986.


Royal Navy helicopter take-off after marines transport to Darwin, Falkland Islands, 1982.


The American hostage is being taken out of the US Embassy in Tehran, 1979.

The program of total surveillance, alas, or fortunately, has not become comprehensive. And all because the main opponents of America, including the Soviet Union and China, have never been in the ranks of Crypto customers. Their suspicions, as history shows, are justified, saved the secret materials from general listening and, therefore, declassification. The CIA says that a lot about Moscow and Beijing became known by observing their interaction with other countries.

Back in 1970, an extensive incriminating correspondence was opened between the NSA pioneer and the founder of Crypto, which already threw a cloud of suspicions about the company for violating security issues. In 1992, the seller of Crypto was arrested in Iran, who was not aware that it was selling vulnerable equipment. Such an anti-advertisement.

But the true extent of Crypto's relationship with the CIA and West German intelligence has not yet been fully disclosed.

West German intelligence, the BND, having estimated the entire risk of exposure, ceased cooperation in the early 1990s. For its part, the CIA acquired a share of the Germans and simply continued its work, using Crypto in espionage affairs until 2018, until the agency sold its assets.

For the global market, Crypto lost its significance when the active development and application of online encryption technologies began. Once a privilege of governments and large corporations, strong encryption has become as commonplace as mobile phone applications.

Despite all this, the operation of Crypto is relevant for modern espionage. The scope and duration of the initiative fully illuminates the United States' insatiable appetite for global control. This question was raised in 2013 by Edward Snowden. Echoes of Crypto are found in suspicions around anti-virus software developed by Kaspersky Lab; in ToTok text messaging applications (UAE).

This article is based on facts according to historical documents of the CIA, BND, covered by The Post and ZDF, after a series of interviews with current and former Western intelligence representatives, as well as Crypto employees. Most of them provided information on conditions of complete anonymity, since the topic is, to put it mildly, delicate.

It is difficult to underestimate the extraordinary stories of the CIA and BND. Confidential intelligence files are periodically declassified and published. But this is a rare, if not unprecedented, case when the history of the entire covert operation becomes public. The Post managed to get access to all documents. The source of the material insisted on publishing only excerpts.

The CIA and BND declined to comment, although US and German officials did not dispute the authenticity of the documents. The first is a 96-page report on the operation in 2004 by the US Central Intelligence Agency. The second is the oral history of German intelligence officials (2008).

Friction between the two allies around finance, control and ethical standards was exposed, while the Western allies were often amazed at the enthusiasm with which American agents carried their propaganda to them.

But both sides describe the operation as successful, surpassing their wildest forecasts. According to documents, sometimes, including in the 1980s, about 40 percent of diplomatic telegrams and other messages from foreign governments passed through Crypto machines, all this was successfully decrypted by cryptanalysts in the NSA.



By the way, all this time the company Crypto brought millions of dollars in profit, which the CIA and BND shared among themselves and invested in other operations.



Crypto products are still in use in more than a dozen countries around the world, and the orange and white company logo still flaunts the headquarters building near Zug, Switzerland. The company was disbanded in 2018.

The two companies acquired most of the assets of Crypto. The first - CyOne Security, bought out a controlling stake and is currently engaged in the sale of security systems exclusively for the Swiss government. The second company, Crypto International, is conducting an international business under the ancestral brand.

The newly formed companies claimed that they did not maintain constant communication with the intelligence services, partially not even suspecting the CIA of such “property”. Such statements were provided in response to questions from The Post, ZDF, and Swiss television company SRF that have access to documents.

There is no doubt about the existing relationship between CyOne and the past Crypto: the head of CyOne has held the same position at Crypto for two decades.

A CyOne spokeswoman declined to comment, but made a statement about the company’s non-involvement with any foreign intelligence services at the moment.

Andreas Linde, chairman of Crypto International, said he was unaware of any relationship with the CIA and BND before he came across the facts presented in this article.

“Crypto International has never maintained a relationship with the CIA or the BND - and please quote me,” he said during an interview. “If what you say is true, I feel treacherously deceived, and my family feels the same way, I’m sure that many employees, like clients of the company, are subject to the same emotions.”

The Swiss government has announced the start of its investigation into Crypto AG's relationship with the CIA and BND. Earlier this month, Crypto International's export license was revoked.

A curious observation: CIA and BND documents indicate that Swiss officials were notified of Crypto’s ties with U.S. and German intelligence services for several decades, but decided to intervene only after news organizations gathered to expose these relations.



Stories that do not address the question of when the CIA stopped participating and whether they stopped at all inevitably distort the documents. The Rubicon operation is illuminated as the triumph of espionage, which almost helped the United States defeat the Cold War, monitor dozens of countries with an authoritarian regime and protect the interests of the United States and its allies.

Newspapers generally avoid sensitive topics regarding the questions “Did the United States know whether they participated or not” in operations in countries using Crypto machines, where conspiracy to kill, ethnic cleansing and human rights abuses were present.

Declassified documents may serve as a reason for re-investigating issues of US interference / non-interference in international atrocities. The documents do not address obvious moral and ethical issues: the deception and exploitation of opponents, allies, and hundreds of unsuspecting Crypto employees. Many of them traveled around the world selling or servicing systems without realizing that they were risking their safety.



In the photo above, Jurg Spoerndley is an electrical engineer who has worked for 16 years at Crypto. Deceived employees say that revelations about the company left an indelible mark on a sense of betrayal, both of themselves and of customers. (Jahi Chikvendiu / The Washington Post).

“You work with confidence that you are doing your job well, producing a safe product,” said Jürg Spoerndli. “And then you realize that you deceived your customers.”

Those who led the secret program do not feel any remorse.

“I have no doubt!” Said Bobby Ray Inman, who served as director of the NSA and deputy director of the CIA in the late 1970s and early 1980s. “The whole operation was an extremely valuable source of information for most of the world, US politicians.”


Boris Hagelin, the founder of Crypto, and his wife arrive in New York in 1949. Hagelin fled to the United States after the Nazi occupation of Norway in 1940.

Failure operation


This sophisticated, complex operation has grown to meet the needs of the US military for a reliable but compact encryption device.

Boris Hagelin, founder of Crypto, was an entrepreneur and inventor, he was born in Russia, after the Bolsheviks came to power, he was forced to flee to Sweden. But after the Nazi occupation of Sweden in 1940, he again fled, this time to the United States.

He brought with him a crypto machine that looked like a music box, with a powerful handle on the side and a set of metal rotor wheels under a metal case.

There was World War II (1939-1945). One of Hagelin's greatest financial accomplishments was the development and sale of M-209 cryptographic machines for the US Army. The M-209 crypto machine was based on the C-38, a small cryptographic machine with 6 rotor wheels, the M-209 was adapted to the requirements of the US Army. All Hagelin's crypto machines were manufactured at a factory in Stockholm (Sweden), but the Americans got a license to manufacture the devices at home. This was a forced move, due to the outbreak of World War II, the mass supply of cars from Europe to the United States would be at least a difficult action. Hagelin decided to leave Europe, and organize the production of S-38 directly overseas.

About Hagelin cryptocurrency machines
, , 1982 . , , , -. „ “ , « », . 1921 . — , , Aktiebolaget Cryptograph. 5 , (1919 ). , . , , , . Aktiebolaget Cryptograph Electrocrypto B-18 . , — B-21 25 .



1925 Enigma. , . B-21 Enigma, 55 4 . , Aktibolaget Cryptoteknik. . B-21 . . B-211, . .



-211 , Enigma. B-211. 1934 -35. . 1937 .



-36, -35. , , . -36 . -36 , , . 5 -36 — -38 .

1936 -38 , - . -38 . 1942 Smith Corona, 400 . Converter M-209, .



And so, returning to publication: on May 10, 1940, Hagelin boarded the last ship from Europe to the United States, taking with him two copies of the S-38 crypto machine. Ultimately, these machines became the prototypes of the M-209, which soon "received the status" of the best seller among C-machines ever produced by the great Hagelinsky mind. Smith Corona was established in 1942 and specialized in the manufacture of typewriters.

The device was not as complex or safe as the beloved and used by the Nazis Enigma. Hagelinskaya M-209 was portable, it was ideally suited for use in mobile troops. These were 4 kilogram devices the size of a thick book. Many of the devices are presented intact in a private museum in Eindhoven, the Netherlands.



The process of sending a secure message from the device was tedious. The operator had to rotate the rotor, letter by letter with the handle. Hidden mechanisms were set in motion; as a result, an encrypted message was displayed on a strip of paper. Using Morse code, this encrypted message was transmitted to the recipient.

As for security, it was so weak that almost any attacker could crack the code in a sufficient amount of time. But! decryption would take several hours. And since the machines were used mainly for tactical messages about troop movements, by the time the Nazis decrypted the signal, its value would probably be zero.

During the war, about 140,000 M-209 exemplars saw the light of day. The machine was manufactured by the Corona factory of LC Smith in Syracuse, daily “army” M-209 replenished by 500 units. The U.S. Army signed a $ 8.6 million contract with the plant for the production of Crypto. After the war, Hagelin returned to Sweden and reopened his factory, with a fortune in his hand and the United States in his heart.

To establish the production of M-209 and BC-38 directly in the United States and not to pay high taxes in Sweden, Hagelin transferred the full and gratuitous patent rights to the US Army, receiving more than 3 million US dollars, of which 2.5 million were intended personally for the scientist. About $ 475,185 went to the balance sheet of the Hagelin Cryptograph Company (HCC) in Sweden. The US government granted Hagelin a free license to manufacture and upgrade the M-209 and BC-38 machines.

Despite this, after the war, American spies did not let him and his activities out of sight. Hagelin decided to improve the existing encryption machines by adding new features and, importantly, increasing the level of device security by introducing irregular stepping of encryption rotors.

Concerned about the capabilities of the new CX-52 and other devices being developed by Crypto, US officials began to discuss what they called the “Hagelin problem.”

According to the history of the CIA, the "dark centuries of American cryptology" have arrived. The USSR, the Chinese and the North Koreans used code generation systems that were almost indestructible. American spy agencies were afraid that the rest of the world would also leave their “radars” if Hagelin offered a new safe product.

The Americans had several levers of influence on Hagelin: the first - his ideological proximity to the country, the second - the United States was his main client, the third - the existence of a hidden threat that the US would flood the M-209 market left over from the war, and the sale of new cars will not be profitable.


In the mid-30s, the US Army intelligence service was headed by William Friedman (he is in the center). From left to right: Herrick F. Bers, Solomon Coolback, US Army Captain Harold G. Miller, Louise Newkirk Nelson, Abraham Sinkov, US Coast Guard Lieutenant L.T. Jones and Frank B. Rowlett. (Fotosearch / Getty Images) The

United States had a more important asset: William Friedman. He is also known as the father of American cryptology; Friedman had known Hagelin since the 1930s. It is no secret that Boris Hagelin and William Friedman were good friends. They had a lot in common, they had something in common: a passion for historical encryption machines, and, oddly enough, depressive states and thoughts. During the Second World War and after its end, they were in close contact with each other.

Perhaps the Rubicon operation would never have happened if the two had not shaken hands at the first secret agreement between Hagelin and US intelligence over dinner at the Cosmos Club, Washington, 1951.

In view of the tacit agreement-requirement, Hagelin was to limit himself to selling improved versions of devices in countries approved by the United States. Countries not included in this list should have acquired old vulnerable systems. Compensation to Hagelin for losses in sales amounted to $ 700,000.

Hageling, for his part, fulfilled all the points of the transaction, which cannot be said about the United States. For a long time, the CIA and the NSA have been debating about the conditions and expediency of the agreement.

In 1960, the CIA and Hagelin entered into a “license agreement,” according to which Hagelin was paid $ 855,000. Each year, he received compensation of $ 70,000, and $ 10 thousand for marketing expenses, for the guarantee that Crypto, and not other new companies in this field, would sell crypto machines to foreign governments.

The classic “abandonment operation”, in the language of intelligence, was a scheme designed to prevent the adversary from acquiring weapons or technologies that could give them an edge. This marked the beginning of Crypto’s collaboration with U.S. intelligence. Later, the entire operation passed into the hands of the CIA and BND.


In 1967, Crypto launched the H-460, a fully electronic machine; the filling was developed by the NSA.

Brave New World


From the very beginning, US officials wanted to offer Hagelin the “help” of their US cryptologists, dreaming of getting permission to inspect Crypto devices. But Friedman rejected this venture, fearing that for Hagelin it would be too unacceptable.

The CIA and the NSA saw the green light for their purposes in the mid-1960s. Hagelin was forced to seek outside help in the development of electronic machines, because the era of mechanical devices was approaching its completion with lightning speed.

NSA cryptologists were concerned about the potential of integrated circuits, because that meant the beginning of a new era of invulnerable encryption. But, an agency analyst, Peter Jenks, revealed a potential vulnerability.

According to him, the electronic system, "being developed by a cunning mathematician-cryptologist", at first glance is capable of producing an infinite set of random characters, but in reality it only repeats the output data with a small interval, in a word, it will not be difficult for NSA experts and their powerful computers to crack such a scheme.

Two years later, in 1967, Crypto released the new fully electronic model H-460, the filling of which was developed by the NSA.

In a historical document, the CIA is, as it were, gloating over this fact. “Just imagine this brave new world in which the US government, pursuing only its goals, convinces a foreign manufacturer to make changes to the equipment.”

The NSA did not introduce any secret loopholes into the development, the devices were not programmed to issue encryption keys. The agency was faced with the difficult task of intercepting messages from foreign governments, whether it was signals from the air or transmitted through fiber optics.

Nevertheless, such manipulations by the NSA optimized the process of hacking the code, now the hacking operation took only a few seconds, which would have taken several months earlier. The company has always produced at least two versions of its product - protected models for allied countries, and vulnerable systems for the rest, unfriendly part of the world.

The transition of Crypto to electronic versions of machines fully paid off on the material side of the issue, now the company has become dependent on the NSA. Foreign governments wanted to take hold of the know-how in the world of technology that replaced clumsy mechanical devices, not even suspecting their “secretly intentional” vulnerability.

German-American cooperation


By the end of the 1960s, Hagelin was almost 80 years old, he wanted to ensure the future of his company, which at that time employed more than 180 people. The CIA was puzzled by the fate of the operation in case the scientist died or his sudden desire to sell the company.

Hagelin wanted to transfer control of the company to his son Bo. But US intelligence officials considered him a dark horse and tried to hide the fact of cooperation from him. In 1970, Bo died in a car accident on the Washington Ring Road. There was no evidence of CIA involvement.

U.S. intelligence has repeatedly discussed the idea of ​​buying Crypto, but disagreements between the CIA and the NSA prevented this.

The French, West German and other European intelligence agencies either became aware of the United States agreement with Crypto, or they came to this conclusion on their own. Now, any intelligence service in the world was not against getting such a tidbit in the form of an agreement with Crypto.

In 1967, the French intelligence service, in cooperation with German intelligence, turned to Hagelin with an offer to buy the company. Hagelin declined the offer and informed the CIA.

Two years later, the Germans, having received US support, made a second attempt to buy Crypto: in 1969, at a meeting at the West German embassy in Washington, the head of the encryption service, William Going, outlined a plan and offered the Americans a partnership.



After a couple of months, CIA Director Richard Helms approved the idea of ​​buying Crypto and sent a subordinate to Bonn, the capital of Western Germany, to discuss the terms of the deal. A critical condition was the issue of non-participation of the French.

West Germany adopted the rules of the American game, in June 1970 a memorandum was signed between the two intelligence agencies, a CIA officer (due to Parkinson's disease) and the same indiscriminate scarlet of his BND flaunted on the document.

The agencies divided the amount for the purchase of the company at 5.75 million US dollars in half, but the CIA set the Germans the task of finding a way to cover up the traces of the ongoing transactions.

With the help of a Liechtenstein law firm, Marxer and Goop, the names of the new Crypto owners were hidden, thanks to a series of shell companies and bearer shares that kept the information about the company owner confidential until such shares were presented. The BND history says that the company was paid an annual remuneration “not so much for work as for silence”. The law firm, now known as Marxer and Partner, has refrained from commenting.

To control the activities of the company, a new board of directors was created. Only one council member, Sture Nyberg, to whom Hagelin handed over reins to the company, knew about the CIA's involvement. “Thanks to the new mechanism,” the CIA’s history notes, “the BND and the CIA managed to control the activities of Crypto.” Nyberg left the company in 1976. The Post and ZDF could not get information about his fate and find out if he was still alive.

Two intelligence agencies held regular meetings to discuss how to deal with their “purchase”. The CIA's headquarters was a secret base in Munich (initially housed at a military base, and then moved to the attic of a building near the US Consulate).

The CIA and BND agreed on a series of code names for the operation and its components. Crypto was given the code name Minerva, the same as the name of the CIA document. The operation was first codenamed “Thesaurus”, later in the 80s it was replaced by “Rubicon”.

Each year, the CIA and BND shared the profits earned with Crypto. The BND kept accounting records; the CIA transferred money in an underground parking lot.

Partnership could not be called cloudless from the very beginning, constant disagreements and an atmosphere of tension were in the air. It seemed to CIA operatives that the BND was only focused on making a profit, and the Americans had to “constantly remind the Germans that this was primarily an intelligence operation, not a profitable enterprise.” The Germans were stunned by the Americans' readiness to spy on almost everyone, but not their closest allies, including NATO members Spain, Greece, Turkey and Italy.

Soberly aware of their limited abilities in managing a high-tech company, the two agencies attracted corporate outsiders. The Germans offered 5% of Siemens sales for providing Crypto with business and technology advice. The United States later hooked up Motorola to fix complex systems, reminding the CEO of the company that all this is being done for U.S. intelligence. Siemens declined to comment. Motorola officials have not even responded to a request for comment.

To its disappointment, Germany was never admitted to the Five Eyes (USA, UK, Australia, New Zealand and Canada). But with a partnership in Crypto, Germany was able to get closer to American intelligence, which seemed utopian after World War II. With the secret support of two of the world's leading intelligence agencies and the support of the two largest corporations in the world, Crypto's business has flourished.

A table from the CIA's history shows sales growth from 15 million Swiss francs in 1970 to over 51 million in 1975 ($ 19 million). The company has
over 250 employees.



“The acquisition of Minerva has become a gold mine,” the CIA tells us about this period. The twenty-year-long operation has gone down in history as unprecedented access to communications from foreign governments.


Egyptian President Anwar Sadat meets with President Jimmy Carter during the Egyptian-Israeli peace talks at Camp David, September 1978. During the negotiations, the NSA secretly tracked Sadat's reports.

Iranian suspicions


For many years, the NSA wiretap empire was organized around three main geographical goals, each with a letter code: A for the Soviets, B for Asia and G for the rest.

By the beginning of the 1980s, more than half of G-group intelligence was collected using Crypto devices.

In 1978, when leaders from Egypt, Israel, and the United States gathered at Camp David to negotiate a peace agreement, the NSA secretly tracked Egyptian President Anwar Sadat’s communications with Cairo.

After the capture of American hostages in Iran (November 4, 1979), the Carter administration sought their release, with Algeria and Great Britain acting as intermediaries. Inman, who was then the director of the NSA, said that they regularly received calls from President Jimmy Carter, who was interested in the reaction of Ayatollah Khomeini’s regime to recent reports.

“We were able to provide answers to his questions in about 85% of cases,” Inman said. All this became possible thanks to the use of Crypto devices by the Iranians and Algerians.

Inman said that during the operation, he faced the most difficult task in his entire public service. At some point, the NSA intercepted Libyan reports stating that President Billy Carter’s brother was promoting Libya’s interests in Washington and was receiving cash rewards from leader Muammar Gaddafi.

Inman referred the case to the Ministry of Justice. The FBI launched an investigation into Carter’s case, which denied any proceeds from the Libyan revolutionary. He was never held accountable, but agreed to be recruited into foreign agents.

Throughout the 1980s, Crypto's list of leading customers looked like a hotspot card. In 1981, Saudi Arabia was Crypto's largest customer, followed by Iran, Italy, Indonesia, Iraq, Libya, Jordan, and South Korea.

To maintain its market position, according to documents, Crypto and its "anonymous" owners often dense competing companies with all kinds of slander, and did not disdain giving bribes to government officials. According to the story of the BND, Crypto sent the director to Riyadh, Saudi Arabia, with 10 hours of Rolex in luggage, later a training program was organized for the Saudis in Switzerland, "cultural trips to brothels, the visit of which was funded by the company, became a favorite pastime of the program participants."

The company sold equipment on preferential terms or incentive programs. It so happened that machines were acquired by countries that simply did not have the equipment to use crypto devices. Nigeria entered the treasury of such stories. The country acquired a large batch of Crypto machines. Since no intelligence information was received, from the word in general, two years later, a company representative was sent there to investigate the situation. “He found the equipment in the warehouse in its original packaging,” the German document says.

In 1982, the Reagan administration took advantage of Argentina's location with Crypto machines, and relayed intercepted information to Britain during the military conflict between the two countries over the Falkland Islands. True, the CIA document does not specify exactly what information was transmitted to London. The document outlines the information obtained during the operation and gives several prerequisites for how it was used.


US soldiers in civilian clothes near the scene of an explosion at a La Belle disco in West Berlin, during which 2 American soldiers and a Turkish woman died in 1986.

Reagan jeopardized Operation Crypto, accusing Libya of involvement in a 1986 disco blast in a West Berlin disco. The explosion killed two American soldiers and a Turkish woman.

Reagan gave the order to retaliate in Libya in 10 days. Among the registered victims was one of Gaddafi's daughters. To calm the impending wave of strikes in the country, Reagan delivered a speech saying that the United States has evidence of Libya's complicity in the explosion, "are direct, irrefutable evidence."

According to evidence, a week before the explosion, the Libyan embassy in East Berlin received an order to attack. And the day after the incident, "they reported Tripoli about the huge success of the mission."

According to Reagan, it was clear that communications between Tripoli and the embassy in East Berlin were intercepted and decrypted. The Libyan government was not the only one to take note of the fact of a possible secret wiretap.

Iran, knowing that Libya was using Crypto crypto machines, was worried about the safety of its equipment. Tehran has not responded to these suspicions for another 6 years.



According to documents, more than 120 countries used Crypto AG encryption equipment. Below is a partial list of 62 user countries.



Records show that at least four countries - Israel, Sweden, Switzerland and the United Kingdom - were aware of such a large-scale operation, information about its existence was received either from the United States or Western Germany.

After the acquisition of Crypto, the CIA and BND faced a difficult task, how to keep the company employees in the dark. The agencies made a lot of efforts to maintain a favorable attitude of Hagelin. Workers were well paid, they were granted benefits, for example, the opportunity to use a small sailing boat on Lake Zug, not far from the company's headquarters.

And yet, those who worked closely on crypto projects seemed to be constantly approaching the disclosure of a secret operation. Engineers and designers responsible for prototyping often questioned the algorithms coming from outside from some mysterious source.

According to legend, these were projects within the framework of a consulting agreement with Siemens. But even if that were the case, why, when easily detecting device vulnerabilities, were Crypto engineers not allowed to fix them?

In 1977, Heinz Wagner, CEO of Crypto, who knew about the true relationship with the CIA and BND, fired an overly curious engineer. Everything happened after the NSA sent a complaint that outgoing messages from Syria became unreadable. Engineer Peter Frutiger has long suspected Crypto of collaborating with German intelligence. He repeatedly traveled to Damascus to fix Crypto equipment and, most likely, fixed their vulnerabilities without permission from headquarters.

From the history of the CIA: Frutiger unraveled the secret of Minerva, this became a threat. The agency was furious at Wagner’s actions, since it would have been safer to pay him for silence rather than dismissing him from the company. Frutiger declined to comment on this event.


Mengia Caflish, a talented electrical engineer, began exploring the vulnerabilities of Crypto products.

U.S. officials were even more alarmed after Wagner hired the talented electrical engineer Menghia Caflish in 1978. She lived for several years in the United States, working in the department of radio astronomy at the University of Maryland Research, before returning to her homeland. In Switzerland, she applied for a job at Crypto. Wagner did not miss the opportunity and hired. The NSA immediately expressed concern: "too smart to be involuntary."

The fears turned out to be well founded, and soon Coughlish began to research the vulnerabilities of the company's products. She and Sporndley, a research colleague, conducted various tests and “plaintext attacks” on devices, including the HC-570 teletype model, which was developed using Motorola technology.

“We explored internal operations and dependencies step by step,” Sporndley said, and made sure that the code was cracked after substituting only 100 characters of encrypted text with plain text. “Amazingly low security,” Sporndley said in an interview last month.

“The algorithms,” he said, “always looked suspicious.”

In subsequent years, Caflish was a bone in the throat of agencies. She developed an algorithm so invulnerable that NSA officials began to fear that they would not be able to crack it. The algorithm was implemented in 50 machines of the HC-740 model, they managed to release them before the company management knew anything about it, production was suspended.

“The idea that something was wrong didn’t leave me,” she shared in an interview. But her research was not evaluated, she said. “Not all answers were welcome.”

The company restored the vulnerable algorithm in the production of the remaining machines in this series, and 50 models with a protected algorithm were submitted to banks, so they did not fall into the hands of foreign governments. As it became more and more difficult to store developments in their vulnerable form, Wagner told the leading research and development department that Crypto was “not completely free in its actions”.

This recognition reassured the engineers a little, they already suspected that the company was faced with restrictions imposed by the German government. But the CIA and BND once again became convinced that their intervention was becoming increasingly unstable.

For company employees, Crypto turned into the Emerald City, everyone was interested to find out what was hidden behind the curtain in the throne room. In the late 1970s, the idea came up to find the wizard of the Great and Terrible, who could help develop a more perfect - and less detectable - vulnerability in algorithms, someone who would not only be a cryptology guru, but also be able to “tame” the research the Department.

Two intelligence agencies were hired to search for relevant candidates. Because of Hagelin's connection with Sweden, a candidate for Swedish intelligence was proposed, who from the very beginning knew about the operation.

Schel Ove Widman, a professor of mathematics in Stockholm, made a name for himself in European academic circles thanks to his research in cryptology. Widman was a reservist in military service, and was in close contact with representatives of Swedish intelligence.

For the CIA, Widman was also interested in his attitude towards the United States, as an exchange student, he lived in Washington for a year.

In the family where he lived, they could not pronounce his Swedish name and simply called him Henry, later the name became the nickname under which he collaborated with the CIA.

For individuals who hunted Widmann, the process seemed simple. After training by Swedish intelligence officers, he was brought to Munich (1979) for allegedly interviewing the heads of Crypto and Siemens.

The interview was played according to all the rules: Widman answered many questions of men sitting at the table in the conference room of the hotel. During the lunch break, the two men asked Widman to remain alone with them.

“Do you know what ZfCh is?” Asked Jelto Burmeister, a BND employee who uses the abbreviation for the German encryption service. When Widman answered positively, Burmeister continued: “Now do you understand who Crypto AG really belongs to?”

Widman was introduced to Richard Schroeder, a CIA official in Munich, who controlled the agency at Crypto. Later, Widman recalled, “At that moment, my world completely collapsed.”

Widman without hesitation agreed to participate in the operation and was hired. Without leaving the room, Widman shook the agreement. The three men joined the others, a gesture was made with the finger raised up, and dinner turned into a celebration.

Widman took over as scientific adviser, directly subordinate to Wagner. He became a secret intelligence agent, every 6 weeks in Zug participated in meetings with representatives of the NSA and the German encryption service. Schroeder, a CIA officer, was also present at the meetings, but did not delve into their technical chatter.

Soon, new encryption schemes were developed, which Widman handed over to Crypto engineers. The history of the CIA calls him an “indispensable person” and “the most valuable recruited agent in the history of the Minerva program.”

His status inspired fear in his subordinates, his position endowed him with “technical significance that no one in Crypto could challenge.” The suspicions of foreign governments were dispelled. The schemes of new vulnerable algorithms developed by Widman were transferred to partners, according to the history of the BND. “The vulnerability could not be detected using ordinary statistical tests”, and in case of detection, “everything was easily attributed to an implementation error or a human error.” It turns out that in any case, Crypto executives would blame dishonest employees or inept users.

In 1982, Argentina became convinced that its crypto equipment was its enemy. Secret messages were intercepted and transmitted to the UK, which helped the latter to win the Falkland Islands War. Widman hastily set off for Buenos Aires with a new legend. It all sounded like this - the NSA hacked into an outdated speech scrambling device that Argentina used, but the main product purchased from Crypto, the CAG 500, remained "unbreakable." Bluffing clear water, but Argentina swallowed it and continued to buy Crypto equipment.

Widman has long been retired, lives in Stockholm. He declined to comment. Years after recruitment, the document described his memories of lunch as follows: “after shaking hands, he felt himself part of a secret community. According to him, this was the moment when he felt at home. This secret business became his life mission. ”

At the age of 90, Hagelin fell ill during a trip to Sweden and was hospitalized. He started recovering quite quickly, and was ready to return to Switzerland. But the CIA was worried about the Hagelinsky extensive collection of records and documents related to business and personal life, which was stored in his office in Zug.

Schroeder, with the permission of Hagelin, arrived in Zug with a briefcase and spent several days in the office browsing and studying files. He was introduced as a historian interested in the life of Hagelin. According to the document, Schroeder seized the compromising documents and sent them to the CIA headquarters, "where they are to this day."

After a stroke, Hagelin remained disabled until his death (1983). The Post was never able to track down Wagner, because it is not known whether he is still alive. Schroeder quit the CIA more than ten years ago and teaches at Georgetown University. When a reporter from The Post contacted him, he declined to comment.

Hydra Crisis


There were a couple of unprofitable years in the history of Crypto in the 1980s, but this did not affect the intelligence business. US intelligence agencies intercepted more than 19,000 Iranian messages sent using Crypto machines during the ten-year Iran-Iraq war.

US agents “read 80–90 percent” of Iran’s broadcast messages, according to a CIA document.

In 1989, the Vatican's use of Crypto devices played a major installment on the wanted list for Panama leader Manuel Antonio Noriega. The dictator sought asylum in the Apostolic Nunciature - equivalent to the papal embassy - his whereabouts were revealed from decrypted messages to the Vatican.

In 1992, the operation of Crypto faced the first serious crisis: in Iran, suspecting something was amiss, the seller of the company was detained.

Hans Buhler, 51, was one of the best sellers in the company. Iran, in turn, is a major buyer of Crypto. Buhler traveled to Tehran and back for years. Tense moments had already happened before, he was interrogated by Iranian officials in 1986, after an explosion at a disco and US missile attacks on Libya.

Boarding a Swissair flight to Tehran in 1992, he never returned as scheduled. Crypto turned to the Swiss authorities for help, where the companies reported that Hans was arrested by the Iranians. The official representatives of the Swiss consulate in Iran were allowed to visit Buhler. From a CIA document, “Hans’s state left much to be desired.”

Buhler was released nine months later, Crypto paid Iranians $ 1 million, an amount that was secretly provided to the BND. The CIA refused to participate in this kind of terrorist agreement, citing its hostage ransom policy.

Buhler was completely unaware of Crypto's relationship with the CIA and BND, or about device vulnerabilities. He returned to his homeland with the understanding that Iran knew more about the company in which he worked for than himself. Buhler decided to tell Swiss news organizations about his ordeal and growing suspicions.


William Friedman with his wife and cryptanalysis colleague Elizabeth Friedman (left) and Annie Hagelin, wife of Boris Hagelin, Switzerland, 1957.


Boris Hagelin, 1972.

The publication drew new attention to long-forgotten clues, including the Boris Project in Fridman’s huge collection of personal documents donated to the Virginia Military Institute after his death in 1969. Among 72 boxes delivered to Lexington, Virginia, copies of his correspondence with Hagelin were kept.

In 1994, the crisis escalated, because Buhler appeared on Swiss television, in the report appeared Frutiger, whose identity was hiding from the audience. Buhler died in 2018. Engineer Frutiger, fired for unauthorized fixing vulnerabilities in Syrian encryption systems, did not respond to a request for comment.

Michael Group, who succeeded Wagner as executive director, agreed to appear on Swiss television; he disputed the allegations, calling them bloated, disgruntled company employees. Frutiger called the story utter nonsense. “The Group’s appearance on television produced a confidential effect, and possibly saved the program,” the CIA said in a document. The group did not respond to a request for comment from The Post.

It took a couple of years for the argument to finally subside. In 1995, The Baltimore Sun published a series of investigative publications about the NSA, which revealed aspects of the agency’s relationship with Crypto.

The article reported that in the mid-1970s, NSA representatives traveled to Zug, where they held a series of secret meetings with Crypto executives. They posed as consultants to a shell company called Intercomm Associates, but introduced themselves as real names, which were preserved in the meeting notes.

After such anti-advertising, some employees began to look for work in other companies. And at least half a dozen countries, including Argentina, Italy, Saudi Arabia, Egypt, and Indonesia, either severed or suspended contracts for the supply of crypto machines.

Surprisingly, Iran, according to the CIA, "almost immediately resumed the purchase of CAG equipment."

The main victim of the crisis, code-named "Hydra," according to the Buhler case, was the CIA-BND partnership.

For many years, it remained a mystery to the BND how their American counterparts unreasonably divide countries into opponents and allies. Two partners often argued over which countries might become owners of secure versions of Crypto products. At the same time, US officials often insisted on selling vulnerable equipment to both opponents and allies.

In a German document, Volbert Schmidt, a former director of the BND, complained about the United States "they wanted to do business with the allies as well as with third world countries." Another BND official made the same comment, saying that for Americans, "there were no friends in the world of intelligence."

The Cold War ended, the Berlin Wall collapsed, and a united Germany had other concerns and priorities. They considered themselves much more at risk for Crypto operations. Operation Hydra produced a shake-up effect for the Germans. They feared that the disclosure of their involvement would cause the wrath of Europeans and entail large-scale political and economic problems.

In 1993, Konrad Porzner, head of the BND, made it clear to CIA director James Woolsey that the Germans might want to quit the partnership with Crypto, as top-level support has weakened. On September 9, the CIA chief in Germany, Milton Bearden, agreed with BND officials that the CIA bought back German shares for $ 17 million.

Representatives of German intelligence regretted withdrawing from the operation, which they actually planned. In a German document, senior intelligence officials accused political leaders of ending one of the most successful intelligence programs, of which the BND was once a part.

The Germans were suspended from intelligence that the United States continued to collect. The Burmeister in a German document wondered if Germany now refers to "a small number of nations that are not read by the Americans."

From the documents published by Snowden, it becomes obvious that the US intelligence agencies not only considered Germany their goal, but also tracked the mobile phone of German Chancellor Angela Merkel.

Alive and well


The CIA’s history ends with Germany leaving the program. Although the operation was completed in 2004 and the document contains clear assumptions that it is still ongoing.

For example, it is noted that Buhler’s case was “the most serious security violation in the history of the program,” but it did not become fatal. “This did not lead to the death of the operation,” the document says, “and at the turn of the century, Minerva remained alive and well.”

The operation seems to have just entered a protracted recession. By the mid-1990s, “Crypto made no profit,” and “would have ceased operations if it had not been for the infusion of the US government.”

But intelligence continued to exist, from the recollections of current and former employees, the information came partly due to bureaucratic “inertia.” Many governments, especially in less developed countries, simply did not bother to switch to newer encryption systems and disable Crypto devices.

Most of the employees indicated in the documents of the CIA and BND are already 70 or 80 years old, some are not alive. In an interview conducted in Switzerland last month, they expressed their concern about involvement in the company.

Ordinary Crypto employees have never been informed about the company's true attitude to intelligence agencies. But well-founded suspicions were in the air, they could be enough to make a decision to leave the company because of ethical principles.

“Either quit or accept what is happening,” said Caflish, who is now 75 years old, she left the company in 1995, continues to live on the outskirts of Zug in the building of a former clothing factory, where she has been engaged in the production of semi-professional opera performances for many years. “I had reasons why I left,” was both the discomfort caused by doubts about Crypto and her desire to spend more time at home with children. After the latest revelations, she said: “most likely I had to leave earlier.”

Sperndley said he regrets his attempts at self-persuasion. “Sometimes I told myself that it could be for the better that the good guys in the United States are aware of what's going on between these third-world dictators,” he said. “But this is a cheap self-belief trick. In the end, I felt that something was wrong. "

According to the documents, most of the executives directly involved in the operation were guided by ideological goals and refused any overpayments of Crypto. Widman was an exception. “Before retirement, he secretly significantly increased compensation,” - said the CIA. He was awarded the CIA Seal Medal.

According to former representatives of Western intelligence, after the release of the BND, the CIA expanded its secret crypto network of companies. For profits from the Crypto operation, the agency secretly acquired a second firm and financially supported a third. The documents do not say anything about this and, accordingly, there are no details about what kind of firms. But the BND document noted: a longtime rival of Crypto - Gretag AG, Switzerland, was "captured by the American", and after the name was changed, "liquidated" in 2004.

Crypto slowly hobbled on: experiencing the transition from metal boxes to electronic circuits, from teletypes to encrypted voice systems. The problem arose when the encryption market switched from hardware to software. Some U.S. intelligence agents still hoped for the Crypto operation, despite the fact that the NSA's attention had already shifted to finding new ways to use the global capabilities of Google, Microsoft, Verizon and others.

In 2017, the old Crypto building near Zug was sold to a commercial real estate company. In 2018, the remaining assets of the company - the key components of the encryption business, launched almost a century earlier - were divided and sold. It seemed that such transactions were supposed to cover the CIA's exit from the operation.

CyOne acquired the Swiss part of the business along with management, so Crypto executives moved to a new company that is not related to spyware, while still having a reliable source of income. The Swiss government, which has always sold secure versions of Crypto systems, is the only customer of CyOne.

Giuliano Ott, the CEO of Crypto AG from 2001 until its collapse, was appointed to the same position at CyOne after acquiring Swiss assets. It is likely that he, like all his predecessors in this position, is aware of the past owner of the company - the CIA.

“Neither CyOne Security AG nor Mr. Ott provide any comments regarding the history of Crypto AG,” the company said in a statement.

Crypto's international accounts and business assets were sold to Linda, a wealthy family Swedish entrepreneur who runs commercial real estate holdings.

At a meeting in Zurich last month, Linda said the interest in the company was partly due to the legacy and relationship with Hagelin. Starting work, Linde transferred some of the historic Hagelin equipment from the warehouse to the shop window at the factory entrance.

After reviewing evidence of Crypto's affiliation with the CIA and BND, Linda looked clearly shocked. He said that during the negotiations he did not find out who was the shareholder of the company. He only wondered when this article would be published, as he began to worry about the safety of his employees abroad.

In a subsequent interview, Linde said that his company is examining all the devices sold for hidden vulnerabilities. “We should eliminate everything related to Crypto as soon as possible,” he said. When asked why Linda did not bother to get an answer from Ott about the veracity of the charges, the entrepreneur referred to the fact that he considered this to be just rumors.

He said he was confident in Crypto products, as there were foreign governments among the company's customers, and if there had been a clear threat, many countries would have long given up compromised machines.

“I even acquired the Crypto brand,” he said, emphasizing his confidence in the viability of the company. The publicized information led Linda to the thought: “This is probably one of the stupidest decisions I have ever made in my career.”

The liquidation company was still the same law firm in Liechtenstein, which was engaged in the sale of Hagelin to the CIA and BND 48 years ago. The terms of the deals in 2018 were not disclosed, but current and former officials estimate their total value at $ 50-70 million.

The last CIA profit for Minerva’s operation.

A bit of advertising :)


Thank you for staying with us. Do you like our articles? Want to see more interesting materials? Support us by placing an order or recommending to your friends cloud-based VPS for developers from $ 4.99 , a unique analog of entry-level servers that was invented by us for you: The whole truth about VPS (KVM) E5-2697 v3 (6 Cores) 10GB DDR4 480GB SSD 1Gbps from $ 19 or how to divide the server? (options are available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).

Dell R730xd 2 times cheaper at the Equinix Tier IV data center in Amsterdam? Only we have 2 x Intel TetraDeca-Core Xeon 2x E5-2697v3 2.6GHz 14C 64GB DDR4 4x960GB SSD 1Gbps 100 TV from $ 199 in the Netherlands!Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - from $ 99! Read about How to Build Infrastructure Bldg. class c using Dell R730xd E5-2650 v4 servers costing 9,000 euros for a penny?

More articles:


All Articles