Operation Rubicon

The CX-52

Operation Rubicon (German: Operation Rubikon), until the late 1980s called Operation Thesaurus, was a secret operation by the West German Federal Intelligence Service (BND) and the U.S. Central Intelligence Agency (CIA), lasting from 1970 to 1993 and 2018, respectively, to gather communication intelligence of encrypted government communications of other countries.[1][2] This was accomplished through the sale of manipulated encryption technology (CX-52) from Swiss-based Crypto AG, which was secretly owned and influenced by the two services from 1970 onwards.[1] In a comprehensive CIA historical account of the operation leaked in early 2020, it was referred to as the "intelligence coup of the century" in a Washington Post article.[1] The Maximator alliance, which in addition to (West) Germany also includes Denmark, France, the Netherlands and Sweden, was also familiar with the vulnerabilities and used it in their intelligence gathering.[3][4]

History

[edit]
Involved countries
  Main spying countries
  Knowing/spying countries (also Denmark, France and the Netherlands via the Maximator alliance)
  Countries spied upon

The origins of Crypto AG go back to the Swedish engineer Arvid Damm; the company was founded in Switzerland in 1948 by the Swede Boris Hagelin. Crypto AG was considered one of the leading manufacturers of encryption technology. The company supplied to about 130 states; Operation Rubicon is said to have affected about 100 states.

According to The Washington Post, the nuclear powers India and Pakistan as well as the Vatican and several other countries, mostly from the global south, used devices from Crypto AG.[2][5] However, the manipulated devices from Crypto AG also allowed the United States' National Security Agency (NSA) and German Federal Intelligence Agency (Bundesnachrichtendienst, BND) to read the military and diplomatic communications of allied EU or NATO countries such as Ireland, Italy, Spain, Portugal and Turkey across the board. According to German public service media company ZDF, there were repeated disputes between the CIA and BND about this: German intelligence did not want allies to be spied on, while the CIA wanted to spy on basically every government.[2]

According to ZDF, the contract for the operation was signed on the German side by the then head of the Federal Chancellery and Federal Minister for Special Tasks, Horst Ehmke.[6] In this respect, it can be assumed that the Federal Chancellery, as the superior authority, was informed about the operation. When the BND and CIA began operations in 1970, the two intelligence agencies each became half owners of Crypto AG. Within Operation Rubikon, Crypto AG was given the code name Minerva. The ownership structure was concealed.[7] They bought Crypto AG because Boris Hagelin retired and they had no confidence in Hagelin's son Boris Jr. The latter was sales manager for North and South America. He died in a car accident the same year. His father had the cause of the accident investigated and did not believe it was an accident. Crypto AG profited externally from Swiss neutrality and the image of the country's integrity.[2] Through encryption technology sold as secure, but in reality manipulated, messages transmitted could be read by the CIA, NSA and BND intelligence agencies involved.

The Munich-based Siemens AG worked closely with Crypto AG and, among other things, manufactured the teleprinters for them. Siemens provided the management of Crypto AG for 20 years and had a five percent share of the profits. Siemens engineers helped develop the application equipment.

According to reports by Deutsche Welle (DW), the two owners, BND and CIA, shared Crypto AG's profits, which in 1975 amounted to CHF 51 million (about DM 48.6 million; in 2018, taking inflation into account, the equivalent of €42.6 million). According to DW, BND employees handed over their share to the CIA in cash at secret meetings in underground garages.[7]

In 1992, Hans Bühler, a Swiss employee of Crypto AG, was detained in Iran. After nine and a half months in custody, he was released on January 4, 1994, on payment of 1.4 billion rial bail (about €925,000 or CHF 1.5 million), after originally being asked for $1 million.[8] The amount was paid by the BND, but Bühler was fired by his employer shortly after his release. It later emerged that Bühler had not known about the tampered devices and had begun to make critical comments about the operation to the media.[9] According to CIA accounts, the HYDRA affair, the internal code name for what happened to Bühler, was "the most serious security breach in the history of the program".

In 1993, the BND sold its shares in Crypto AG for $17 million.[10] According to Bernd Schmidbauer, a former Chancellery Minister under Helmut Kohl, the Chancellery decided to pull out of the operation because the political risks were now rated much higher after Bühler's arrest. For example, the threat situation for Germany was apparently assessed differently after the end of the Cold War than in previous years, and relations between the states of Europe improved.[6] After the U.S. withdrew from the company, Crypto AG was split into two companies in 2018. The new management claimed when asked that it had no knowledge of activities prior to 2018.[11]

On the part of the BND, the Zentralstelle für das Chiffrierwesen (ZfCh) apparently played an important role in the execution of Operation Rubicon. Apparently, it provided the weakened encryption algorithms.[6] The ZfCh gave rise to the Central Office for Information Security (ZSI), which later became the Federal Office for Information Security (BSI). The head of the ZfCh until 1972, after the start of the operation, was Erich Hüttenhain, later Otto Leiberich, who also became the founding president of the BSI.

Decryption and geopolitical significance

[edit]

On behalf of the German government, the BND received diplomatic and military radio traffic from many states that encrypted with Crypto AG equipment. The BND was able to read these communications across the board thanks to manipulated encryption procedures.[12]

According to the leaked documents, at times over 40 percent of the NSA's total machine decryption could be traced back to Operation Rubicon, which was considered an "irreplaceable resource". For the BND, the operation was even more important as the centerpiece of cooperation with the Americans, as it accounted for 90 percent of reports on diplomatic operations, according to CIA figures.[1] At the same time, the weakness of the algorithms of the exported Crypto AG devices continued to be exploited by the BND well after the operation was terminated in 1992, according to media reports. For example, Italian traffic was reportedly still being deciphered around 2001.[6]

The German and U.S. governments were much better informed about domestic and geopolitical events in many countries than was known until the operation was uncovered. This subsequently raised questions about the actions or inaction of the actors involved.

Coup in Chile

[edit]

In the United States intervention in Chile, the United States relied on decrypted communications from the government of Salvador Allende.[13]

Negotiations on the Middle East conflict

[edit]

In the course of the 1978 Camp David Accords negotiations, the NSA was able to read communications from the Egyptian side and therefore knew their negotiating position. The agreement, negotiated under then U.S. President Jimmy Carter, resulted in the Israeli-Egyptian peace treaty in 1979.

Falklands War

[edit]

During the 1982 Falklands War between Argentina and the United Kingdom, it was apparently possible to decipher a large part of Argentina's encrypted communications.[6] Even before the war, the intelligence services of the Netherlands had gained access to Argentinian communications using Crypto AG devices, being familiar with its weaknesses as part of the Maximator alliance. The full details were subsequently shared with the British GCHQ, which prior to Argentina's attack had not focused on this country. The ability of the GCHQ to rapidly decode Argentinian communication played a fundamental role in the war. In its later stages, after realizing that their communication had been compromised, Argentina began to change their cryptographic keys much more frequently, which made it harder to decrypt.[4][14]

US conflict with Libya

[edit]

After the attack on the Berlin discotheque La Belle in April 1986, the BND and NSA intercepted communications between the Libyan embassy in East Berlin and Tripoli.[12] Then-U.S. President Ronald Reagan stated that he had clear evidence that dictator Muammar Gaddafi was behind the operation, and his country could track all Libyan communications. The disclosure of his own capabilities was linked to the need to justify U.S. attacks on the country (Operation El Dorado Canyon).

U.S. invasion of Panama

[edit]

In 1989, the United States invaded Panama (Operation Just Cause). Through Operation Rubicon, U.S. intelligence agencies knew that wanted President Manuel Noriega was in the Vatican embassy in Panama City.

Detection

[edit]

In 1995, hot on the heels of the Hans Bühler affair (HYDRA), The Baltimore Sun reported for the first time that Crypto AG had been selling manipulated cipher devices until the late 1980s, and made the connections to the NSA and CIA. In a series of articles, Scott Shane and Tom Bowman questioned the relationship between Crypto AG and Motorola, showing the minutes of a meeting held at Motorola in August 1975. At this meeting, two members of the American intelligence community — Nora Mackabee (NSA) and Herb Frank (CIA) — had been present.[15]

In 1996, Der Spiegel followed suit with a similar story in which they made the connections to the NSA and ZfCh. In its print issue No. 36 (1996), under the title "'Wer ist der befugte Vierte?'" ("'Who is the Authorized Fourth?'"), Der Spiegel devoted an article to the business practices of Crypto AG.[16]

The actual exposure of Operation Rubicon happened in February 2020 through the joint research of SRF, ZDF, and the Washington Post. They evaluated a 280-page intelligence dossier that proved that the BND and CIA were comprehensively behind Crypto AG. The dossier proves that Crypto AG sold manipulated encryption devices to about 130 countries as part of Operation Rubicon. The communication encrypted with the devices could be read by the services without any problems.[2][1] According to Austrian intelligence expert Siegfried Beer, such devices were also in use in Austria.

Bernd Schmidbauer, Minister of State to the Federal Chancellor under Helmut Kohl, confirmed the Rubikon operation to ZDF in 2020, claiming that it helped make the world a little "safer and more peaceful".[2]

Criticism

[edit]

Through Operation Rubicon, which lasted for decades, various German and U.S. governments had extensive detailed knowledge of human rights violations worldwide. Argentina's armed forces used Crypto AG technology during Argentina's military dictatorship from 1976 to 1983. The junta had thousands of regime critics thrown alive into the sea from military planes over the Atlantic; around 30,000 people in total fell victim to the dictatorship. Although the German government under Helmut Schmidt was aware of this through the interception technology of Crypto AG, the Germany national football team participated in the 1978 World Cup held in Argentina.[2] However, an obvious use of the information obtained would most likely have resulted in the unmasking of the politically highly sensitive operation, which was extremely important for the intelligence services involved.[citation needed]

Research by ZDF shows that the weaknesses of the algorithms in the manipulated devices could also have been exploited by opposing intelligence services. In the 1980s, the GDR's Ministry of State Security and the KGB had succeeded in deciphering the encryption of Turkish diplomatic reports throughout, thereby reading them. Turkey was also one of the states that purchased encryption devices with weakened keys from, among others, Crypto AG.[6] Thus, the weakened crypto products supplied to Allies ultimately jeopardized the security of the Alliance as a whole due to the increased risk of third parties skimming the information.

Investigations

[edit]

On January 15, 2020, the Swiss Federal Council decided to entrust former federal judge Niklaus Oberholzer with an investigation.[17] On February 13, 2020, an investigation was also launched by the Parliament's Business Audit Delegation (GPDel) under GPDel President Alfred Heer.[18] The GPDel decided to merge Niklaus Oberholzer's Federal Council investigations with theirs, and Oberholzer continues to work under the auspices of the GPDel. Some parliamentarians called for a Parliamentary Investigation Commission (PUK), which would have more powers. The office of the National Council spoke out against a PUK for the time being, first the report of the GPDel should be waited for.[19] The report was published on November 10, 2020. Not published, however, is the report, which was prepared by Niklaus Oberholzer on behalf of the GPDel. The report reveals, among other things, that the Strategic Intelligence Service (SND) knew from 1993 that foreign intelligence services were behind Crypto AG; however, both the Federal Council and the leadership of the intelligence service denied having knowledge of this fact. The GPDel subsequently raised the question of why the Federal Council was not informed – or did not want to be informed – in a matter that endangered Swiss neutrality in a massive way.[20] The Swiss Federal Council was asked to comment on the GPDel's remarks and recommendations by June 1, 2021.[21] During the GPDel's investigation, it became known that other companies besides Crypto AG were selling manipulated cipher devices.[22]

In May 2021, it became known that Jean-Philippe Gaudin would end his post as head of the Swiss intelligence service NDB at the end of August 2021, as he had informed the Federal Council too late about the affair and the relationship of trust had been shattered. The GPDel was also responsible for the investigation.[23]

References

[edit]
  1. ^ a b c d e "The CIA secretly bought a company that sold encryption devices across the world. Then its spies sat back and listened". The Washington Post. Retrieved 2021-12-29.
  2. ^ a b c d e f g ""Operation 'Rubikon'": #Cryptoleaks: Wie BND und CIA alle täuschten". www.zdf.de (in German). Retrieved 2021-12-29.
  3. ^ "A beery European spy club is revealed". The Economist. 28 May 2020. Retrieved 5 September 2024.
  4. ^ a b Jacobs, Bart (2020). "Maximator: European signals intelligence cooperation, from a Dutch perspective". Intelligence and National Security. 35 (5): 659–668. doi:10.1080/02684527.2020.1743538. hdl:2066/221037. ISSN 0268-4527.
  5. ^ Holland, Martin (11 February 2020). "#Cryptoleaks: CIA und BND steckten jahrzehntelang hinter Verschlüsselungsfirma" [#Cryptoleaks: CIA and BND were behind encryption company for decades]. Heise Online (in German). Retrieved 2023-08-26.
  6. ^ a b c d e f "Operation Rubikon". ZDF (in German). Retrieved 2021-12-29.
  7. ^ a b Nehring, Christopher (12 February 2020). "Der Geheimdienstcoup des Jahrhunderts". Deutsche Welle (in German). Retrieved 2021-12-29.
  8. ^ Strehle, Res (1994). Verschlüsselt: Der Fall Hans Bühler (in German). Zürich: Werd Verlag. ISBN 3-85932-141-2.
  9. ^ "Crypto AG: Schweiz unter einer Decke mit der CIA" [Crypto AG: Switzerland in cahoots with the CIA]. Infosperber (in German). 2020-02-12. Retrieved 2021-12-29.
  10. ^ "Aktion Rubikon: Jahrelange Beschattung durch den BND" [Operation Rubicon: years of shadowing by the BND] (in German). Retrieved 2021-12-29.
  11. ^ "BND und CIA spähten mittels gemeinsamer Firma Staaten aus" [BND and CIA spied on states through a joint company]. Der Tagesspiegel (in German). 2020-02-11. ISSN 1865-2263. Retrieved 2021-12-29.
  12. ^ a b "Operation Rubikon – Die wichtigste Spionageoperation der Geschichte? Wie der BND und die CIA die ganze Welt belauschten" [Operation Rubicon – the most important espionage operation in history? How the BND and the CIA eavesdropped on the entire world]. Deutsches Spionagemuseum (in German). 2020-02-11. Retrieved 2021-12-29.
  13. ^ "Cryptoleaks: Wo die Geheimdienste überall mithörten" [Crypto leaks: Where the secret services listened everywhere]. Tages-Anzeiger (in German). ISSN 1422-9994. Retrieved 2021-12-29.
  14. ^ Corfield, G. (18 May 2020). "Dutch spies helped Britain's GCHQ break Argentine crypto during Falklands War". The Register. Retrieved 5 September 2024.
  15. ^ Reuvers, Paul; Simons, Marc (2023-03-19). "Operation RUBICON". Crypto Museum. Retrieved 2023-12-21.
  16. ^ "'Wer ist der befugte Vierte?'". Der Spiegel (in German). 1996-09-01. ISSN 2195-1349. Retrieved 2021-12-29.
  17. ^ "Geheimdienstaffäre Cryptoleaks - Weltweite Spionage-Operation mit Schweizer Firma aufgedeckt". Schweizer Radio und Fernsehen (SRF) (in German). 2020-02-11. Retrieved 2021-12-29.
  18. ^ "Geheimdienst-Affäre - Geschäftsprüfungsdelegation untersucht Spionage-Affäre". Schweizer Radio und Fernsehen (SRF) (in German). 2020-02-13. Retrieved 2021-12-29.
  19. ^ "Crypto-Affäre – Büro des Nationalrats gegen eine PUK". Schweizer Radio und Fernsehen (SRF) (in German). 2020-03-02. Retrieved 2021-12-29.
  20. ^ "Untersuchung zu Cryptoleaks – Nachrichtendienst führt Bundesrat – statt umgekehrt". Schweizer Radio und Fernsehen (SRF) (in German). 2020-11-10. Retrieved 2021-12-29.
  21. ^ "Coresponsabilité des autorités suisses, sur le plan politique, dans les activités de la société Crypto AG : la Délégation des Commissions de gestion clôt son inspection" [Co-responsibility of the Swiss authorities, on a political level, in the activities of the company Crypto AG: the Delegation of Management Commissions closes its inspection] (in French). Federal Assembly. Retrieved 2021-12-29.
  22. ^ "Omnisec: Weitere Schweizer Firma verkaufte manipulierte Chiffriergeräte" [Omnisec: More Swiss companies sold manipulated encryption devices]. Heise Online (in German). 30 November 2020. Retrieved 2021-12-29.
  23. ^ "Nach Meinungsverschiedenheiten – Viola Amherd trennt sich von Geheimdienstchef Gaudin" [After differences of opinion, Viola Amherd separates from secret service chief Gaudin]. Schweizer Radio und Fernsehen (SRF) (in German). 2021-05-12. Retrieved 2021-12-29.
[edit]