The CIA Secretly Ran One of the World’s Largest Encryption Firms for Decades
For decades, Swiss firm Crypto AG supplied governments around the world with encrypted communication systems. Most of its 62 customers never suspected anything was amiss, but a new report from The Washington Post and German broadcaster ZDF reveals that Crypto AG was actually owned by the CIA and West German intelligence (BND). For decades, the agencies effortlessly eavesdropped on the secure communications of allies and enemies alike.
Crypto AG didn’t start as a CIA operation — it was the brainchild of Russian-born inventor Boris Hagelin. Hagelin fled to Sweden when the Bolsheviks took power in Russia and then fled again to the US when the Nazis swept into Sweden. While in the US, he helped develop the M-209 encryption machine for US forces. After the war, Hagelin returned to Europe to reestablish Crypto AG in Switzerland. There, he developed more advanced versions of the pin-and-lug type encryption he used in the M-209.
According to the classified CIA documents obtained by The Post and ZDF, the CIA became concerned that Hagelin’s machines would allow other nations to completely obscure their communications, so it developed a plan to “deny” that technology to them. Knowing Hagelin held a great fondness for the US, intelligence officials approached him with a proposal. The CIA would pay Crypto AG to keep its more sophisticated cipher machines out of the hands of select nations. That would make their communications easier to intercept.
That arrangement suited the CIA just fine throughout the 1950s and 1960s, but the agency worried what would happen when Hagelin retired or died. In the mid-60s, the CIA and Crypto AG began cooperating more closely. As integrated circuits replaced geared encryption, the CIA designed a seemingly secure system that it could easily decipher. That formed the basis of Crypto AG’s new flagship products. In 1969, the CIA and BND purchased Crypto AG in secret, obscuring their control of the company with the help of a law firm in Liechtenstein.
Crypto AG continued operating as one of the world’s most successful secure communication firms throughout the late 20th century. Employees of the company thought they were providing powerful encryption systems to customers like Argentina, Libya, Iran, Brazil, India, and Egypt. However, the CIA and BND were able to read any correspondence they intercepted from Crypto AG machines.
Several nations became suspicious of Crypto AG in the late 80s when US President Ronald Regan chastised Libya for the way it gloated over a Berlin terrorist attack. He was so specific that Iran became concerned that the US had compromised the Crypto AG systems both it and Libya used. Iranian authorities detained a Crypto AG salesman for nine months. Upon his release, the man spoke to the media about his suspicions that Crypto AG was not what it appeared to be.
BND pulled out in the early 90s, fearing the operation might be revealed. However, the CIA remained in control of Crypto AG until 2018 when the firm was liquidated. By then, widely available online technologies had largely replaced Crypto AG products, but its hardware is still in use around the world. Probably not for much longer, though.