The CIA's 'coup of the century' and Crypto AG
The Washington Post (WP) reported last week that the owner of the Swiss security equipment company Crypto AG is the US CIA.
The gist of the case is that the United States has continued to steal confidential information from more than 120 countries around the world using Crypto AG's cryptographic equipment.
Such information operations went on from the 1970s until 2018 when Crypto AG was sold.
▲ Identity of Crypto AG
After World War II, the CIA, together with the former West German Federal Intelligence Service BND, established Crypto AG, a cryptographic equipment company in Switzerland.
Not only the US allies, but also the enemy Iran or South American guerrilla groups, became the clients of this camouflage company without knowing the owner behind it.
The WP says it overheard everything the Egyptian president, Anwar Sadat, discussed with his staff when the US mediated peace negotiations between Egypt and Israel in 1978 with Crypto AG. He also monitored Islamic law scholars during the 444 American dysentery incidents at the Tehran Embassy in Iran in 1979, and in 1982, during the war in Britain and Argentina in the Atlantic Falkland Islands, Argentine troops were informed and handed over to Britain, a key ally.
CIA and BND were able to capture confidential information from customers by injecting preprogrammed code into the equipment to be delivered.
It's loaded with code that you can easily decipher, and you've lost a lot of information. Both intelligence agencies have sold cryptographic equipment to more than 120 governments worldwide via Crypto AG and have seized confidential information from countries for decades.
▲ Operation "Rubicon"
It is assumed that this information was shared not only in the US and Germany, but also in the UK, Canada, Australia and New Zealand called Five Eyes. And it's been a huge profit from so many agencies that want information. The CIA called this spy operation "Rubicon"
In their internal report, they criticized Crypto AG as "the intelligence coup of the century."
The limitation of Operation Rubicon is that countries such as the Soviet Union, China, and North Korea, which were major targets of US intelligence in the Cold War, did not use this equipment. The government refused to use the company's equipment in doubt that Crypto AG could be linked to the West, and has developed and used a highly cryptographic system that the United States cannot penetrate.
However, the CIA is believed to have gained a significant amount of information through other channels, such as tracking other countries' contact with Moscow and Beijing authorities. WP estimates that 40 percent of foreign intelligence gathered by US intelligence agencies in the 1980s was acquired by Operation Rubicon and was the boldest operation in CIA history.
After many years of cooperation, the German BND has decided to carry out the Rubicon operation after the reunification of East and West Germany. However, as the world of online encryption technology developed highly in the international security market, Crypto's status began to decline and the sale of assets to other security firms in 2018 ended the half-century intelligence war.
▲ Second, third Crypto AG..?
Recently, the U.S. has been a strong blow, arguing that Chinese authorities have planted backdoors on products of companies like China, Huawei and Xiaomi. The United States has called on Huawei to confuse communications with the Chinese government and ban all countries in the world from using 5G equipment.
There are also growing concerns about the possibility of hacking other security devices. It is necessary to raise security awareness in the private sector such as companies as well as at the national level on these information security issues.
In particular, it is important to manage information assets by applying the appropriate encryption solution for each organization, recognizing the importance of encryption and always being exposed to threats.
Critical data must be encrypted anytime, anywhere, and must be encrypted in a reliable way during file transfers. Above all, documents stored in the cloud must be encrypted, and encryption keys must be kept by individuals or customers.
Click below link and find the encryption solution you are looking for.