Recently the Swiss government ordered an inquiry into a global encryption company following revelations it was owned and operated for decades by U.S. and German intelligence.
Crypto AG, a company that specialized in secure communications was based in Switzerland, but was operated by the CIA, which allowed the U.S. to eavesdrop on adversaries and allies alike, while earning millions of dollars from product sales.
According to a CIA report, “It was the intelligence coup of the century.” Basically, foreign governments were paying good money to the U.S. and Germany for the privilege of having their most secret communications read by the two countries.
The operation, codenamed Thesaurus and then renamed Rubicon in 1980s, demonstrated the overwhelming intelligence value of being able to insert spying capabilities into widely sold communications equipment.
The CIA’s success over many years is likely to reinforce current U.S. suspicions of equipment made by the Chinese company Huawei.
Neither China or Russia bought Crypto AG devices, but the company conducted business with more than 100 other countries.
In fact, Iran was a Crypto customer, which allowed the CIA and the NSA to spy on the revolutionary government in Tehran during the 1979 hostage crisis.
The CIA and German intelligence agreed to the purchase of Crypto in 1970 but, fearing exposure, the Germans sold their share of the company to the U.S. in the early 1990s.
However, the CIA continued to operate the company until 2018, when it sold the company’s assets to two private entities.
The way it worked was, the NSA manipulated the algorithms used by Crypto devices, so they could be quickly decoded.
Then the company started making two versions of its machines, secure models sold to friendly governments and rigged systems for adverse nations.
The fact is the amount of communications intercepted by the U.S. thanks to these devices has played a major role in national security.
The thing is, when it comes to spying one of the biggest threats is being able to communicate without being caught.
Considering how critical secure communications are, I want to share with you some of the top ways the spies communicate with each other.
Radio waves. Obviously, spies want to keep their communications a secret, however using radio waves literally broadcasts your secrets for everyone to hear, but no one else should understand the message.
This age old method is known as “numbers stations,” since they exist for the sole purpose to broadcast number sequences to spies operating in the area.
The way it works is the list of numbers is compared to a single line of numbers in a book, and comparing the numbers will give the spy the message intended for them.
But, importantly, each line in the book is used a single time. In other words, someone listening in cannot piece together messages through careful listening or tracking, only through stealing the book, if they can find it.
Digital steganography. Digital steganography is usually a form of text hidden in the pixels of a photograph.
Unlike cryptology, which uses a secret code to throw off eavesdroppers, steganography creates a covert channel, so a third party doesn’t even realize there are added communications.
These days computer technologies have made steganography easier. Today everything from voice over IP to digital filing systems can be exploited to hide more information in ever more sophisticated ways.
What I mean is hundreds of computer programs can read and encode messages within digital files.
Brush pass and dead drop. The brush pass is another technique often seen in Hollywood movies. Essentially the two parties pass the information by coming into direct contact for just a brief moment.
It’s much like sleight of hand for magicians but requires practice and perfect technique.
The dead drop is an old system for transferring information or other physical objects. The dead drop basically ensures that the two parties are not seen together at the same time.
Basically, the two parties agree on a physical location, which might be in the woods, or at an airport.
When a person leaves an object at the dead drop, the common associated protocol was to leave a chalk mark somewhere else, say, on the side of a mailbox, signaling the fact that a drop has been made.
The reality is when it comes to secure communication, oftentimes the less technology required the more secure the communication will be.
While these methods of communication sound out of date, I can assure you there are spies operating today using the basic tradecraft skills that have been around for decades.