February 23, 2020
Array

Paying Uncle Sam for Stealing Our Secrets

Bappa Sinha and Prabir Purkayastha

WASHINGTON Post, the German and Swiss broadcasters ZDF and SRF have revealed that German Federal intelligence Agency BND and NSA-CIA jointly owned a Swiss company called Crypto AG. Through Crypto AG, they hacked into encrypted communications of a huge number of countries. While the Washington Post hyped the revelations calling it “The intelligence coup of the century”, the other two news organisations also raised issues regarding that as they had access to confidential information, they were complicit in mass murders in Latin America during ‘Operation Condor’ that included Chile, Argentina and other military dictatorships.
Crypto AG was a Swiss company that sold equipment claiming that their machines would send encrypted messages to other parties without 3rd parties being able to decipher the messages. It sold these encryption machines to governments of nearly 130 countries including Iran, military juntas in Latin America, nuclear rivals-India and Pakistan, their NATO and other allies, and even the Vatican. The company was secretly owned by the NSA-CIA and BND, who purposely weakened the algorithms or codes used by these machines, enabling them to spy on the communications of all these governments. The story is particularly scandalous, as countries paid a lot of money, reportedly running into billions of dollars for these machines to facilitate the stealing of their state secrets!
These two governments—the US and Germany—were spying on their enemies, neutral countries, and even their allies. Most countries believed in Swiss neutrality and trusted encryption tools and machines from Swiss companies. The Crypto AG connection to NSA-CIA became public after Iran arrested a Crypto AG employee in Iran for spying.
The story about NSA-CIA’s covert relationship with Crypto AG was broken by the Baltimore Sun way back in 1995.  Der Spiegel, a leading German newspaper, also reported this in March 8, 1997. While this information has been known for a long time, what is new, is the extent of the Crypto AG’s role and the huge cache of documents, which these three news organisations have received from internal NSA-CIA and BND archives.
With new technologies of computers and internet, old style cryptographic machines became obsolete. As we know from Snowden revelations and Wikileaks, NSA and CIA continued their intelligence operations using other companies, developing cryptographic tools that had built-in backdoors, and conducting mass hacking operations globally.
It is not as if this is the only known involvement or even the last incident of US Intelligence trying to break widely used cryptographic systems; or snooping on other governments including governments friendly to the US.
Why Washington Post would choose to particularly highlight this company whose equipments are no longer used now is anybody’s guess. Is it because of the new cache of documents? Is it because the US wants the world to know the threat of backdoors in telecom equipment as a part of their campaign against Huawei? Or is it the more mundane Washington Post’s owner Jeff Bezos’ company, Amazon losing out on a $10 billion contract with the US military?
Crypto AG’s systems had long become irrelevant not just due to the Baltimore Sun story but with the advent of Internet. Most governments and people started using internet for their communications, and their computers for sending encrypted messages over the internet. CIA and NSA’s focus therefore turned on the hardware and software used for “secure” internet communications. It was long suspected that the NSA and CIA put “backdoors” into the leading communications and encryption products, particularly those, which were US or western corporations. These suspicions were confirmed by the wide ranging Edward Snowden revelations in 2013 on the NSA’s activities. The NSA not only undermined cryptographic systems, but also moved on to hacking software and hardware of computers such that the communications can be read even before they are encrypted.
Starting from the turn of the century the NSA invested billions of dollars to preserve and improve its snooping capabilities. They found loopholes and inserted backdoors into communication equipment, encryption software, operating systems like Microsoft, Linux, Apple, Android, popular software products such as Lotus Notes, Microsoft products and popular internet services.
According to the Snowden documents, NSA also worked to weaken encryption standards.  The NSA ran a program codenamed “Bullrun” whose explicit mandate was to undermine encryption and secure communications: weaken encryption standards and work with companies to install “backdoors” in their products. According to Greenwald (Guardian, Friday September 6, 2013) the NSA, under Bullrun, had developed “capabilities against widely used online protocols, such as HTTPS, voice-over-IP and Secure Sockets Layer (SSL), used to protect online shopping and banking.” This meant weakening the entire infrastructure of commercial transactions and banking on which the world’s financial system works.
Under this Bullrun program, the NSA worked with RSA, a pioneering and leading supplier of internet encryption software, to undermine its software so as to create backdoors in any software program or system which would use RSA’s software. Given the iconic stature of RSA after whose co-founders, Ron Rivest, Adi Shamir and Leonard Adleman, the widely used RSA public key cryptography algorithm was named, these revelations shook the tech-community. Today, reports about NSA planted backdoors in leading telecommunication equipment and Internet router vendors such as Cisco Systems and Juniper Networks are now considered routine.
The Bullrun activities were not limited to commercial hardware and software but targeted open source software as well. A software bug named the “Heartbleed” was discovered in the widely used openSSL library which is used for encrypting internet communications including HTTPS traffic used on websites. Bloomberg ran a story that the NSA knew about this bug for two years before it got publicly discovered and used it to steal master keys of possibly millions of websites in order to snoop into “secure” encrypted communication between people and these websites.
It is not only the NSA which was in the global snooping business. In 2017, Wikileaks released a whole tranche of documents codenamed “Vault 7” which exposed the CIA’s covert global hacking program. These documents revealed that CIA had built a program parallel to NSA whose scope matched, if not exceeded the NSA program. This program “had over 5,000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponised" malware.” It is said that the total code produced by these hackers in CIA exceed the code used to run Facebook. These tools can target smart phones such as iPhones and Android phones, iPads and smart TVs to effectively convert them into listening devices. Vehicles control systems on modern cars and trucks could also be hacked. The CIA had developed techniques to “bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the smart phones that they run on and collecting audio and message traffic before encryption is applied.” The program had developed tools to attack operating systems such as Windows and Linux and also internet routers.
Given the extensive nature of the CIA and NSA programs, it would not be a stretch to say that practically no digital device or communication is beyond the prying eyes of the US intelligence. In light of this, the US government’s efforts to blacklist and sanction Huawei saying that Huawei poses a threat to security due to its ties with the Chinese government sounds hollow.
The US government has tried to pressure foreign governments such as the Europeans and even Indian government to not buy Huawei equipment for their next generation 5G networks, citing security and snooping risks, while providing no evidence. If anything, Huawei equipment may well be more secure than their US counterparts, which have a proven history of NSA backdoors, since even a single Chinese government backdoor would sink Huawei as a company. Given the choice between the technologically superior and cheaper Huawei equipment compared to the almost guaranteed insecure US equipment, no wonder that even friendly foreign governments such as UK and Germany are ignoring US pressure and going ahead with their purchase of Huawei products.
The real story lies in the US losing the technology lead. Lacking any US company in the fray on 5G networks, William Barr, the US attorney general and a former vice president of Verizon,  has suggested that the US buy up Ericsson and/or Nokia to develop its own 5G technology. Is it a confession that the US now needs a new Crypto AG to enter the 5G space? Is that what the noise about Huawei all about?