How a Swiss Cipher Firm Spied on 100 Nations for Decades Under CIA Control
Governments used Crypto AG for decades, unaware its devices let the US spy on their communications.
The scope of a covert Cold‑War‑era program only became clear in 2020 after an extensive cross‑border journalistic probe. Even with its profound implications, the story was quickly eclipsed as the world turned its focus to the COVID‑19 crisis.
Originating in the early Cold War, the operation linked wartime code‑breaking, intelligence sharing, diplomatic maneuvering and decades of clandestine monitoring. More than a hundred nations—including Iran, Libya, Argentina and Syria—bought encryption gear from Crypto AG, unaware of the hidden hand that directed the firm.
The disclosures reshaped how historians view several pivotal global events. U.S. agencies were shown to have intercepted massive troves of diplomatic and military traffic from foreign states, granting Washington insight that remained concealed for generations.
Reagan’s 1986 Berlin Statement Raises Intelligence Doubts
On 14 April 1986, President Ronald Reagan addressed the nation after a bomb exploded at the La Belle nightclub in West Berlin, a venue popular with U.S. troops. The blast injured over 200 patrons and claimed three lives.
In the televised address, Reagan announced retaliatory strikes on Libyan targets, asserting that the United States possessed definitive proof that Muammar Qadhafi ordered the attack. He recounted that on 25 March, directives left Tripoli for the Libyan People’s Bureau in East Berlin, ordering an assault intended to cause “maximum and indiscriminate casualties.” A follow‑up report from the Berlin office on 5 April, he said, confirmed the operation’s success.
Domestically, several legislators and reporters questioned the evidentiary basis for the response. Senator Sam Nunn called the material presented to Congress “sketchy,” especially regarding the intelligence used to select bombing sites. Washington Post reporter Bob Woodward described the intercepted messages as “somewhat ambiguous.”

Beyond U.S. borders, Iranian officials fixated on a different concern. They sought answers about how Washington had accessed the encrypted Libyan traffic. The query centered on Crypto AG, whose cipher devices served not only Libya but also Iran, the Vatican, the United States and NATO allies. Iran wondered whether its own encrypted channels had been compromised, raising broader doubts about U.S. surveillance during the 1979 hostage crisis and whether Reagan’s remarks inadvertently disclosed America’s code‑breaking reach.

Iranian Detention of Crypto AG Salesman Fuels Suspicion
Iran, one of Crypto AG’s biggest clients, assigned senior representative Hans Buehler to oversee its accounts. After the 1986 Berlin bombing and the U.S. retaliation, Iranian officials interrogated Buehler, demanding clarification about the security of the company’s encryption products.
The tension escalated in 1992 when Buehler traveled to Tehran and failed to return, having been detained by Iranian authorities for nine months of questioning.
According to CIA files cited by Popular Mechanics, the ordeal left Buehler “in bad shape mentally.” Iranian investigators repeatedly pressed him about possible ties between Crypto AG, the CIA and West German intelligence (the BND), as well as potential vulnerabilities in the firm’s cryptographic hardware.
Buehler consistently maintained that he knew nothing of such connections, a claim supported by his assertion that he genuinely lacked that information. Crypto AG ultimately paid a $1 million ransom to secure his freedom.
The detention altered Buehler’s view of the company. He reported that Iranian interrogators seemed better informed about Crypto AG’s ownership structure than he himself was.
For decades, Crypto AG was publicly linked to its founder, Boris Hagelin. When Hagelin retired, many assumed his son, Boris “Bo” Hagelin, would inherit the firm. Instead, ownership shifted in 1970 to a Liechtenstein holding company, and Bo Hagelin died in a car crash on Washington’s Beltway that same year.
After his release, Buehler began speaking publicly, adding momentum to media scrutiny. In 1995, the Baltimore Sun reported that the National Security Agency had manipulated Crypto AG’s machines to allow the United States to read foreign encrypted traffic. A year later, Germany’s Der Spiegel published a story linking the company to the CIA, NSA and BND.
While those investigations raised serious questions, they fell short of fully exposing the depth of the intelligence partnership.
From Personal Deal to Covert CIA Subsidiary
The covert program’s roots stretch back well before the public controversy. Boris Hagelin first worked for AB Cryptograph, a Swedish cryptography firm founded in 1916 by Arvid Damm with backing from Emanuel Nobel, Alfred Nobel’s nephew. After assuming control in the 1920s, Hagelin created his own cipher devices to compete with Germany’s commercial Enigma machines.
AB Cryptograph dissolved in 1930, transferring its patents to Hagelin’s new venture, Ingeniörsfirman Teknik, later renamed Cryptoteknik.
In 1940, as Nazi forces swept across Europe, Hagelin emigrated to the United States with his designs. The U.S. lagged behind other nations in cryptographic capability at the time. Hagelin’s portable M‑209 machine helped close that gap, operating on principles similar to Enigma but offering greater mobility. Production in a Syracuse typewriter plant yielded roughly 140 000 units and generated $8.6 million in Army contracts.
The collaboration also forged a close bond between Hagelin and William Friedman, often hailed as the father of American cryptology.
According to CIA records, Friedman met Hagelin at Washington’s Cosmos Club in 1951 and outlined what would become Operation Rubicon. Rather than limiting sales to the United States, Hagelin would establish a Swiss entity capable of marketing encryption equipment worldwide. Switzerland’s neutral reputation would lend the firm credibility among foreign customers.
The agreement stipulated that Hagelin reserve his most advanced, secure systems for the United States and its allies, while offering older, weaker models to other nations. In exchange, the U.S. covertly compensated him with $700 000 for foregone sales. By the 1960s, the arrangement evolved into a licensing deal featuring a $70 000 annual retainer and additional funds to boost Crypto AG’s global outreach.
As electronic encryption supplanted mechanical devices, U.S. intelligence sought a more ambitious scheme. Instead of merely restricting cutting‑edge products, they wanted foreign buyers to receive sophisticated machines whose encryption was deliberately weakened.
Hagelin eventually consented. In 1967 Crypto AG launched the H‑460 electronic cipher. Secretly, the company produced two versions of the same hardware: one for the United States and its allies, and another for the broader market.
The compromised variant bore no obvious external differences. Its encryption algorithm generated a limited sequence already known to the CIA and NSA, allowing American analysts to decode messages in moments, while customers remained oblivious to the breach.
Evidence suggests that Hagelin grew uneasy about how his technology was being exploited, and his son Bo strongly opposed the arrangement.
By 1970, Hagelin had retired, Bo Hagelin had died, and ownership transferred to a Liechtenstein holding company that, through a web of shell entities, was secretly controlled by the CIA and West German BND. From that point onward, Crypto AG functioned as a covert subsidiary rather than a mere cooperating vendor.
Over a hundred nations continued to purchase the firm’s devices, believing they safeguarded diplomatic, military and intelligence communications, while U.S. agencies silently decrypted a large share of the traffic.
The operation remained hidden for decades. Although 1990s reports hinted at intelligence involvement, the complete picture emerged on 11 February 2020 via a collaborative investigation by Swiss broadcaster SRF, German broadcaster ZDF and The Washington Post. Their reporting unveiled a 280‑page dossier chronicling Crypto AG’s ties to Western intelligence from its inception through decades of covert activity.
The files revealed that U.S. agencies intercepted and decoded between 80 % and 90 % of Iran’s encrypted communications, and that the program supplied Washington with advance insight into events such as the Iran hostage crisis, the Falklands War and Operation Condor in Latin America.
The investigation was published the same day the World Health Organization officially named COVID‑19. Within weeks, global attention pivoted almost entirely to the pandemic, leaving one of the most extensive intelligence operations in recent history largely out of the public spotlight.
This article has been fact checked for accuracy, with information verified against reputable sources. Learn more about us and our editorial process.
Last reviewed on .
Article history
- Latest version
Reference(s)
- Editors, Biography.com. “Ronald Reagan.”, April 3, 2014 Biography <https://www.biography.com/political-figures/ronald-reagan>.
- Natale, Michael. “6 Years Ago, Journalists Exposed the Biggest Spy Operation You’ve Never Heard Of. It Was Buried Again the Same Day..”, July 8, 2026 Popular Mechanics <https://www.popularmechanics.com/military/a71795207/operation-rubicon/>.
Cite this page:
- Posted by Vikram Desai