Crypto AG - The Greatest Espionage Operation Ever, Part 1

General McArthur, Egpyt's Anwar Sadat, and Iran's Ayatollah Khomeini: These are just a few of the dozens, likely hundreds of targets of arguably the biggest, most ambitious hacking operation ever. A secret mission that lasted nearly a century, and influenced the course of so many of the most important events of history. The history you thought you knew.

Hosted By

Ran Levi

Exec. Editor @ PI Media

Born in Israel in 1975, Ran studied Electrical Engineering at the Technion Institute of Technology, and worked as an electronics engineer and programmer for several High Tech companies in Israel.
In 2007, created the popular Israeli podcast, Making History, with over 14 million downloads as of Oct. 2019.
Author of 3 books (all in Hebrew): Perpetuum Mobile: About the history of Perpetual Motion Machines; The Little University of Science: A book about all of Science (well, the important bits, anyway) in bite-sized chunks; Battle of Minds: About the history of computer malware.

Crypto AG - The Greatest Espionage Operation Ever, Part 1

Two weeks ago, in a previous episode of our podcast, we told you about the Yom Kippur War of 1973 – a dangerous and traumatic war that left a deep scar in the collective memories of the Israelis who lived through it. The southern front of that war, in the Sinai Peninsula, was where some of the fiercest and bloodiest battles took place between the Israeli forces and the powerful Egyptian 2nd & 3rd armies. 

The echoes of these bloody battles were still fresh in the minds of many Isralies when on September 17th, 1978, the presidents of Israel, Egypt and the United States stood together on the same stage. On one side, Menachim Begin: a far-right ideologue who throughout his entire political career led a hawkish and uncompromising line against Israel’s enemies. On the other side: Anwar Sadat, the actual mastermind behind the Yom Kippur war. Now, in a moment you couldn’t have imagined, these mortal enemies were shaking hands. Then they gave each other a bear hug.

Few peace talks have ever gone so well. It was a crowning achievement for everyone involved.

But it was a lie.


During that three-way handshake in 1978, there was something that Carter and likely Begin knew, but Sadat and all the rest of us did not.

The two sides were spying on the third. Every time Sadat cabled Cairo using his own secret, state-of-the-art equipment, the Americans were listening in using a “priceless” communications hack. Each time Sadat entered into negotiations, his adversaries were one step ahead. The Camp David Accords were so incredibly successful not necessarily because ideologues became magnanimous, or world peace was on the horizon. It’s because Egypt was fooled, and they had no clue.

America had used the same trick years earlier, to prevent a nuclear World War III.

It began with Douglas McArthur, one of the few most vaunted generals in U.S. history. Only five generals have ever been awarded a five star rank, and he’s one of them. When Japan signed over their surrender to conclude World War II, it was McArthur who signed for the winning side. 

But in April, 1951, at the peak of his popularity, he was fired. President Truman claimed to have fired McArthur for the sake of “peace.” Nobody knew what that really meant at the time. Turns out he was spying on McArthur, and for good reason. In private communications, the general was secretly plotting to take his army from Korea into China, and possibly the USSR from there. Using nukes if they needed to. It’s ironic: the president who nuked Japan saved China and Russia from meeting the same fate.

Truman spied on his general the same way Carter did Sadat. But these are just two cases among many. Today’s episode will be the first part in a series, where we explore arguably the biggest, most ambitious hacking operation ever. A secret mission that lasted nearly a century, and influenced the course of so many of the most important events of history. The history you thought you knew.

Turns out: you know nothing. Welcome to Crypto AG.


What is the most famous cybersecurity tool ever created? 

The answer, of course, is the Enigma. Nazi Germany’s signature cryptography machine provided seemingly unbreakable communications for their war effort, until Alan Turing and his colleagues at Bletchley Park found the slightest hint of an Achilles’ heel. Some have said that these cryptographers were responsible for winning the war for the Allies, or at least shortening it by years. We all know the story by now.

But did you know the Enigma had a competitor? A series of machines comparable–almost identical–but sold to the other countries fighting the war. To both sides, actually. And they were all designed by one man.

Boris Hagelin wasn’t a supergenius, and wasn’t destined for greatness in the way that, say, Alan Turing was. And yet, he’s one of the very few people in history whom you can put in the same sentence as someone like Turing.

Lean and clean-cut, always in a suit and glasses and a fine-combed haircut, Hagelin got his first job in the field the old fashioned way: his daddy gave it to him. His father Karl, and their family friend Emmanuel Nobel–nephew to that Nobel–were invested in AB Cryptograph, probably the first company ever solely dedicated to cryptography. Emmanuel and Karl were convinced of the business application of cryptography, but the owner of the company was “obstinate,” so they brought in Boris to “oversee” things.

In an autobiography titled “The Story of the Hagelin-Cryptos,” Boris recalled the state of the company. The founder had, quote, “succeeded in winning the “big four” to his project: Marconi, Telefunken, TSF and Western Union. They financed the construction of four prototypes. But these did not appear to be reliable enough and were too slow, so the project failed.” End quote. Their finances weren’t good and, soon, Boris was made to run the whole company.

But he wasn’t your typical spoiled rich kid. In 1925, he made the most important move in the company’s history–a move that changed his life and then the course of history. In his own words, quote:

“I happened to hear that the Swedish General Staff had received an “ENIGMA” machine for study and I rushed to visit the officer concerned with this matter. I explained to him that the A.B. Cryptograph already had ten years of experience in the field of cipher machines and that I would be able to offer something possibly superior to the “ENIGMA”.”

The General Staff wanted a machine similar in size and function to the Enigma. They gave Hagelin six months to design something better.

Worst of all, Hagelin was bluffing. His company had nothing that could compete with the Enigma and he, himself, was totally unqualified to change that. Quote:

“Nevertheless I promised to deliver. In those days I had no experience whatsoever about cryptography but I had a certain talent for tinkering: I believed I would be able to build a comparatively compact machine.

To build the first model of the machine Emanuel Nobel allowed me the sum of 500 kronor, about $ 134.— (!) I succeeded in producing a prototype within the size limitations and in the time authorized, a somewhat primitive model but still adequate for the evaluation.”

The machine–model B-21–was black and thick, with two rotors controlled by two pairs of pinwheels, and two keyboards–one for typing and the other underpinned by electric lamps which indicated output letters when you were enciphering or deciphering. Mathematicians for the General Staff examined the machine thoroughly, and they approved it instead of the Enigma.


This wasn’t just an important business deal, it was a fundamental shift in thinking. Nobel and the Hagelins always conceived of cryptography as a business tool. AB Cryptograph was B2B. Now they were military contractors.

During the interwar period, Hagelin designed and pitched his machines to armies outside of Sweden. In 1934 he designed a lunchbox-sized model–the C-36–for the French military. He sold its successor–the C-38/M-209–for use across the entire U.S. military, plus the U.S. Navy, and Italy. By the ‘40s, Hagelin machines were outselling the Enigma, and encrypting communications across both Allied and Axis powers.

Hagelin happened to be in Italy at the outbreak of the war. Quote:

“I was able to leave on the last ship from Europe at Genoa on May 10, 1940 with two machines in my luggage before the Italians entered World War II. This trip was to lead to the largest sale of C Machines ever made.”

Hagelin shipped 50 cryptograph machines from Sweden to Washington and, quote, “After extensive testing the machine was accepted. The Americans selected it for tactical use, as they did not have any comparable machine at that time.” End quote. Cryptograph established a manufacturing line at the L. C. Smith Typewriter Factory in New York. They’d go on to produce 140,000 encryption machines for the Americans–a deal worth 8 million dollars total, 2.5 million of which went to Hagelin personally.

America and France were far from the only countries interested in Hagelin’s cryptography, however. On top of the Enigma, Alan Turing’s team at Bletchley Park successfully decrypted Italian communications by decoding the Hagelin equipment Italy had leftover from before the war.

In another case, Hagelin wrote about his surprise when, quote:

“One delivery went by an extraordinary way to Japan. The machines were smuggled out by the Japanese military attache in a night boat passage and picked up by a U-Boat off the coast of Sweden. But very few machines reached their intended destination in Japan.”

Hagelin was even more flattered by another, more successful enemy operation. Quote:

“It seems worth mentioning that the German authorities, who years before the war showed no interest in the demonstrated C Machine, began, toward the end of the war, [. . .] manufacture[d] a copy of the C Machine for their own use because the “ENIGMA” machine had been broken by the British. When the third Reich collapsed they had only been able to manufacture about 700 machines.”

The M-209 and its counterparts were instrumental for the Allies during World War II, particularly America. 


But five years later, the very same machine threatened to undermine America’s own national security.

In 1950, Hagelin was tinkering with his M-209. He added a new feature where the keywheels–the rotating gears that produce corresponding letters–would make deterministic but irregular steps, making each new configuration of the machine extra unreadable for any outside party. Additionally, he added a one-time tape–basically a key containing rows and rows of fully random numbers, which “add” to the characters in an encoded message. Unless you have a copy of the same one-time tape as the sender, you won’t know how the letters in each word of their message are modified into new letters. It is, theoretically, impossible to crack such a system.

Hagelin filed for patents on his new design in ten different countries, indicating an intention to sell it in the global market. On May 22nd, 1951, representatives from multiple U.S. intelligence bodies gathered to discuss the matter. The head of the Armed Forces Security Agency, William Friedman, outlined the implications for the country. Quote:

“It would be to the advantage of the U.S. government if the proposed new or improved Hagelin cryptoequipments were prevented from being developed, manufactured, and sold commercially on the open market.”

If an adversary got their hands on the new M-209, they would be entirely invulnerable from U.S. signals intelligence.


And if anybody understood just how bad that’d be, it was Friedman.

In World War I, before they had any kind of cryptology capabilities of their own, the U.S. government hired a cryptology group led by William Friedman, to be their kind of unofficial codebreakers. When America decided to develop its own cryptology service, they sent army officers to study under Friedman. He was appointed to head cryptology for the U.S. War Department in 1921 and, in 1930, Friedman was named to head the new “Signals Intelligence Service,” later the “Armed Forces Security Agency.”

Friedman was an expert at codebreaking. In fact, he once built a cipher machine of his own–the “SIGABA”–which was not only stronger than the Enigma, but to date has never been cracked. Years before Turing and his colleagues unraveled the Enigma, Friedman and his subordinates successfully deciphered Japan’s most advanced encoding system, codenamed “PURPLE.” Among their decoded messages: a cable sent to the Japanese embassy in Washington, indicating that negotiations between the two countries would end on December 7th, 1941. That day soon came to be known for an attack on Pearl Harbor.

In 1941, Friedman was admitted to the hospital following a nervous breakdown. It’s generally thought that he collapsed as a result of the mental strain of cracking PURPLE. Imagine how he must’ve felt, then, discovering that Boris Hagelin created a machine that made PURPLE look like child’s play. Quote:

“The effects of an expanding market for Hagelin machines should not be overlooked, [. . .] particularly if the proposed new types of Hagelin machines were adopted and used by U.S.S.R. satellites [. . .] Traffic in the new rotor machine, for example, would probably be entirely unreadable.”

To solve the Hagelin problem, he proposed a set of terms. The CIA would control which countries he could sell his new, unreadable machines to. Hagelin would provide U.S. intelligence with records regarding all of his sales, and the government would reimburse him handsomely in exchange for his troubles and any lost sales as a result of the deal.

And there was one further stipulation, motivated by a clever realization. As Friedman noted in his memorandum, quote:

“[R]epresentatives of the U.S.S.R. have visited the Hagelin Cryptology Company since 1946, desiring information as to new developments and products. [. . .]”

That was the worst case scenario: America’s newest, most dangerous ally getting hold of Hagelin equipment. Unless, in collaboration with the CIA, Hagelin sold them the right kind of equipment. In that case, quote:

“It may be possible to gain technical intelligence applicable to the cryptologic agencies of U.S.S.R. satellite countries.”


On the 14th of July, 1958, a pan-Arab insurgent group calling themselves the “Free Officers” assassinated the King and Prince of Iraq, overthrowing their U.K.-backed monarchy. Almost immediately–faster than could reasonably be expected–soldiers for the British army were deployed across the neighboring nation of Jordan, another one of their monarchies. That deployment prevented one uprising from turning into two. How did they act so fast?

Well, the Free Officers took inspiration from and were aligned with the Egyptian Free Officers who, three years prior, had overthrown their country’s monarchy. Gamal Nasser, Egypt’s new president, was pulling the strings, but Britain’s GCHQ, in partnership with the NSA, were watching his moves. Because when Nassar’s government sent encrypted cables to its Iraqi allies, they did so using hacked Hagelin machines.

So no, the CIA didn’t actually prevent Hagelin from selling to non-allied countries. In fact, they encouraged him to do it. Hagelin would sell his machines to any other government, even adversaries. However, those countries would receive machines prearranged to be readable by U.S. and allied intelligence agencies.

This one decision–to not prevent but, rather, manipulate the sale of a presumably private company’s encryption equipment–enabled a half century’s worth of intelligence. Intelligence that impacted many of the most significant events to occur in the following decades. The coup in Iraq. General McArthur in Korea. Camp David.

Or consider, for instance, Operation Condor, a brutal campaign of political repression, torture and mass murder across military dictatorships in South America in the 1970s. Some have speculated if the U.S. had any hand in it–in fact, three U.S. presidents were fully aware of the atrocities in real time, thanks to hacked Hagelin machines.

A few years after that–one of the worst diplomatic events in U.S. history–a mob of militarized college students breached the U.S. embassy in Tehran and took 52 hostages. They were held for 444 days, during which time the NSA was reading about 85 percent of the Ayatollah Khomeini’s communications.

These are just some of the dozens, likely hundreds of major world events that were monitored, influenced or otherwise subverted by the agreement–known as “Operation Rubicon”–between U.S. and allied intelligence agencies, and the Swedish inventor Boris Hagelin. It was the single largest spying operation in known history.


1952 was an important year for both Hagelin and Friedman.

Following the outbreak of the Korean War, President Truman’s government decided to collect U.S. communications intelligence under the umbrella of a new organization they called the “National Security Agency.” Friedman was named its first ever chief cryptologist. 

Following his agreement with and new funding from the CIA and NSA, Hagelin founded a new company called “Crypto AG” (“AG” being the Swiss equivalent of LTD.).

And while not everybody in U.S. intelligence came to love Hagelin, Friedman certainly did. Now in their ‘60s, the two developed a close friendship. They’d bounce ideas off of one another regarding Hagelin’s new models. Whenever Hagelin found issue with the government’s side of the deal, he went to Friedman first. When he visited Washington D.C., he stayed at Friedman’s home. Their wives became friends and, when they were away, they exchanged letters frequently. From Christmas, 1953, quote:

Dear Bill, 

First of all I want to thank you and Elizabeth for all your hospitality during my stay in Washington. I certainly enjoyed it very much; and my talks with you were most valuable for me, as they enabled me to find a foundation for my future work. [. . .]  We are all well here, and hope that you and Elizabeth will also pass the holidays in the best of health and in fine spirits. We send our best wishes for a happy new year, and hope to meet you soon again.


Everything seemed to be going quite well, at least for a short while.

But in 1955, following a trip to Crypto AG’s manufacturing plant in Switzerland, Friedman suffered a heart attack. He retired shortly thereafter, leaving Hagelin and U.S. intelligence–already on uneasy terms–to continue on their own.

To make matters worse, Hagelin himself began planning to retire. After fully establishing Crypto AG, he’d hand over the new company to his son, Bo.

But not everybody liked Bo. He was quite different from his father, and had some different ideas for the future of the company. Friedman always kept an eye on the young man, who was intentionally not informed of the full scope of what his father had agreed to. With Friedman out of the picture, and Hagelin planning retirement, the future of Crypto AG was in sight for Bo.

And so the most promising spying operation in America’s modern history laid with a young man–a “wild card,” as he was called–who never actually agreed to anything.