In 1992, a Crypto AG salesman named Hans Buehler flew to Tehran for a routine client visit. He never came home. Iranian intelligence arrested him at the airport and held him for nine months — solitary confinement, relentless questioning, the same accusation on an endless loop: he was a spy. Buehler insisted he was just a salesman. He genuinely believed that. What he didn’t know — what almost nobody knew — was that the CIA secretly owned his employer.
The company was Crypto AG. For more than five decades, it manufactured and sold encryption equipment to the intelligence services, foreign ministries, and military commands of over 120 governments. Those governments paid good money — sometimes millions — for machines that would keep their most sensitive communications private. Every negotiating position, every military order, every covert operation their diplomats and generals coordinated. Crypto AG’s machines would protect it all.
They didn’t. In fact, the CIA was reading every word.
So this is the story of Operation Rubicon — the intelligence operation the CIA’s own internal history called “the intelligence coup of the century.” It ran from the 1950s until 2018, when the company was quietly dissolved two years before the world found out what it had been doing.
Key figures: over 120 governments deceived, operation ran 50+ years, 40% of 1980s diplomatic cables interceptable, $1 million ransom paid and reclaimed from Hans Buehler.
A precision Swiss company in the most Swiss city imaginable
Crypto AG’s headquarters sat in Steinhausen, a quiet municipality outside Zug — one of the most discreet cantons in Switzerland, already famous for tax efficiency and corporate secrecy long before anyone heard of Crypto AG. Visitors described the company as unremarkably professional: staff in white coats, clean workshops, the methodical atmosphere of a watchmaker. That atmosphere was not accidental. People who understood Switzerland’s reputation deliberately engineered it. The neutrality and precision made the whole scheme work.
The company’s founder was Boris Hagelin — a Swedish-born engineer who had built cipher machines for the Allied forces during World War II. His M-209 — a pocket-sized encryption device — reached every US Army unit that needed secure communications. After the war, Hagelin moved to Zug and set up Crypto AG in 1952. Switzerland was the obvious choice. Neutral territory. A country trusted by all sides as an honest broker. A location where foreign governments would willingly place their communications infrastructure.
The secret at Crypto AG’s heart
What those governments didn’t know was that Hagelin had struck a secret arrangement with American intelligence dating to the late 1940s. He would build hidden weaknesses into his machines’ encryption algorithms — weaknesses invisible to anyone who didn’t know to look for them. American signals intelligence could exploit those weaknesses. Foreign customers could not. Hagelin appears to have genuinely believed he was working with the righteous side of history. He kept the arrangement for the rest of his life.
In 1970, the CIA and West Germany’s BND moved from informal arrangement to direct ownership. They bought Crypto AG through a web of shell companies. The operation got a codename: first Thesaurus, then Rubicon. The company was now, in every legal sense, a front. Its 60-plus employees had no idea. Its customers had no idea. Switzerland’s territorial neutrality was serving as cover and infrastructure for one of the Cold War’s most brazen intelligence operations.
How you rig an encryption machine without anyone noticing
Here’s what most Crypto AG coverage gets wrong: the operation’s genius had almost nothing to do with cryptography. Breaking the mathematics was complex but achievable for intelligence agencies with NSA-level resources. What made Operation Rubicon extraordinary was geography. The product’s credibility rested entirely on its Swiss origin. Remove Switzerland from the equation and nobody buys the machines. Nobody’s communications are compromised. The whole architecture collapses.
Kleptography: the hidden flaw
The technical term for what the CIA did is kleptography (hidden-flaw encryption) — embedding a mathematical structure in a cipher machine’s key-generation algorithm that appears random but is actually biased in ways only the attacker understands. A Crypto AG machine would generate what looked like a completely random encryption key. It wasn’t quite random. The key had a hidden structure that made it breakable in hours rather than the millions of years proper encryption would require. The customer’s message was encrypted. The ciphertext could not be read by an ordinary interceptor. It could be read by the NSA.
Yet the customers had no practical way to detect this. Verifying that an encryption machine’s algorithms were truly random requires access to the machine’s internal design, mathematical expertise in code-breaking, and the willingness to suspect a trusted vendor. Foreign governments buying Swiss encryption equipment were not in the habit of treating their vendor as a potential adversary. The machines worked. Messages were encrypted. The Crypto AG name meant precision and neutrality. That was enough.
Which governments were clients — and what the CIA was reading
The CIA’s internal history of Operation Rubicon was specific about one thing: Western allies were not targeted. The US, Britain, Germany, France, and their closest partners were never sold compromised equipment. The operation was aimed at everyone else — and everyone else is a large category.
Approximate distribution of Crypto AG government clients by region: approximately 30 in Asia-Pacific, 25 in Latin America, 22 in the Middle East and North Africa, 18 in Sub-Saharan Africa, 12 in Eastern Europe and non-NATO countries, and at least 3 others including the Vatican.
However, the Soviet Union and China — the obvious primary enemies — were the operation’s one significant failure. Both countries were too suspicious of Western technology to purchase Crypto AG equipment. The CIA’s internal history described this as a persistent frustration. In practice, it meant Operation Rubicon was most effective against countries that were either US-aligned at the time (and thus not adversaries) or non-aligned governments that had no reason to suspect a neutral Swiss vendor.
India and Pakistan — nuclear rivals across a contested border — were both Crypto AG clients. At moments of severe tension between the two countries, the CIA was reading both sides’ communications simultaneously. The documents made public say nothing about what US mediators did with that knowledge.
The intelligence coups: what the operation actually produced
The CIA’s classification of Operation Rubicon as “the intelligence coup of the century” is not rhetorical. Read through the specific cases where Crypto AG intelligence was decisive, and the phrase earns its weight.
| Year | Country / Crisis | What the CIA read | Strategic impact |
|---|---|---|---|
| 1979–1981 | Iran — hostage crisis | Khomeini government’s diplomatic communications and negotiating positions in real time | US negotiators entered talks with advance knowledge of Iranian red lines and flexibility |
| 1982 | Argentina — Falklands War | Argentine military communications including troop positions and operational orders | CIA shared intelligence with British forces; Argentina’s defensive dispositions were exposed |
| 1986 | Libya — Berlin disco bombing | Libyan embassy cables in which officials congratulated themselves on the La Belle bombing | Reagan cited “absolute and irrefutable proof” of Libyan culpability to justify US airstrikes on Tripoli |
| 1970s–1988 | Argentina, Chile, others — Operation Condor | Cross-border coordination of political assassination and disappearance programmes | Full picture of Condor assassination network available to CIA. What action was taken remains classified. |
| Ongoing | Vatican | Papal diplomatic correspondence and internal communications | Continuous visibility into Vatican foreign policy positions and diplomatic manoeuvres |
| 1980s–1990s | Iran — ongoing post-revolution | Iranian intelligence service communications and foreign ministry cables | Sustained insight into Iranian foreign policy decision-making across multiple administrations |
The Berlin bombing: proof in plain sight
The Berlin disco bombing case deserves particular attention because it illustrates exactly how Operation Rubicon worked in practice — and raises questions that the declassified documents don’t fully answer. The CIA knew from Libyan cables that Libya had ordered the April 5, 1986 bombing. They had that intelligence before Reagan went on television to announce the US response. The airstrikes on Tripoli that followed killed Gaddafi’s adopted daughter and injured two of his sons. The “irrefutable proof” Reagan cited was real. What was not disclosed was that the proof came from equipment that 35 countries were still using to encrypt their own diplomatic communications.
“It was the intelligence coup of the century. Foreign governments handed the US and West Germany good money for the privilege of having their most secret communications read by at least two — and possibly five or six — foreign countries.”
— CIA internal classified history of Operation Rubicon, obtained by the Washington Post, 2020The full chronology: how Operation Rubicon ran for 50 years undetected
The operation begins to unravel: 1992–2020
What clients thought they were buying — versus what they got
The gap between the marketed product and the actual product is worth stating explicitly, because it defines the scale of the deception.
| What governments believed they were buying | The reality under Operation Rubicon |
|---|---|
| Military-grade encryption that could not be broken by adversaries | Algorithms mathematically weakened so NSA could decrypt messages in hours |
| A neutral Swiss company with no government ties or allegiances | A company secretly owned by the CIA and BND through shell companies since 1970 |
| Equipment independently certified to international cryptographic standards | No independent audit was ever permitted to examine the actual algorithms |
| Switzerland’s neutrality as a legal and ethical guarantee of impartiality | Swiss intelligence services aware from the 1990s and choosing not to intervene |
| Communications protected under Swiss law and international conventions | 40% of all diplomatic cables in the 1980s were readable by CIA analysts |
| A commercial relationship governed by Swiss business law | A covert intelligence operation governed by CIA and BND operational directives |
What the Swiss government actually knew — and chose not to pursue
The most uncomfortable finding in Switzerland’s 2020 parliamentary investigation isn’t what officials knew. It’s what they chose not to pursue once they suspected.
The Swiss Federal Intelligence Service, the NDB, was aware of the CIA’s involvement in Crypto AG from at least the 1990s. The parliamentary commission found evidence that this knowledge existed at senior levels. Former Defence Minister Kaspar Villiger — who held the portfolio from 1989 to 1995 — the commission identified as someone who had “likely” been informed. Villiger denied it. The commission concluded that he was either informed in terms vague enough that the full implications didn’t register, or that a decision was made to leave the information at arm’s length. That distinction matters less than it appears.
The question officials didn’t want asked
Here’s the actual question the parliamentary investigation raised and left unresolved: why, when credible suspicions were circulating throughout European media from 1993 onward, did Switzerland’s intelligence apparatus choose not to investigate a domestic company? The commission found no evidence of direct Swiss government participation in Operation Rubicon. But it found clear evidence of a preference for not knowing — a determination to maintain plausible deniability in the face of mounting circumstantial evidence.
Still, that is not a uniquely Swiss failure. Most intelligence services in allied countries would have made the same calculation. But it complicates the official Swiss account, which emphasizes that Switzerland was used without its knowledge or consent. The chronology suggests a more accurate framing: Switzerland was used with the knowledge of some officials who found it preferable not to look too closely.
How the operation grew: client governments by decade
Bar chart showing approximate active government clients of Crypto AG by decade: 1950s approximately 15 governments, 1960s approximately 35, 1970s approximately 60, 1980s approximately 100, 1990s approximately 120 at peak before concerns began eroding client base.
The neutrality question, stated as directly as possible
Switzerland’s neutrality is not simply a foreign policy position. It is the foundational claim that makes Switzerland coherent as a nation — the argument that a country of four languages, 26 cantons, and no natural geographic reason for unity can hold together because it stands outside the conflicts that consume everyone else. That claim has been Switzerland’s primary export, in a sense, since 1815. It is why CERN is in Geneva. Why the Red Cross is based in Geneva. Why so many international organizations chose Swiss cities. The neutrality has genuine value, and genuine sincerity behind it in many contexts.
When neutrality became a cover story
Crypto AG complicates that claim in a specific and significant way. This is not a private actor operating without government knowledge. The Swiss intelligence service knew. Senior officials likely knew. Switzerland’s territorial neutrality — its physical, legal status as a neutral state — was being used as operational cover for one side’s espionage against the other 120 governments. The neutrality wasn’t violated from outside. It was quietly lent, or at minimum tolerated, from within.
The honest framing: Swiss neutrality has always contained both sincere and strategic elements, and the Crypto AG affair sits firmly in the strategic column. The appearance of neutrality was valuable. That value was worth protecting. When protecting the appearance required not investigating credible evidence that a domestic company was a CIA front, the preference for appearances prevailed.
That’s a more uncomfortable story than the official Swiss account, which emphasizes that Switzerland was used without its knowledge or consent. It’s also probably more accurate. And it connects, for anyone paying attention, to a broader pattern in Swiss history: the numbered bank accounts, the Nazi gold transactions, the J-stamp on Jewish passports. Switzerland has a recurring habit of discovering, decades later, that its neutrality served certain interests more than others. Crypto AG is the most recent chapter, and it probably isn’t the last.
Is anything like this still happening?
Almost certainly yes — in some form, somewhere — though almost certainly not through Crypto AG, which is dissolved. The strategic logic that produced Operation Rubicon hasn’t changed: intelligence agencies want access to foreign communications; neutral countries provide useful cover; encryption products are a natural vector. The methods evolve faster than the underlying ambition.
Edward Snowden’s 2013 revelations pointed to the NSA working to weaken a global encryption standard called Dual_EC_DRBG — inserting a backdoor into a cryptographic specification published through international standards bodies. The mechanism was software and standards rather than hardware. The scale was different. The fundamental intention — ensuring that encrypted communications remained readable by one party — was identical.
The lesson major intelligence services almost certainly drew from Operation Rubicon’s success is not that they should do less of this kind of thing. It’s that they should do it more carefully. The operation lasted 50 years. Journalists obtained a classified internal document and exposed it. That’s a better operational security record than most intelligence programmes manage. The lesson is about maintaining secrecy within the organisation, not about restraint.
The salesman who still deserved an apology
Hans Buehler spent nine months in an Iranian prison for a company whose real owners he didn’t know existed, sustaining a cover story he had no idea he was maintaining. When he was released, the company billed him for his own ransom through salary deductions. When he refused, they fired him. He later wrote a book, gave interviews, and spent years trying to get the world to believe what he suspected. The world largely waited until a CIA document made it impossible to ignore.
Buehler eventually settled with Crypto AG and moved on. The company that destroyed nine months of his life is now dissolved. The CIA’s internal history of the operation is publicly available. The Swiss parliamentary investigation is complete. In the archival sense, the story has an ending.
Whether it has a moral is a different question. The answer probably depends on which of the 120 governments you ask — and whether they ever found out which of their secrets they thought were safe.
Frequently asked questions about Crypto AG and the CIA
What was Crypto AG and where was it based?
How did the CIA come to own Crypto AG?
Which governments used Crypto AG equipment?
When was the Crypto AG scandal exposed, and how?
Operation Rubicon: what governments now know
Did the Swiss government know about the Crypto AG CIA operation?
What happened to Hans Buehler after his arrest in Iran?
What does the Crypto AG scandal mean for Swiss neutrality?
Sources & further reading
- Miller, G. (2020). The intelligence coup of the century. Washington Post (opens in new tab)
- Swiss Parliamentary Investigation into Crypto AG (November 2020). Eidgenössisches Parlament (opens in new tab)
- Swiss government response and NDB investigation findings. SWI swissinfo.ch (opens in new tab)
- Swiss Crypto AG spying scandal shakes reputation for neutrality. BBC News (opens in new tab)
- Miller, G. interviewed on Fresh Air: Uncovering the CIA’s Audacious Operation. NPR (opens in new tab)
