The CIA and the German intelligence service BND spied on Belgian diplomats for almost 30 years, using what has been described as “the most sophisticated Trojan horse in history,” it has been revealed.
The revelations come in a series of documents known under the title CryptoLeaks.
The Belgian foreign ministry between 1952 and 1980 used a sophisticated form of encryption to send communications from the ministry in Brussels to embassies worldwide and back again. The encryption was provided by machines made by the Swiss company Crypto AG.
What the Belgian government was not aware of, however, is that Crypto AG was owned jointly by the CIA and the intelligence service of first West Germany and then, after reunification, by the BND.
In other words, the spies were providing their targets with the means by which they could be spied on. And to rub salt into the wound, they were making the victims pay for the technology used against them.
To be clear, Belgium was not the only country to be spied on in this way by the secret operation known as Rubicon. But it was of particular interest given the different agencies housed here, including Nato and Shape on the military side, and the EU for commercial intelligence.
Elsewhere, Crypto AG made millions supplying governments and companies all over the world, including the revolutionary government in Iran, military juntas in Latin America, nuclear rivals India and Pakistan, and even the Vatican.
Ironically, Rubicon never managed to gain a foothold in the two great Cold War enemies of the time, China and the Soviet Union. Both countries suspected the Crypto AG technology might contain a back door to allow access to western intelligence. A suspicion which, it now appears, was justified in every detail.
Federal justice minister Koen Geens (CD&V) last week told parliament that the Belgian intelligence service had not been using Crypto AG machines in the last ten years of the operation, up to 1980. And while the matter was still being investigated, it was virtually certain state security had not been breached in the earlier years, either.
The R Committee, however, has decided to carry out its own investigation anyway. The Committee has independent oversight over both the military and the civilian intelligence services.
“The R Committee has begin an investigation of the Crypto AG affair,” said the committee’s chair, Serge Lipszyc.
“Was there an impact on Belgium? Did the government or the intelligence services use equipment from Crypto AG? And what did Belgian intelligence know about the secret operation at the time?”