Tuesday, August 02, 2022

Joseph Helmich – The KL-7 for Cash Spy Case

Joseph George Helmich

The John Walker spy case from 1985 was covered extensively by the press. In 1968 he sold the technical details of the KL-47 crypto machine (Navy version of the KL-7) to the Soviets and provided them more than 17 years the secret key sheets of the machine, causing tremendous damage to U.S. Naval communications. But he was not the first.

Joseph Helmich already compromised the KL-7 five years earlier but his case is hardly known to the public. Both Walker and Helmich were only caught after 17 years, but textbook spy candidat Helmich could have been caught much sooner.

Career in Signals 

Joseph Helmich (°1937) entered the U.S. Army in 1954. After Signal School training he served two years in Korea. In 1958 he received a Top Secret clearance at the Signal Training Center in Fort Gordon.

Later that year he served at the U.S. Communications Zone Europe in Orleans, France and from 1959 until 1963 in the 275th Signal Company in Paris. Meanwhile, he was appointed Warrant Officer, now had Top Secret clearance and worked as custodian for classified cryptologic documents.

While in Paris, Helmich got into financial trouble and wrote some bad checks. To avoid court-martial and solve his debts he contacted the Soviet embassy and offered to sell classified information. He met with a Soviet agent, working undercover at the Soviet Trade Mission in Paris and received instructions in espionage tradecraft. He provided the Soviets with the repair manuals of the KL-7, the secret internal wiring of its rotor and the secret daily key lists.

Keys for Cash 

Helmich moved in 1964 to Fort Bragg and served in a signal battalion. He made several trips to Paris to meet his handler, a GRU Soviet Military Intelligence officer. Each time, he provided key lists copies from the KL-7, at that time the most used crypto machine by U.S. troops in Vietnam and by many of their allies. He was paid at least $131,000 but he was going to be sent to Vietnam soon.

Meanwhile, Helmich owned his own home and two jaguar cars, quite unusual for a 28 year old of his rank. This triggered an investigation and he explained that his wealth came from an investment in France and gambling. Both claims proved unverifiable and he refused a polygraph examination. As a result, his Vietnam assignment with the Army Security Agency (ASA), a unit responsible for communications security, was turned down. Instead, he was sent to a supply unit in Vietnam.

After returning from Vietnam, his security clearance was revoked due to serious financial problems. He decided to quite the Army, rather than being discharged, and got work as a car sales man. It seemed as they would never discover his betrayal…

Connecting the Dots

In 1974 the FBI received information from a well-placed source that someone with the codename “Greenwood” worked for the GRU. The unidentified person had served in France, had experience in radio interception, served from late 1964 a year in Vietnam and then quit the Army, although still ten years to go. This was the start of FBI counterintelligence operation "Hookshot" to identify the spy. They informed U.S Army Intelligence and Security Command INSCOM to investigate who could fit that profile.

INSCOM reported that Joseph Helmich perfectly fit that profile and the FBI started an extensive investigation with surveillance, all in utmost secrecy to avoid alarming Helmich. His telephone records, jobs, earnings and bank accounts were checked. They discovered several inconsistenties. He had earned $3,000 in three months ($18,000 in present 2022), way more than his wage as a car salesman. He was kept under surveillance for six years.

In 1980 it seemed that Helmich’s life went from poor to rich and back to poor. He now lived near Fort Gordon with its SIGINT training facility and the Charleston Navy nuclear submarine base, two sensitive locations. The FBI suspected that he might still have contact with Soviet intelligence.

New Contact and Arrest

From early on, the Soviets had deposited each of his payments in Switzerland. End of May 1980 Helmich traveled to Canada and visited the Soviet embassy in Ottawa to inquire about getting some of that money. He was told to go to Paris. The FBI however was on his tail and aware of the Soviet embassy visit. Helmich, at the time unemployed, returned to the United States but did not return to his home, had sold all his furniture and his home was for sale. 

It was now time for the FBI to bring in Helmich and debrief him, including polygraph tests. He was interrogated extensively in the following year and was also caught trying to deceit the FBI. Helmich was arrested in July 1981 and indicted on four counts of espionage.

Two months later he eventually pleaded guilty to conspiracy to commit espionage by giving the Russians a maintenance manual, technical details and key lists for the KL-7 crypto system. The government dropped three other counts under a plea agreement. He was sentenced to life imprisonment. In 2002, Joseph Helmich died in prison at the age of 65.

Clear Signs and Warnings 

This was a textbook spy case that could have been avoided. People with security clearance who can't handle money are always a risk because money is an important incentive to espionage. If such person nevertheless gets affluent, has no provable explanation and refuses a polygraph, then all bells should ring. You can either help to solve their problems or prevent access to classified information.

It's only due to a combination of circumstances that Helmich was thoroughly investigated. The source who tipped off the FBI, the criteria only fitted Helmich, records showed both wealth and debts, and his refusal of a polygraph. FBI counterintelligence then put its teeth in the case and had the patience to wait until he made a mistake. He did, and was caught. In the end, he paid dearly for having trivial financial problems and then solving them the wrong way.

Some newspapers reported that the FBI "stumbled" on Helmich when a Soviet KGB agent they were trailing met with Helmich to discuss a payment, "according to an American intelligence source". This was obviously a cover story to protect the well-placed source inside Soviet intelligence. Disclosing that information could have enabled Soviet counterintelligence to identify the mole.

Intelligence Documents

More Information on the KL-7

  • KL-7 in Service full history of the KL-7, its use by the U.S military, CIA, FBI, NATO and other allies, including many declassified documents.
  • TSEC/KL-7 detailed page with all technical details. 
 New York Times Press Releases

More on This blog

Tuesday, July 26, 2022

History of the TSEC/KL-7 Documented

 © Photo Dirk Rijmenants
The U.S. AFSAM-7 crypto machine, later renamed KL-7, was a 1950s marvel of technology that combined the latest cryptologic knowledge and electronics. Thanks to declassified documents we were able to compiled a fascinating history of the KL-7 that gives the reader an inside view on where and how the machine was used.
Although less known to the general public than the WWII German Enigma, this far more advanced rotor-based machine served three decades throughout the Cold War in nineteen countries with the military, state departments, intelligence agencies and civilians, and its history involves wars, intelligence and espionage.

In 1953 NSA proposed to share the KL-7 crypto-principle with their NATO allies to improve their communications security and interoperability. Although initially developed for the US Army, Air Force and Navy, the machine was quickly adopted by both CIA and FBI.

Plenty of declassified documents to reconstruct the KL-7 history.

Already in 1954 the CIA received its first AFSAM-7’s for testing. CIA's O&T Division planned the AFSAM-7 for mobile message centers and the machine was soon also installed in the CIA Signal Center. By 1955, all FBI offices, Quantico, the Seat of Government, the White House Signal Detachment and Air Force One were equipped with the AFSAM-7. Nice detail, several FBI documents are signed by “very truly yours,” J. Edgar Hoover.

The U.S. shared the KL-7 with its NATO allies but when the Cold War turned hot in Asia they also loaned the machine to South Korea, South Vietnam and the Republic China. The latter might sound a bit weird, but the Republic of China was formed in 1912 by the anti-communist Kuomintang. After the 1949 communist takeover they fled to Taiwan, today officially still called Republic of China.

Although the KL-7 had excellent cryptographic properties and even resisted known-plaintext attacks, its design and cryptographic principle was compromised several times. The KL-47 (Navy version of KL-7) was captures by the North Koreans when they seized the U.S. SIGINT ship USS Pueblo and quite a few KL-7's also fell into the hands of the North Vietnamese, who loved to share those goodies with the Soviets.

Operating the KL-7 (center). Image NSA

Vietnam was a hard lesson, also for the KL-7. One example was operation Silver Bayonet, the famous 1965 Battle of Ia Drang (depicted in the movie We Were Soldiers). That battle revealed the danger of  poor communications security. Documents from the 101st ASA Security Detachment analysis of that battle give an interesting insight on how the KL-7 wasn’t used as it should, and why too much tactical information leaked from open unencrypted communications.

Despite some massive compromises the KL-7 remained secure, even with all technical details disclosed, as longs as the secret daily key sheets from the KL-7 were not compromised. Unfortunately, U.S. Army Warrant Officer Joseph Helmich sold KL-7 keys to the Soviet GRU and U.S. Navy communications specialist John Walker caused tremendous damage by selling KL-47 keys to the Soviets for no less than 17 years.

The complete detailed history is found in the ‘KL-7 in Service’ section of my TSEC/KL-7 page, including many declassified documents. Dive into the spree of TOP SECRET NOFORN NSA, ASA, CIA, FBI and NATO papers. If you want to know all
technical details of the KL-7 and how it is operated, then read the full KL-7 webpage.

Call for Veterans! If you operated the KL-7, we're always interested to document and publish your experiences with the machine. We're not interested in classified information, only stories about where and how you worked with the KL-7 (the machine is declassified). Since the KL-7 retired 40 years ago, time is running out to preserve personal testimonies. Here's one example of published story (pdf). If you have a story, then contact us or spread the call.

Monday, May 02, 2022

Podcast Nuggets Episode 9

Click for more

It's been quite a while since the last podcast nuggets, due to the move of our website and other time consuming stuff, but again we have a selection of amazing interviews.

Learn to fly with Air America (spoiler, not for faint-hearted), think twice before using a secure cell phone, how was British turncoat Kim Philby in private, and how good were the German codebreakers during the Second World War?

COLD WAR CONVERSATIONS - Flying for the CIA’s Air America in South East Asia is quite a story. Pilot Neil Hansen applied in 1964 for a job with an airliner called Air America. As most people, he had never heard of that company, and they apparently only had three airplanes. He soon learned it was the CIA and his first flight was with the Chinese flag on the plane's tail. The next flight was a plane with all markings stripped off, and soon also "black" flights. From then on, it only got more exciting and more dangerous. Flights over Vietnam, Laos, and often very risky places to land or drop cargo. Make sure to check the show notes and videos underneath the interview.

DARKNET DIARIES - Secret Cells Jack Rhysider talks with Joseph Cox about crypto phones. If you want to have a really private conversation, don't use your smartphone. Dive into the shady world of secure cell phones. It sounds a great idea to have a secure phone to protect your privacy, but organized crime also loves secure phones. When Australian and Canadian police discovered that Phantom Secure phones were used in an assassination plot, they could not read the communications. When those Phantom phones also turned up in the United States, the FBI got involved and that started quite an extraordinary operation.

COLD WAR CONVERSATIONS - Charlotte Philby about her grandfather Soviet spy Kim Philby. From 1934 until 1963, British intelligence officers Kim Philby worked for the Soviet secret service as double agent. Edith Tudor-Hart was an Austrian-British photographer who brought Philby in contact with the KGB. In this interview, granddaughter Charlotte Philby talks about the research she did for her book "Edith and Kim". This includes her own private archive with letters from Kim Philby and secret files on Edith Tudor-Hart. Charlotte's visits to Philby in Moscow also give an insight in the private life of probably the most notorious British spy ever. See also the show notes photos and videos underneath the podcast.

HISTORY HACK - German Code-Breaking in WW2 is the hardly known history of the German signals intelligence and codebreaking organizations before and during the Second World War. Christian Jennings' book "The Third Reich Is Listening" finally sheds light on an almost forgotten part of the war. We all know the famous British codebreakers that cracked the German Enigma machine, but the Germans also had their successes. However, they also suffered from conflicts and distrust among the many different cryptologic services. The interview is a perfect introduction to Christian's book (see also my website book review)

Monday, March 14, 2022

Elite Box Challenge

We're exited to announce today the Elite Box Challenge, the successor of the 2007 Crypto Box Challenge. This new challenge will  be far more difficult. As before, it's your task to shuffle the rows and columns of boxes with text in such way that the original text appears. The challenge starts Friday, March 18.

The crypto boxes have more steps than the previous challenge, but also different ways the plain text is composed and processed, and there's one box with an unknown language. Also new this year, for each box you solve, you move one place higher in the Table of Honor, but it's up to you in what order you want to solve the boxes. You can start with the easiest or with the most difficult, if you can figure out which one is.

More steps, fractionation and different languages is a pretty hard nut to crack and not for the faint-hearted. The Crypto Box Tool and working out things on paper won't be enough to solve the Elite Box Challenge, as the complexity increases with the increase of steps, also unknown number of steps, and different languages means other statistics to apply. Again a most complex brain-teasing puzzle.

If you think you're up to it, and want to earn your place in the Table of Honor, then mark the date and prepare your attacks. The three texts are published this Friday.

More information

Thursday, February 17, 2022

Cipher Machines and Cryptology Moved!

Our website Cipher Machines and cryptology moved to a new location with new domain name! Visit the website at www.ciphermachinesandcryptology.com.

Despite the odd URL (users.telenet), the old website managed to attract 4.374.600 visits from across the world. I never expected this for an "obscure" subject as cryptography, hence the simple users storage server. The provider however recently decided to terminate the users web spaces, and we had to find another server and domain, but that's all past history now.

The old URL users.telenet.be/d.rijmenants is terminated permanently!

The new website has its own dedicated place on the www, but there's more. The website now supports https, making your visit secure and anonymous, as your connection is encrypted. Quite normal today, but https wasn't that common for non-commercial websites in 2004.
Important tip: If your browser reports that our website is unsafe to visit (it is safe) and your brower or system has not been updated for a while, then your SSL/TLS (for https) might be outdated. Update browser and system, and you'll be much safer on the Internet. You should see a little lock symbol in the address bar of your browser.

Finally moved to www.ciphermachinesandcryptology.com

The move also involved adjusting numerous links. The website runs smoothly, but given the many internal and external links, we might still have missed a few of them. If you encounter links or downloads that send you to the old "users.telenet" website, or some other glitch, just drop a note and we'll correct it.
Also, if you have issues, a hard refresh of the moody webpage might clear old html issues. And if you ever lose our address, simply remember good old Cipher Machines and Cryptology, with dot com... or simply visit this blog again ;-]

If you saved the old link in your bookmarkes or favorites, or published the link on a webpage or blog, make sure to change the old URL into the new www.ciphermachinesandcryptology.com. Much appreciated, as it can take weeks or even months before Google indexes a moved website completely, despite registering in their Search Console. Spread the news of the move!

If you ever wondered what a domain name actually is, and who's running the DNS or Domain Name System, then check this video from The Guardian. Well, thank you guys for keeping my new domain name safe. See also this post from The Guardian.