Near the West German–East German Border
E. R. CAMPBELL, A CANADIAN army officer, deployed from Frankfurt during Able Archer with a secret mobile alternative war headquarters team. His job was to make sure that the deputy commander in chief of NATO forces in Germany could communicate with the commander over long distances, specifically about the need to use tactical nuclear weapons.1 It was the first time the unit had been deployed from headquarters during an exercise.
On the other side of the border, infantry battalion commanders from the Soviet Group of Forces in East Germany had been driven to their wartime staging area and set up camp around trenches a few kilometers from the border. The units were given a complete set of live ammunition—120 bullets for their AK-47s, three grenades, and two weeks’ worth of food.2 They had never experienced this type of deployment before.
Killianstädten
On day two of the live Able Archer exercise, Lee Trolan’s 501st’s radar and launch site buzzed with activity. Its command post, near the valley closer to the town, was locked down. From somewhere nearby, Soviet spies watched and listened. From mobile signals intelligence-gathering trucks disguised as common transport vans, they could intercept the 501st’s security team’s tactical voice communications. From 1,000 meters away, special transceivers could suck up all the electromagnetic energy coming from antennas on the base. Mated warheads gave off special energy signatures. These, too, could be picked up by the Soviets.
The Soviets had tapped into junction boxes for the German public telephone system, allowing them to listen to the encrypted hum of secure voice traffic from Heidelberg and other major command centers. To foil eavesdroppers, the National Security Agency had upgraded the cryptographic machines on either side of the telephone. To prevent the adversary from determining patterns of communication, noise—electronic gibberish—was pumped into the system, indistinguishable from actual scrambled voice conversations.3 But the Soviets had somehow managed to defeat this feature; they could tell the signal from the noise. If communications patterns changed, they’d know something was off.
They had also managed to determine which circuits were dedicated for the Emergency Message Authentication System (EMAS), over which NATO nuclear release orders were transmitted. Every hour, on the hour, the circuit would test itself by sending tiny encrypted bits to machine terminals located at the custodial sites, which would reciprocate, letting the system know that the line, in essence, was open. “We listened to the hourly circuit verification signal and believed we would recognize a release order,” a senior Soviet general said later.4
But the format for those release orders had just changed. Trolan had gone to school to learn the new one.
During the nuclear release portion of the exercise, on November 8 and 9, for the first time, the custodial units would receive Emergency Action Messages with that new format. The messages would be about twice as long as the old release orders.
The Soviets did not know that the message formats had been changed before the exercise.
And a newly formatted message, most likely, is what they heard after the command to “minimize” nonessential traffic was given over all the nets on November 8, the prelude to the nuclear release phase of the exercise.
A sudden change in communication patterns.
A period of silence.
Unusual activity involving mated warheads.
Three RYAN signs—all explicable within the context of Able Archer, but each one reading to the Soviet eavesdroppers as an indicator of high alert for headquarters.
Jeffrey Carney’s NSA station in Teufelsberg had a robust counter-foreign-intelligence function. Their antennas and dishes were often pointed in the direction of their own side to detect the enemy’s hidden transmissions. The NSA had also tapped into a cable line that fed into the KGB’s 16th Directorate SIGINT (signals intelligence) station near Karlshorst, East Berlin. From space, satellites could pick up encrypted messages, too. As with the Soviets and their targets in the 501st, the content of the message mattered less than the pattern of the transmissions. Whenever the Soviets had to smuggle a lot of information out of East Germany, the NSA could figure it out.5
In the early evening of November 9, as Trolan waited to practice the release procedures, there was a spike in burst communication from the mobile Soviet and East German signals intelligence units hidden in East Germany. And the British SIGINT agency detected an unusual amount of activity between KGB’s base in Karlshorst and Moscow.6
A nuclear release order might have four segments: an alphabetic flag word, which told the recipient what type of message it was; a coded series of digits corresponding to a specific action; a series of numbers that translated into the time the warheads had to be ready to be launched, and an authorization sequence, which, when decoded, would produce a series of digits that would unlock the weapons. A short one might look like this: X-STRIKE RED BRUSH 32F 2015 493823.
STRIKE RED BRUSH might mean “Open the safe for war.” X-STRIKE RED BRUSH would mean “Open the safe for an exercise.” (All exercise messages were prefaced with an X.)
Trolan and his NCO—an officer and an enlisted man, two different people—would use their own keys to open double-padlocked safes. Once the safes were open, Trolan and his NCO would grab its contents, called “cookies.”
They’d compare the code they’d received from the EAM—say 32F—with the code printed on the outside of a pack of cards sealed by tinfoil in plastic shells. They’d crack open the shell of the cookie and remove a thin laminated card. It had a six-digit number on it. That number, when merged with the authorization code, would give them the PAL, or Permissive Action Link, code.
The PAL code, when dialed in to the top of a can-like mechanism on the outside of the warhead, would unlock an electromagnetic plug that sealed the C4 explosives inside the W-31 off from the plutonium core. The Americans would then insert—or fuse—a firing pin into the warhead, completing the arming circuit.
The release of the PAL code always came with a window-of-use timeline—2015 in our message. (If the team missed that time-on-target window, it had to resecure the warhead by reinserting the PAL and then had to call HQ and tell them that it failed.7)
It was this type of Emergency Action Message—a “prepare for nuclear release” message—that “broke” but didn’t validate. Three hours after this first invalid message came in, after Trolan had processed a dozen or more messages with the right format, his lieutenant handed him another enciphered communication.
The two took out theirs grease pencils and code books and worked it through.
It, too, broke. It, too, used the old format, the format the Soviets were used to hearing.
Once again, Trolan called the duty officer. Once again, he was told that the incorrectly formatted EAM had not been sent by anyone there—that it was impossible for him to be reporting what he was reporting.
Trolan had been exercising nonstop for thirty-six hours at this point. The lids of his eyes were pouchy, his pupils bloodshot. But now he felt a jolt of energy
The mysterious messages had to come from somewhere. Whoever sent them had to have the current codebook. Whoever sent them had to know the old message format. He knew the Soviets knew the old format . . . so maybe . . .
He rang his own headquarters on a regular telephone line and tried to explain the problem without revealing classified information. He knew the Soviets and East Germans were listening. He didn’t want to alert them that the NATO Top Secret code might have been compromised.
But this time, the duty officer on the other end of the line cut him off. A unit in Northern West Germany had reported the same—they were getting messages that broke the code but wouldn’t validate because they used the old format. The messages might be spoofs—deliberately fake messages that an enemy might use to disable the communications system during war.
“Before the exercise had started, I would have responded to them,” Trolan said. “These messages didn’t go out to any other units. It was explicit—they were sent to my unit. I know they had the codes. That’s the only way to do it.”
The codes, from the NSA codebooks, classified TOP SECRET CRYPTO, with rows of numbers for offline decryption—were swapped out every month.
If the Soviets had the codebooks that month, they might have had them for other months, too. If they managed to obtain the codebooks, which, for all Trolan knew, were kept in vaults and transported by armed couriers, could they obtain the Permissive Action Link unlock codes, too?
“It made the hair on the back of my neck stand up,” he said.
As scary as that was to the twenty-six-year-old in charge of a dozen or so nuclear weapons with the firepower to incinerate a country, his next thought might have induced panic if he said it aloud. The microwave tower that shot its radio waves to Trolan’s crypto shack was two kilometers outside the outer perimeter of the base, in forestlands, near a hill. He could see it from the steps of the hut, its red-air obstacle light flashing.
No one could physically access his message system without interjecting themselves between that tower and the antenna that fed into his crypto shack. That meant that the Soviet spies trying to sabotage the American nukes were right there with him, within maybe a mile of his nuclear warheads, watching them, as he scanned the dark German night for them.
The next day, a military intelligence team arrived at the Killianstädten site and took custody of the suspect messages.
“You going to explain to me what just happened?” Trolan asked.
“Probably not,” he was told.
Trolan believes that the East German spies who were listening to his communications were confused, or maybe even panicked, when they tried to decrypt messages that used the new format.
“So, they began to inject the messages themselves to try and figure out if we had just done something like transferred from exercise to war.”
“We looked pretty warlike, right at that moment.”
“And if they were clamoring for information about a preemptive attack so that they could make a preemptive attack, they would throw everything they had at us,” he said.