[an error occurred while processing the directive]
RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

US Central Intelligence Agency

Company

Content

Assets

Owners

+ Central Intelligence Agency (CIA)

The Central USA Intelligence Agency (CIA) is an agency of the US Federal Government whose main function is to collect and analyze information about the activities of foreign organizations and citizens. The main body of US foreign intelligence and counterintelligence. The activities of the CIA can be associated with the possibility of its official non-recognition.

The headquarters of the CIA, called Langley, is located in McLean, Fairfax County, Virginia, located near Washington.

The CIA is part of the U.S. Intelligence Community, run by the Director of National Intelligence.

Functions

The CIA Director's duties include:

  • Intelligence gathering through the agent network and other appropriate means. At the same time, the director of the CIA does not have police, law enforcement and subpoena powers, and also does not perform the functions of ensuring internal security;
  • Collating and evaluating national security intelligence and providing intelligence to relevant authorities;
  • General direction and coordination of the collection of national intelligence outside the United States through Intelligence Community intelligence sources authorized to collect information, in coordination with other departments, departments and bodies of the United States government. This requires ensuring the most efficient use of resources, as well as taking into account potential threats to the United States and all persons involved in intelligence collection;
  • Performing other similar functions and duties related to national security intelligence activities as directed by the President or Director of National Intelligence.

Unlike similar structures in many other countries, the CIA is officially a civilian organization. In this regard, the agents of this organization do not have military ranks, and the collection of intelligence is carried out by employees who have received tactical training.

Operationally and tactically, the most trained unit is the Special Activities Division (orig. — Special Activities Division). Consisting mainly of experienced veterans of such special forces of the US Armed Forces as Delta Force, Navy SEAL, etc.

Structure

Management and Directorates

The CIA structure for May 2009 looked like this:

  • The Intelligence Directorate is engaged in the processing and analysis of the resulting intelligence formation. The leader is the director of intelligence.

  • The National Secret Service (former operational directorate) solves tasks related to the collection of information by intelligence agents, organizes and conducts covert operations. The leader is the director of the national secret service.

  • The Scientific and Technical Directorate conducts research and development of technical means of information collection.

  • Directorate of Supply. Head - Supply Director.

  • The Center for the Study of Intelligence is engaged in the storage and study of historical materials of the CIA. Head - Director of the Center for the Study of Intelligence.

  • General Counsel's Office. Head - General Counsel. Employees of this department monitor the compliance of employees with the Constitution and laws, applicable rules and instructions.

  • Inspector General's Office. The leader is the inspector general. Appointed by the President of the United States with approval by the Senate. Independent of other departments and offices, reports directly to the director of the CIA. Carries out inspections, investigations and audits at CIA headquarters, in the field, and in foreign offices of the Office. Every six months he prepares a report for the director of the CIA, which he provides to the Intelligence Committee of the US Congress.

  • Public Relations Office. Head - Director of Public Relations.

  • The Office of Military Affairs provides intelligence support to the US armed forces.

Structure of the CIA Cyber ​ ​ Intelligence Center

In March 2017, the Foreign and Defense Policy Council published a report prepared by Oleg Demidov, a consultant to the PIR Center, on the CIA's largest data breach. An IT expert studied an array of data published on the WikiLeaks website and found out how the cyber division of the special services was arranged and what it was doing.

According to data obtained by WikiLeaks, the CIA's work on developing its own cyber potential is concentrated in one of five departments - the Directorate of Digital Innovation. Its key structure is the Center of Cyber ​ ​ Intelligence, whose competence included the development of the published "knowledge base" of the cyber agency and the direct development of the latter.

The activities of the Cyber ​ ​ Intelligence Center are divided into three main areas

The activities of the Cyber ​ ​ Intelligence Center are divided into three main areas: Computer Operations Group, Physical Access Group and Engineering Development Group. It was the latter who was engaged in the development, testing and maintenance of software contained in the leak.

Certain areas of software development were distributed between two subgroups and their nine departments as part of the Engineering and Technical Development Group. Among them - the department of mobile devices (Mobile Devices Branch; exploited vulnerabilities for smartphones), Automated Implant Branch; exploiting a vulnerability in a PC), Network Devices Branch; was responsible for creating network attacks on web servers). Embedded Devices Branch projects included the development of vulnerability exploits in the software of various smart devices, including TVs.

In 2013, the amount of funding for the Cyber ​ ​ Intelligence Center was $4.8 billion, and the number of its employees was 21 thousand people. Thus, the CIA can be considered the operator of the world's largest program for the development of state cyberarsenal, Demidov notes.[1]

The WikiLeaks report also notes that the intelligence structure USA has a division that develops malware software exclusively for Apple products. WikiLeaks explains that the share of phones working on iOS the global market is not so large - only 14.5% against 85% of the share of phones on. Android However, the devices iPhone are very popular among politicians, diplomats and business representatives.

From the published documents, it also follows that the American consulate in Frankfurt am Main is the "hacker center" of the CIA, which oversees the regions of Europe, the Middle East and Africa.

History

2024

Ex-CIA programmer gets 40 years in prison for data transfer for WikiLeaks

A court in New York sentenced former CIA programmer Joshua Schulte to 40 years in prison in the case of the largest leak of a series of top-secret materials. The press service of the US Department of Justice announced this on February 1, 2024. Read more here.

Analysts of the Russian department were banned from using Telegram for Internet intelligence

At the end of January 2024, information appeared that the Central Intelligence Agency (CIA) USA banned employees of its analytical department specializing in using Russia the messenger on Telegram personal computers. At the same time, analysts of the department are showing interest in this cross-platform instant messaging system, since it is used by many Russian military bloggers.

According to Bloomberg, CIA analysts are also prohibited from taking personal electronic devices with them to their workplaces. Therefore, if an employee needs to use Telegram, he has to leave the premises. Such measures are aimed at ensuring security and preventing possible data leaks.

The CIA has banned employees of its analytical department specializing in Russia from using the Telegram messenger

It is noted that the Internet in the public domain contains a huge amount of various information that may be of interest to American special services: from publications on social networks and videos on YouTube to messages in instant messengers, including Telegram, and data on the location of users' gadgets. The problem is that it is necessary to collect, analyze and weed out colossal amounts of data.

The CIA's Open Source Enterprise (OSE) unit, which is responsible for public data-based intelligence, has developed a tool similar to ChatGPT that uses artificial intelligence to filter an ever-growing stream of information. This tool points analysts to the most important information and automatically summarizes the content. As of the end of January 2024, it is not specified whether the CIA plans to use its AI system to scan messages on Telegram. However, the solution is said to be available to "thousands of users in the federal government."[2]

Also, the CIA has difficulties coordinating between intelligence structures operating autonomously and by their standards. The way out may be a separate specialized OSINT agency, which, among other things, will be engaged in daily informing politicians about the situation.

Through the entire article, the red line passes the idea that today OSINT already acts as an independent type of intelligence, and not just an addition to existing ones. Therefore, awareness of its significance will expand the possibilities for collecting, systematizing and analyzing useful information.

2023

Preparation of an AI tool for intelligence agencies for processing data from open sources

In September 2023, it became known that the American special services will receive their own tool in style. ChatGPT It is part of state a wider campaign to harness AI opportunities and compete with, China which aims to become a world leader in the field by 2030.

The CIA is preparing to implement a feature similar to the well-known OpenAI program, which, according to department officials, will use artificial intelligence to provide analysts with better access to open sources of information. The program will help sift through huge amounts of available data. The CIA's Open-Source Enterprise division plans to provide intelligence agencies with its AI tool soon.

Participation in the conflict in Ukraine

"The CIA is actively involved in the war, without violating the main promise of the Biden administration that the US military will not directly participate in the conflict," Newsweek wrote in July 2023.

CIA officers are constantly in Ukraine, but their activities are strictly regulated, and the number is limited.

Their tasks include working with weapons, communication with Ukrainian special services, control so that "the situation does not go beyond certain limits."

The CIA oversees significant amounts of American military assistance to Kyiv, which are kept secret.

The intelligence agency is not only working to help Ukraine (mostly by passing on intelligence), but is also trying to figure out "Putin's true plans."

CIA created a Telegram channel to recruit Russians

On May 13, 2023, the Central Intelligence Agency (CIA) USA created a Telegram channel for recruiting Russians.

File:Aquote1.png
The CIA is establishing a presence on Telegram for the first time - to contact those who feel obliged to interact with the CIA and make sure they know how to do it as safely as possible, this channel said.
File:Aquote2.png

CIA created a channel in Telegram to recruit Russians

A video in Russian was also published there with instructions on how to contact the CIA anonymously. The post, which follows the video, claims that the CIA is interested in "information about the economy or the top leadership of the Russian Federation." As noted by CNN, CIA workers associated with the channel and content expect to receive from Russian citizens "the information that the United States needs."

One CNN source noted that the CIA video posted on the Telegram channel and other social networks "is not intended" to incite or incite unrest among the "wider segments of the population." As the TV channel reminds, a similar video with instructions for Russians wishing to contact the CIA, the special service published in the spring of 2022.

Russian Foreign Ministry spokeswoman Maria Zakharova called the CIA Telegram channel for recruiting Russians a very convenient resource for tracking applicants. Her assessment was made in a conversation with RBC.

The Federation Council, in turn, warned that Russians who are abroad were under threat of recruitment from the CIA, MI-6 and Ukrainian intelligence.

File:Aquote1.png
Countering this kind of activity also requires hard and professional work, including proper mobilization of the public within the country, of course, in strict accordance with the current legislation, - said the report of the interim commission of the Federation Council to protect sovereignty and prevent interference in the internal affairs of Russia.[3]
File:Aquote2.png

CIA announced the recruitment of Russians who oppose the special operation in Ukraine

At the end of November 2022, it became known that the CIA is considering the possibility of recruiting citizens of the Russian Federation who are dissatisfied with the current geopolitical situation.

According to The Wall Street Journal, CIA Deputy Director for Operations David Marlowe spoke about the relevant plans. It is noted that the negative attitude of a number of Russians to the special operation creates fertile ground for recruitment. Marlowe's statements came during his speech at a think tank at George Mason University. Linda Weissgold, the CIA's deputy director of analysis, also commented on the situation. Her unit is responsible for preparing special reports (including intelligence reports), as well as providing important information to US President Biden and other high-ranking officials.

According to the CIA, the negative attitude of a number of Russians to the special operation creates fertile ground for recruitment
File:Aquote1.png
We are looking all over the world for Russians who do not like this [the current geopolitical situation] as much as we do. That's why we're open to cooperation, "Marlowe said.
File:Aquote2.png

Marlowe's remarks echoed similar sentiments from former senior CIA officers pointing to the possibility of recruiting "disgruntled servicemen and oligarchs whose fortunes have been shaken by sanctions, as well as businessmen and others who have left the country." How many citizens of the Russian Federation managed to recruit CIA agents, nothing is reported. However, Marlowe stressed that Western intelligence agencies should take maximum advantage of the current geopolitical situation.

Resource Business Insider notes that Marlowe's statements came after a senior British intelligence official said that in 2022, European countries expelled more than 400 Russian officials suspected of espionage.[4]

Asking non-state companies for help spying on US borders

In mid-March 2023, CIA Deputy Director David Cohen called on private companies and organizations to work more actively with the department to strengthen US intelligence capabilities.

According to Bloomberg, Cohen expects to interact with companies with experience in areas such as wireless technology, quantum computing, biotechnology and semiconductor technology. This will help the United States keep up with other states in the fight against Internet manipulation and widespread surveillance.

CIA expects to interact with private companies
File:Aquote1.png
Increased espionage is exactly what you need and deserve. If you have good ideas, we will be happy to hear, "said the deputy director of the CIA.
File:Aquote2.png

The agency acknowledged that it faced a number of challenges in terms of introducing advanced technologies. This is the use of artificial intelligence to analyze the behavior of opponents and the search for technological methods to help agents go unnoticed in conditions of total surveillance. The agency is concerned about financial fraud on the part of other countries, which have a negative impact on the country's economy. The CIA is forced to focus efforts on the threat to economic stability posed by foreign adversaries. At the same time, Cohen emphasized, it is the technology sector that is one of the main engines of the US economy.

At the same time, Jennifer Ewbank, deputy director of the CIA for digital innovation, said that in this situation, the agency is more vulnerable than ever before, since countries such as China have significantly expanded their capabilities in terms of surveillance and espionage activities.

File:Aquote1.png
We want to dig into your brains - of course, not literally, - joked Eubank, whose words are quoted by Bloomberg.[5]
File:Aquote2.png

Blocking the CIA website in Russia

At the end of January 2023 Roskomnadzor , he blocked Russia access to the sites of the Central Intelligence Agency, Federal Bureau of Investigation as well as platforms for combating terrorism and counterintelligence. State Department USA More. here

2022

Participation in the explosion of the Russian Nord Stream gas pipeline

In February 2023, journalist Seymour Hersh said that a decompression chamber for Norwegian divers, who, according to him, undermined the Russian Nord Stream gas pipelines, was provided for training by CIA representatives. To install explosives at a depth of 260 meters, divers trained in the waters of the Baltic Sea somewhere between Denmark and Sweden.

Elimination of al-Qaeda leader Ayman al-Zawahiri in Kabul

Айман аз-Завахири

On August 1, 2022, US President Biden announced the elimination of the leader of the al-Qaeda terrorist organization (banned in Russia) Ayman al-Zawahiri during a special operation conducted by the CIA.

On Sunday, July 31, at 06.18 local time, a residential building in the Sherpur area in the Afghan capital Kabul was hit by Hellfire missiles from the MQ-9B UAV. Ayman al-Zawahiri, who was on the balcony at the time of the strike, was hiding in the building. For more details, see al-Qaeda.

Nand Mulchandani Takes Technical Director Position

On May 1, 2022, CIA Director William Burns announced the appointment of a Silicon Valley entrepreneur as the agency's first-ever chief technology officer. Nand Mulchandani - co-founder and head of several tech startups, as well as serving as chief technology officer and interim director of the Pentagon's Joint Center for Artificial Intelligence - will take up the newly formed position until the end of summer 2022. Read more here.

La'Naya Jones is the CIA's new CIO

In mid-March 2022, the U.S. Central Intelligence Agency named La'Naya Jones as its new Chief information officer. Before worked as deputy Chief information officer, as well as executive director for information exchange and protection at the National Security Agency (NSA). Read more here.

2021: Chinese artificial intelligence has become an obstacle to the work of CIA agents in the country

According to current and former officials, published by November 10, 2021, the rapid development of technologies in the PRC, including artificial intelligence, is increasingly impeding the work of CIA agents in the country. Read more here.

2020

Launch of CIA Labs unit for blockchain research

In mid-September 2020, it became known that the Central Intelligence Agency USA () CIA opened a new research unit. CIA Labs It will be engaged in the study blockchain of -technology, as well as, and,, artificial intelligence virtual augmented reality quantum computing biotechnology. More. here

CIA named the cause of the largest leak of classified data on cyber weapons in history

In mid-June 2020, it became known about the largest cyber weapons data leak in history (known as the WikiLeaks project called Vault 7), which occurred at the CIA in 2016. Classified information was publicly available due to the negligence of employees of the elite unit, which was focused on creating a new cyber weapon to the detriment of increasing the level of security of computer systems, reports The Washington Post, citing an internal CIA report written in 2017.

According to the text of the document, the CIA may never have learned about the fact of the data leak if WikiLeaks had not released the information.

In mid-June 2020, it became known about the largest cyber weapons data leak in history (known as the WikiLeaks project called Vault 7), which occurred at the CIA in 2016
File:Aquote1.png
"If the data were stolen by the enemy state or never published at all, then we could not have known about the leak," the newspaper quoted the findings of the task force.
File:Aquote2.png

According to the authors of the report, the exact size of the stolen information could not be established. It probably reaches 34 TB, or 2.2 billion pages. It is noted that the level of the security system developed by the CIA cyber unit was "terribly weak."

The defendant in the leak case is former CIA officer Joshua Schulte - it is believed that he accessed confidential files using his work computer and then transferred them to WikiLeaks. Schulte is charged with thirteen episodes, the cumulative punishment for which is 135 years in prison.

There, a CIA data leak made it clear that the department was working on a kind of cyber weapon that allowed it to hack into other people's systems, devices and programs.[6]

CIA spokesman Tim Barrett, after a request from The Washington Post, refrained from commenting on the published report, but stated the following:

File:Aquote1.png
The CIA uses the best technologies of its kind to always be one step ahead of constantly developing cyber threats.
File:Aquote2.png

CIA suspected of 11-year cyber espionage against China

  • the company The Chinese INFORMATION SECURITY Qihoo 360 released a report linking the Central Intelligence Agency (USA CIA) to a long-term cyber espionage campaign targeting Chinese industrial and government organizations. This became known on March 4, 2020. The campaign continued between September 2008 and June 2019 and most of the targets were located in, Beijing Guangdong and Zhejiang, the researchers said.

The spy campaign was discovered during the analysis of samples harmful ON and their comparison with tools from the CIA arsenal released by the portal WikiLeaks in 2017. Former CIA officer Joshua Adam Schulte handed over classified documents to WikiLeaks in 2017, which released them as part of the Vault 7 project. Of these, it became known that the CIA exploited vulnerabilities in the software to connect to and, operating systems Android iOS as well as to the "smart." to TVs Samsung

According to Qihoo 360, CIA-developed hacking tools such as Fluxwire and Grasshopper were used by the APT-C-39 group against Chinese companies back in 2010.

According to experts, some CIA tools are associated with the National Security Agency (NSA). In an attack on a major Internet company in China in 2011, the APT-C-39 group used a WISTFULTOOL plugin developed by the NSA.

Analysis of malware compilation dates is a common method in the study of APT groupings. During the study of the compilation dates of the obtained samples, experts found out that the activities of malware developers coincide with the US time zone.

Attempts to attack China's energy sector, research centers, Internet companies and government agencies were also recorded. The Qihoo 360 team believes that the United States is interested in the aviation industry primarily because of the ability to track the movement of "important persons" by the[7].

US and German intelligence agencies have been monitoring 120 countries' correspondence for 50 years, controlling Crypto AG

On February 11, 2020, it became known that the US Central Intelligence Agency (CIA) and the German Federal Intelligence Service (BND) read secret correspondence in 120 countries for more than 50 years. To do this, they used the equipment of the Swiss company Crypto AG. Read more here.

2018: Mike Pompeo named secretary of state, Gina Haspel at CIA head

In March 2018, the president USA Donald Trump announced the resignation of Secretary of State Rex Tillerson and appointed former CIA chief Mike Pompeo to replace him. For the first time in history, the president nominated a woman for the vacant seat. Ginu Haspel

2017

Vault 8 leak

On November 9, 2017, Wikileaks announced the continuation of the[8], Which was called Vault 8. Under this name, Wikileaks will upload the source codes of government malware and tools that the Vault 7 cycle previously described.

CIA disguises its malicious software as Kaspersky software

Malware, with the help of which the Central Intelligence Agency (CIA) USA extracted information from other people's computers, disguised itself as products. " Kaspersky Lab The disguise was carried out by a special tool called Hive, the source code of which was just made public by the resource WikiLeaks as part of the Vault 8 project [[9]

Even if the owner of a foreign computer discovered that an implant was working on his device - malware extracting information - thanks to Hive, the user could not connect his work with the CIA. When the owner of the computer checked which servers on the Internet the implant transmits information to, Hive masked communication ON with the servers of the department. In fact, the tool is a hidden communication platform for malware the CIA, through which it sends the obtained data to the department and receives new instructions, writes WikiLeaks.

At the same time, when malware is authenticated in the CIA server system, digital certificates are generated that simulate the ownership of software by real manufacturers. Three samples present in the source code published by WikiLeaks forge Kaspersky Lab certificates from Moscow, allegedly signed by a trusted Thawte Premium Server certificate in Cape Town. If the user who detects the implant tries to understand where the traffic from his network is going, he will think not at the CIA, but at the specified software manufacturer.

The Lab responded to the WikiLeaks publication with the following comment: "We examined the statements that were published on November 9 in the Vault 8 report and can confirm that the certificates that mimic ours are not real. Kaspersky Lab keys, services and clients are secure and have not been affected. "

Server system

Hive performs a number of operations using implants acting on the computer, with each operation registered in a harmless-looking cover domain. The server on which the domain is located is rented from commercial hosting providers as a virtual private server (VPS). Its software is customized to CIA specifications. These servers are the public facade of the CIA server system, and then they transmit HTTP (S) traffic via a virtual private network (VPN) to a hidden server called Blot.

If someone enters the cover domain, he shows the visitor completely innocent information. The only alarming difference is the infrequently used HTTPS server option called Optional Client Authentication. Thanks to it, authentication is not required from the user viewing the domain - it is not required. But the implant, having contacted the server, passes it necessarily so that it can be detected by the Blot server.

Traffic from the implants is sent to an implant operator control gateway called Honeycomb, while all other traffic goes to a cover server that delivers harmless content accessible to all users. In the process of authentication of the implant, a digital certificate is generated, which simulates the ownership of software by real manufacturers.

Development of 137 AI projects

The US Central Intelligence Agency does not have time to process a large amount of data and relies on artificial intelligence (AI). US intelligence is actively working on 137 AI projects, CIA Deputy Director Dawn Meyerriecks noted in September 2017.

These[10] projects] cover a wide range of problems, from predicting events by finding correlations in data and by other features to automated facial and video recognition, the[11].

AI offers intelligence services a wide range of capabilities - from battlefield weapons to the ability to recover a computer system after cyber attacks. The most valuable for intelligence services is the ability of AI to detect significant patterns in social networks.

Intelligence has previously collected data from social media, said Joseph Gartin, head of the CIA's Kent School. The innovation consists in the volume of processed data, as well as the speed of information collection, Gartin emphasized.

After 20 years, it will take 8 million analysts to manually analyze images from commercial satellites, said Robert Cardillo, director of the National Geospatial Intelligence Agency. According to him, the goal is to automate 75% of the tasks.

SMS Output Tool

In mid-July 2017, Wikileaks published information about another cyberspace surveillance tool developed and actively used by the CIA. This time we are talking about the HighRise program, which disguised itself as the TideCheck application.[12]

The documentation at the disposal of Wikileaks states that the tool must be downloaded, installed and activated manually; in other words, to carry out a successful attack, you must either have physical access to the device, or in some way get potential victims to install the application themselves.

Wikileaks published information about the tool used by the CIA to output data via SMS

The second scenario is very unlikely: the user is required to open the TideCheck application, enter the password "inshallah" ("if Allah wishes") and select the Initialize option from the menu. After that, the program will automatically start and work in the background.

This program itself does no harm. Most likely, it was used by the CIA agents themselves as a gateway through which, in the form of an SMS message, data output from smartphones belonging to surveillance objects (and already infected with other malware) was redirected to CIA servers. [13] SMS was used in cases where Internet connections were unavailable.

At least, a significant part of these spyware for different platforms has already appeared in one way or another in Wikileaks publications as part of the Vault 7 campaign.

The last known version of the HighRise program at the moment - 2.0 - was released in 2013. It only works under Android 4.0-4.3. Since then, Google developers have significantly strengthened the security of their operating system, so HighRise will not start on later versions.

File:Aquote1.png
Cybercriminals successfully write malware for new versions of Android, so it will be logical to assume that the CIA already has something similar to HighRise, but successfully operating under later versions of the mobile OS, "said Ksenia Shilak, Sales Director of SEC Consult. - In any case, the leaked tool can theoretically be adapted for Android 4.4 and later versions and used for criminal purposes.
File:Aquote2.png

Symantec: CIA hacking tools used for 40 cyber attacks in 16 countries

In April 2017, the antivirus company Symantec named an approximate number of cyber attacks carried out using hacker tools used by CIA officers and which became known from the materials of the WikiLeaks website.

According to Symantec, over several years, at least 40 cyber attacks in 16 states (including countries in the Middle East, Europe, Asia, Africa, as well as the United States) were carried out using programs that were previously declassified by WikiLeaks.

Symantec confirms compliance between CIA cyber espionage tools and what WikiLeaks published
File:Aquote1.png
In one case, a computer was accessed in the United States, but within a few hours after that, a tool was launched to remove the program, which may mean that the infection was unintentional, the company said in a statement.
File:Aquote2.png

Symantec did not disclose the names of programs that could be used by the CIA or someone else for cyber attacks.

Cyber ​ ​ espionage at the CIA was carried out by a special group, which was dubbed Longhorn at Symantec. Its participants infected the computer networks of government bodies of different states, also infected the systems of telecommunications, energy enterprises, as well as aircraft industry companies. The tool package, which was announced by WikiLeaks representatives, was used, according to Symantec, from 2007 to 2011.

Reuters notes that Symantec does not formally accuse the CIA of organizing hacks. However, the findings of computer security experts indicate that it was the US Central Intelligence Agency that was behind the attacks that the company is talking about.

At the same time, Symantec researcher Eric Chien says that the CIA tools described in WikiLeaks do not allow mass surveillance of users. The goals of the special services were government structures, and programs were used to ensure US national security, the expert added.[14]

Vault 7 leak is the largest in the history of the department

On March 7, 2017, the organization Wikileaks began publishing a secret archive of documents from the Central Intelligence Agency (CIA). USA The Vault 7 project should be the largest leak of confidential securities of the department.

The first publication was called "Year Zero" and contains 8761 documents and files from the closed network of the CIA Center for Radio Engineering and Electronic Intelligence in Langley.

"The
CIA recently lost control of much of its hacking arsenal, including malware, viruses, Trojans, zero-day exploits, malicious remote access systems, and related documentation. This exceptional collection of several hundred million lines of code grants its owners all the hacking power of the CIA. This archive, apparently, circulated without proper permission among former US government hackers and contractors, one of whom placed part of the archive at the disposal of Wikileaks. "

The dump contains only documentation, and the decision to avoid publishing and distributing ready-to-use cyber weapons, of course, was deliberate. Wikileaks believes that first you need to figure out how to properly study and neutralize these tools, taking into account the technical and political aspects of the problem. And only after that it will be possible to make them public.

However, the documentation published as a torrent file contains many interesting details. The documentation sheds light on hacking devices running iOS and, Android Samsung smart TVs, and also talks about what methods the special services use to intercept messages in, WhatsApp Telegram and Signal[15]

For example, the documents reveal details that the CIA stores information about a variety of 0-day vulnerabilities in Apple, Google, Microsoft and other large companies, putting the entire industry at risk.

They also talk about the Weeping Angel malware created by the Embedded Devices Branch (EDB) of the CIA, with the participation of specialists from their British MI5. With its help, intelligence agencies can infect smart TVs, Samsung turning them into spy devices. And although the installation of Weeping Angel, apparently, requires physical access to the device, the malware provides the special services with a variety of features. Here are just a few of them: Weeping Angel can extract browser credentials and history, as well as intercept information about WPA and. Wi-Fi The malware is able to inject fake certificates to facilitate man-in-the-middle attacks on the browser and gain remote access. Weeping Angel can also give the impression that the TV is turned off, when in fact it continues to work, and the built-in microphone "listens" to everything that happens around.

The documents mention Samsung F800 TVs, and also indicate that the CIA developers tested firmware versions 1111, 1112 and 1116. Most likely, Weeping Angel poses a danger to all models of the Fxxxx series.

The papers also indicate that many different mobile malware for iPhone and Android were created under the auspices of the CIA. Infected devices almost completely come under the control of government hackers and send data on geolocation, text and audio communications to the side, and can also secretly activate the camera and microphone of the device.

So, it is reported that in 2016 there CIA were 24 zero-day vulnerabilities for Android, as well as exploits for them. Moreover, the CIA finds and "works out" vulnerabilities both independently and receives from its colleagues, for example, FBI NSA or the British Center for Government Communications. It is zero-day vulnerabilities that help intelligence agencies bypass enciphering WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman, as data interception occurs before encryption has even started.

Prime suspect

In the case of the largest data breach in the history of the CIA, known as Vault 7, the main suspect appeared. According to The Washington Post in May 2018, citing court documents, it is former CIA officer Joshua Adam Schulte[16] been[17].

Classified intelligence material describing her hacking arsenal was stolen while the suspect was still working for the CIA, according to the documents. "The Government promptly obtained sufficient evidence to initiate an investigation into him. Several warrants were issued to search the defendant's home, "the documents said.

Be that as it may, according to the documents, the evidence received was not enough to formally charge. The suspect was charged in a different, unrelated leak case involving the distribution of child pornography. Due to lack of evidence of involvement in the leak of secret CIA documents, a former intelligence officer was charged with managing a server containing 54 GB of child pornography).

Schulte did run a public server but had no idea there was illegal material on it, according to advocates. As a result, the accused was found not guilty.

Until 2016, Schulte worked in a group of CIA development engineers. Thanks to his official position, he had access to thousands of intelligence documents that were handed over to WikiLeaks in 2017.

CIA stole Trojan from "Russian hackers"

The WikiLeaks resource published in April 2017 another package of secret documents of the Central Intelligence Agency (CIA), USA which contains 27 files. The publication took place as part of the Vault 7 project dedicated to the CIA's actions in the field. cyber security Documents tell about the Grasshopper platform - a tool for creating malware for hacking. OS Windows

Grasshopper contains a set of modules from which a configurable implant virus can be assembled. The behavior model of the virus is set depending on the characteristics of the victim's computer. Before the implant is introduced, the target computer is examined for which version of Windows is installed on it and which security software is used. If these parameters are suitable for the virus, it is installed on the device. When installed, the implant remains invisible to such well-known antivirus programs as MS Security Essentials, Rising, Symantec Endpoint and Kaspersky Internet Security[18]

One of the mechanisms of resistance of Grasshopper is called Stolen Goods. According to the documentation, the basis for this mechanism was the Carberp program - malware for hacking banking networks. Presumably, Carberp was developed by Russian hackers, CIA documents say.

Borrowing Carberp code was made possible by the fact that it was posted in the public domain. The CIA claims that "most" of the code was not useful to them, but the mechanism for maintaining stability and some components of the installer were adopted and modified for the needs of the department.

The reaction of the CIA, vendors and countries
The CIA refused to confirm the authenticity of the documents released by WikiLeaks, indicating only that the agency is collecting information abroad in order to "protect America from terrorists, hostile countries and other opponents." At the same time, the department categorically rejected suspicions of espionage for US citizens.

Russian Foreign Ministry spokeswoman Maria Zakharova said that the CIA's actions, if WikiLeaks information is correct, pose a danger and could undermine confidence between countries. Moscow calls on US intelligence agencies to give a full response to WikiLeaks accusations about US intelligence hackers.
The Chinese government is also concerned about leaked CIA cyber intelligence materials and calls on the United States to stop surveillance of other countries and cyber attacks, said Chinese Foreign Ministry spokesman Geng Shuang.
In
turn, the new Foreign Minister Germany Sigmar Gabriel, where, according to the WikiLeaks report, the CIA hacker center is located, said that the German authorities prefer to consider this information rumors.
Technology companies Apple, Samsung and Microsoft responded to the publication of confidential intelligence agency documents, saying that most of the vulnerabilities indicated in the report have been fixed in the latest versions of operating systems.
The developers of the Notepad++ text editor also announced the elimination of security holes used by the special services. Along with Google Chrome, VLC Media Player, Firefox, Opera, Thunderbird, LibreOffice, Skype and other programs, this software was included in the list of vulnerable applications that the intelligence service hacked using the Fine Dining system. It seemed to the user that the agent was running a video viewer (for example, VLC), showing slides (Prezi), playing a computer game (Breakout2, 2048), or even running an antivirus program (Kaspersky, McAfee, Sophos), in reality, while the "distracting" application is displayed on the screen, the computer system is automatically infected, viewed and extracted information
Reaction to leaked secret CIA documents

According to the Reuters news agency, citing unnamed Cisco employees, after the emergence of this leak, the company's leaders instantly attracted specialists from their various projects to find out how CIA hacking methods work, help Cisco customers fix their systems and prevent criminals from using the same cyber methods. Around the clock for several days, Cisco programmers analyzed CIA hacking tools, fixed vulnerabilities and prepared notifications for company customers about possible risks when operating equipment. It is noted that more than 300 models of Cisco products were under threat of hacking.

CIA spokesman Heather Fritz Horniak did not comment on the Cisco case at the request of Reuters and only noted that the department had "the goal of being innovative, advanced and on the front line in protecting the country from foreign enemies."

More - Cisco Systems

InfoWatch think tank explanation

There are about 3.5 million mobile applications in the world, and most of the programs for Android and iOS somehow broadcast user data outward.

Android:

  • 73% of applications send e-mail addresses of users;
  • 49% share names;
  • 33% transmits GPS coordinates;
  • 25% transmit the actual address;
  • 24% send device IMEI and other phone data.

IOS:

  • 47% of applications analyze and transmit location information to third parties;
  • 18% share usernames;
  • 16% are forwarded to the side of the email address (source: http://techscience.org/).

For example, the Flashlight application, which includes a flash of the phone's camera as a light source, automatically asks the user for access to contacts, SMS, location, microphone, photos, and so on. In 99% of cases, the user agrees to everything.

The largest stream of information about users is generated by applications for video broadcasts, instant messengers and social networks.

At the same time, the same Google, for example, establishes a direct ban for smartphone manufacturers: there are no services from Google - there is no access to the ecosystem and updates. This leads to massive market seizures on the one hand and the emergence of hundreds of firmware for different manufacturers on the other, which does not allow creating a universal data protection system. Smartphones consist of a large number of components that can work not only in the system, but also on their own, also forming the basis for the dual use of the device.

Now "under the hood" there are more than 3.4 billion smartphone users or more than a third of the world's population, and this figure is constantly increasing even though this market is close to saturation.

The coming era of "new mobility" also poses new threats. Smart TVs (Smart TVs) see and hear everything that happens indoors, transmitting sound and video, view logs, browser and application usage to unknown servers. Wearable devices, such as fitness trackers, transmit user IDs, health data, location and a tied device - a smartphone or tablet - to the manufacturer. Moreover, with the intensive development of wearable devices, there will be more and more such data.

And where private ends and corporate begins - with the development of smart things, these boundaries are erased, because the head of a commercial or state structure may have a personal tracker, smartphone, tablet or smartwatch during negotiations, and TVs and other smart devices are firmly established in the offices of many managers of various ranks.

The issue of creating its own component base and system software has long ceased to be just a matter of technological competition and has become one of the key for national security and global competitiveness of the country.

"Today, more than 40 million Russians are owners of Android and iOS phones," said Alexey Nagorny, CEO of InfoWatch Group. - In practice, this means that Google and Apple know about the location of a third of Russian citizens with an accuracy of 50 meters at any time, including their movements, periods of activity, social status, have access to their photos on devices, as well as to all personal data: full name, age, account numbers, communication circles, SMS and email correspondence. Moreover, the holders of these devices provide permission to collect this information themselves, "signing" user agreements. I am sure that one of the main tasks in the field of import substitution in the field of ICT should be to create an ecosystem of its own competitive consumer products that will not uncontrollably supply user data to our foreign partners. "

The leak of documents on Vault 7 once again proves that information of any level of secrecy can be compromised. The more secrets the company has, the more likely those secrets are to be revealed. The probability also increases depending on the number of users who have access to information. In other words, the CIA has too many secrets and too many people who have access to them. In such conditions, information leakage is just a matter of time.

Do not forget about the internal competition of the American special services, especially in light of the fact that back in 2001 the CIA gained a political and budgetary advantage over the US National Security Agency, forming its own hacker department of five thousand employees. As WikiLeaks reported, "the CIA created its own" NSA, "which did not report to almost anyone, and the agency did not need to publicly answer the question of how to justify the huge costs of maintaining such a competing structure."

The leak is also indicative in the sense that we do not even know how it happened, which channel was used to transmit information. But, interestingly, this is not important. Nine thousand electronic documents are easily placed on a flash drive, in the memory of a mobile phone, even in the RAM of a printer, from where especially advanced users can extract them. Simply put, the information transmission channel has long lost its significance as an important leak parameter.

It doesn't matter how many channels you control if there are still a hundred ways to move data beyond a secure perimeter. It is easier and more correct to control access to information and the actions of people who have access to it. Moreover, ideally, if actions are monitored both in connection with access to information and outside this connection - by implicit correlations and deviations.

And finally, we have once again made sure that even the most proven people in an organization that spends millions of dollars on its own security can be disloyal and cause tangible harm to both the organization and national security in general by their actions. The conclusion is simple - the company cannot have privileged users. It is fundamentally wrong to get system administrators, top management, even founders out of control. Even if a privileged user is loyal, he is just a person. That is, makes mistakes. And the cost of its errors, taking into account the level of access to information, can be very high.

Mike Pompeo named CIA chief

Since January 23, 2017, the post of CIA director has been held by Mike Pompeo, the representative of Kansas in the US House of Representatives (2011-2017).

2016: NBC reports CIA infiltration of Kremlin command systems

On October 15, 2016, NBC, citing intelligence sources, reported that the US Central Intelligence Agency (CIA) had begun to develop a secret cyber operation against Russia. According to the channel's interlocutors, in preparation for the operation, special services are developing hacking methods and choosing attack targets.

The operation, the newspaper clarifies, is being developed in response to "alleged Russian interference in the American presidential election." It is organized by a team from the CIA Electronic Intelligence Center, which includes hundreds of employees with a budget of hundreds of millions of dollars.

On November 5, 2016, the American television channel NBC reported that US hackers had infiltrated Russian telecommunications networks, the power supply system, and the Kremlin's control systems, making them vulnerable to secret American cyber weapons, which, if necessary, NBC[19].

According to the channel's interlocutors, the prepared cyber weapons will be used only in the event of a significant attack on the networks of the United States, which, according to them, is unlikely.

Moscow provides security measures for computer systems in Russia at a level that meets threats. This was stated by presidential spokesman Dmitry Peskov, commenting on NBC reports about the alleged penetration of American hackers into the Kremlin's command systems.

2015: The beginning of large-scale reforms of the special services of Ukraine under the leadership of the CIA

In October 2023, The Washington Post published a large article on the cooperation of the CIA with the SBU and the GUR.

The text briefly describes the scale of American participation in the reforms of the Ukrainian special services. Since 2015, Washington has allocated tens of millions of dollars for the purchase of advanced intelligence systems for them, personnel training, and the construction of new facilities.

With the beginning of close bilateral cooperation, a separate department for relations with the United States appeared in the SBU: the Americans feared the presence of deep Russian agent networks, so they created a separate structure in order to avoid leaks.

An even greater transformation has passed the GUR - the interlocutors of the publication from the CIA call him their child. Intelligence was reorganized from scratch by rejuvenating personnel who were trained in the United States and received advanced electronic surveillance, hacking and wiretapping systems.

In general, the message of the article boils down to the fact that in the person of the Ukrainian special services by 2022, the United States received an excellent working tool for a war with someone else's hands with Russia and not only it. A tool that can be used in any even dirtiest business, and which will bear all the costs.

2013: John Brennan named CIA chief

Since March 8, 2013, the post of CIA director has been held by John Brennan, who previously worked as an adviser to the president on countering terrorism.

Management structure for 2013:

  • Director of the CIA. Appointed by the President of the United States with approval by the Senate. Submits directly to the President.

  • Deputy Director of the CIA. Performs the functions of a director when the position of a director is vacant, or when the director is absent from the workplace. In 2013, Stephen R. Kappes held this position.

  • Assistant Deputy Director of the CIA. This position was created on July 5, 2006. The assistant deputy director performs all the functions that used to lie with the executive director of the CIA. For 2013, this position is held by Michael J. Morell.

  • Assistant Director of the CIA for Military Support

2006: CIA funds touch screen tweaks

The inventor of the touch screen, an engineer named E. A. Johnson, conducted the necessary research while working at the Radar Research Institute, a meaningfully named institution of the British government. This work was developed at CERN. The multisensory technology was subsequently monetized by Wayne Westerman and John Elias of the University of Delaware in the United States. They sold their company to Apple. And even at the last stage, the state played a role. Westerman's research grant was paid for by the U.S. National Science Foundation as well as the CIA.

1986: Arms sales to Iran bypassing sanctions to fund Nicaragua coup

Iran-Contra - operations to support the Contras against the Sandinista government in Nicaragua in the mid-1980s. Financing of the militants was carried out, among other things, through the supply of weapons to Iran, in violation of the arms embargo then imposed on Iran.

1982: Soviet gas pipeline explosion

US CIA officers have introduced a bug into Canadian software that managed gas pipelines. Soviet intelligence received this software as an object of industrial espionage and introduced it on the Trans-Siberian pipeline. The result was the largest non-nuclear explosion in human history, which occurred in 1982.

1979

Afghan Mujahideen Weapons Program

Operation Cyclone is a CIA program to arm Afghan mujahideen during the Afghan War (1979-1989). It is one of the longest and most expensive secret operations of the CIA. Funding for the program began at $20-30 million per year and by 1987 reached $630 million per year.

1979: Using journalists for espionage

The Soviet press criticizes American journalists for working for the CIA and espionage. Crocodile Magazine, 1979

1968

Silicone scrotum and spy pigeons

Photo of a spy pigeon used by the CIA in the 1960s during operations in the USSR.

The silicone scrotum was developed in the late 1960s for CIA pilots: it was assumed that in a silicone bag they would transport a walkie-talkie in case they were satisfied with a complete examination of the body. As practice showed, with such a check, the genitals did not pay much attention. But the development ended with the creation of a prototype, as it was not approved by the management. They decided to close the project at the presentation stage: the authorities were embarrassed by the process of putting on and removing the scrotum. They eventually decided to donate the remaining prototype to the International Espionage Museum in Washington.

1967: National Liberation Front of South Vietnam Elimination Programme

Operation Phoenix is a program carried out jointly with the police and special services of South Vietnam to eliminate the political structure of the National Front for the Liberation of South Vietnam.

1961: Failure to topple Fidel Castro in Cuba

The Bay of Pigs operation is a military operation to overthrow Fidel Castro's government in Cuba. On the morning of April 15, 1961, aircraft with the identification marks of the Cuban Air Force attacked Cuban airfields, but the Cuban military command replaced the aircraft with mock-ups in advance. On the night of April 17, a landing began in the Bay of Pigs area. The operation ended in failure (capture of most of the landing).

1957: Experiments on memory erasure with electric shock and infection of people with dengue fever

1957 - the famous CIA project "MK-Ultra." Experiments on the mentally ill, including the use of psychotropic drugs and experiments on memory erasure using electric shock.

In 1957, an experiment with dengue fever was conducted in Georgia on ordinary people.

1955: Experiments infecting humans with whooping cough

1955 - CIA experiment in Florida with whooping cough on ordinary people.

1954: Invasion and bombing of Guatemala to overthrow the president

Operation PBSUCCESS was a CIA-organized military invasion in 1954 to overthrow Guatemalan President Jacobo Árbenz. During the invasion, CIA mercenaries bombed Guatemalan cities. On June 27, 1954, President Arbenz was forced to resign, replaced by the pro-American Castillo Armas.

1949: Passage of the CIA Act

In 1949, the CIA Act was passed.

1947: Creation of the CIA. Roskow Hillenkotter - First Director

The Central Intelligence Agency was established in 1947 after the passage of the National Security Act, signed by US President Truman and effective September 18, 1947.

The CIA was created on the basis of the Office of Strategic Services (OSS), which operated during World War II, and assumed all the functions of the OSS. Rear Admiral Roskow Hillencotter was appointed the first director of the CIA.

Notes