CIA school curriculum. Tool for displaying data via SMS

© REUTERS, Toru Hanai/File Photo

Vault 7: Collection of CIA hacking tools published

Press release

On March 7, 2017, Wikileaks began publishing a new series of classified documents from the US Central Intelligence Agency. This collection of documents, dubbed "Vault 7" by Wikileaks, is the largest series of confidential documents on the CIA.

The first part of the collection, "Year Zero", contains 8,761 files from an isolated, highly secure network located at the CIA Cyber ​​Intelligence Center in Langley, Virginia. This is a continuation of the leaks published in February regarding CIA operations against French political parties and candidates in the run-up to the 2012 French presidential election.

The CIA recently lost control of the bulk of its hacking arsenal, including malware, viruses, trojans, weaponized 0day exploits (“zero-day vulnerabilities”), remote malware control systems and related documentation. This incredible leak, which includes several hundred million lines of code, provides its owner with the full CIA hacking arsenal. This archive appears to have been distributed in an unauthorized manner to former US government hackers and contractors, one of whom gave WikiLeaks a portion of the archive.

Year Zero showcases the true scope and direction of the CIA's global covert hacking program, its arsenal of malware and dozens of 0day exploits that have been used against a wide range of US and European devices and products, including Apple's iPhone, Google's Android, Microsoft's Windows, and even TVs. Samsung, which turned into microphones for recording conversations.

Since 2001, the CIA has enjoyed a political and budgetary advantage over the US National Security Agency. It became known that the CIA was creating not only its infamous fleet of drones, but also a secret force of a completely different kind of world coverage: its own large army of hackers. The CIA's hacking department exempted the agency from reporting its often controversial operations to the NSA (its main bureaucratic rival) in order to exploit the NSA's hacking potential.

By the end of 2016, the CIA's hacker division, formally part of the agency's Cyber ​​Intelligence Center, had more than 5,000 registered users and had managed to create more than a thousand hacker systems, trojans, viruses, and other weaponized malware. The scale of operations of this department of the CIA was so large that by 2016 the total size of their malware exceeded the size of the code that controls Facebook. Thus, the CIA created its own "NSA" that reported to virtually no one, and the agency did not need to publicly answer the question of how to justify the huge costs of maintaining such a competitive structure.

In a statement to WikiLeaks, the source writes about issues that urgently need to be brought up for public discussion, including the question of whether the CIA's hacking potential exceeds its powers, as well as the problem of public control over the agency. The source wants to initiate public discussions on the security, creation, use, distribution and democratic control of cyber weapons.

In the event that the agency loses control of one or another cyber weapon, it will spread throughout the world within seconds and can be used by adversary states, the cyber mafia and even teenage hackers.

WikiLeaks editor Julian Assange said: “There is a big risk of proliferation in cyberweapons development. The uncontrolled proliferation of such "weapons", stemming from the inability to contain them and their high market value, can be compared with the international arms trade. However, the meaning of Year Zero goes far beyond the choice between cyberwar and cyberpeace. These leaks are of exceptional political, legal and expert significance.”

Wikileaks carefully reviewed Year Zero and published a significant portion of the CIA documentation, while preventing the spread of “military” cyberweapons until there was a consensus on the technical and political nature of the CIA program and the methodology for how such “weapons” should be analyzed, disposed of and published.

Context

Russian hackers help Trump

07/25/2016
Wikileaks has also decided to edit and de-identify identifying information in Year Zero for detailed analysis. Among the data that was blacked out was data on tens of thousands of attacking and attacked systems in Latin America, Europe and the United States. While we are aware of the flaws in the results of either approach, we remain true to our publishing model and note that the number of published pages of the first part of Vault 7 (Year Zero) already exceeds the total number of pages of NSA documents submitted to Wikileaks by Edward Snowden and published in the first three years. .

Analysis

CIA malware attacks iPhone, Android and SmartTVs

CIA hacker programs and tools are created by the so-called Engineering Development Group (EDG), which operates as part of the Cyber ​​Intelligence Center, subordinate to the Directorate of Digital Innovation (DDI). DDI is one of the five main directorates of the modern CIA.

The EDG is responsible for the development, testing and operational support of all backdoors, exploits, trojans, viruses and other forms of malware used by the CIA in its covert operations around the world.

The increasing sophistication of surveillance technology brings to mind a 1984 image of George Orwell, but the "Weeping Angel" developed by the Embedded Devices Branch (EDB) infects SmartTVs by turning them into hidden microphones , is their most striking implementation.

The attack on Samsung's smart TVs was carried out in cooperation with the UK's MI5/BTSS. After infecting a TV, "Weeping Angel" puts it into a state of apparent shutdown so that its owner thinks it is off when the TV is actually on. In this mode, the TV acts as a listening device, recording conversations in the room and sending them over the Internet to a secret CIA server.

In October 2014, the CIA was trying to find ways to infect the control systems of modern cars and trucks with malware. The purpose of establishing such control is not yet clear, but it might allow the CIA to carry out murders that cannot be solved.

Department mobile devices(Mobile Devices Branch, MDB) has developed numerous programs to hack and control popular smartphones, allowing access to geolocation data, audio and SMS messages of the user, as well as covertly activating their camera and microphone.

Despite the fact that the iPhone's share of the global smartphone market is not so large (14.5%), a specialized division in MDB creates malware that allows you to infect, control and steal data from iPhones and other Apple products that run iOS, such as like an iPad.

The CIA's arsenal includes many "zero-day vulnerabilities" developed by the CIA, borrowed from the Government Communications Center, the NSA and the FBI, or acquired from cyberweapons developers such as Baitshop. Such attention to the iOS system may be due to the popularity of the iPhone among members of the social, political, diplomatic and business elite.

There is another division that specializes in Google's Android operating system installed in most smartphones from global manufacturers, including Samsung, HTC and Sony. Last year, 1.15 billion Android smartphones were sold worldwide. The Year Zero documents show that in 2016 the CIA already had 24 "military" 0day exploits that it developed on its own or acquired from the Government Communications Center, the NSA or from contractors.

These technologies make it possible to bypass the protection of popular “secure” messengers such as Telegram, WhatsApp, Signal, Wiebo, Confide and Cloackman at the system level, hacking smartphones and stealing audio and text messages even before they are encrypted.

CIA malware attacks Windows, OSx, Linux, routers

The CIA also goes to great lengths to infect and control the systems of Microsoft Windows users with their malware. Among the tools needed to do this are numerous local and remote "military" 0day exploits, viruses such as Hammer Drill that infect data stored on CD/DVD, viruses for USB drives, programs to mask data in image files and hidden areas of hard drives (Brutal Kangaroo) and to ensure further infection.

Most of these tasks are carried out by the Automated Implant Branch (AIB), which has developed several attack systems for automatic infection and control, such as Assassin (“Killer”) and Medusa.

Attacks on the Internet infrastructure and web servers are handled by the Network Devices Branch (NDB.

The CIA has developed automated multi-platform systems to infect and take control of Windows, Mac OS X, Solaris, Linux, and so on, such as HIVE and its related Cutthroat and Swindle, which are described below.

CIA "accumulated" vulnerabilities ("zero-day vulnerabilities")

Following Edward Snowden's NSA revelations, the US tech industry made a commitment from the Obama administration to promptly report all major vulnerabilities, exploits, bugs, and zero-day vulnerabilities to manufacturers such as Apple, Google, and Microsoft.

Serious vulnerabilities that go unreported to manufacturers expose vast numbers of citizens and critical infrastructure to the risk of being targeted by foreign intelligence or cybercriminals who discover these vulnerabilities themselves or hear about them from others. If the CIA can find these vulnerabilities, so can the rest.

The Vulnerabilities Equities Process, introduced by the Obama administration, is the result of a powerful lobbying campaign by American technology companies that risk losing their global market share due to real and perceived vulnerabilities. The government promised to report all vulnerabilities it discovered after 2010 promptly.

The Year Zero documents show that the CIA broke the Obama administration's promise. Many of the vulnerabilities in the CIA's arsenal are widespread and could have been discovered by intelligence agencies in other countries or by cybercriminals.

For example, one of the CIA malware featured in Year Zero is capable of infiltrating, infecting, and controlling both Android phones and iPhone software used or used to run the president's Twitter accounts. The CIA attacks these systems through vulnerabilities (zero-day) that the CIA has not reported to the manufacturers. But if the CIA can hack these phones, so can someone who somehow discovers this vulnerability. As long as the CIA hides these vulnerabilities from Apple and Google, who make smartphones, they cannot be fixed, and these smartphones can continue to be hacked.

These risks affect the general population, including members of the US administration, Congress, CEOs of leading corporations, system administrators, security experts, and engineers. By hiding vulnerabilities from manufacturers like Apple and Google, the CIA guarantees itself the ability to hack anyone, while exposing everyone to the danger of being hacked.

Cyberwarfare programs carry a serious risk of cyberweapon proliferation

Cyber ​​weapons cannot be effectively controlled.

While the proliferation of nuclear weapons can be contained at great cost and with massive infrastructure, cyber weapons, once created, are extremely difficult to control.

Cyber ​​weapons are just computer programs that can be stolen. Since they are entirely data, they can be copied without any effort.

Preserving such a "weapon" is especially difficult because the people who develop and use it have all the necessary skills to copy it without leaving a trace - sometimes using the same "cyber weapon" against the organizations that provide it. The high price of such programs is a powerful incentive for government hackers and consultants, since there is a whole global “vulnerability market” where copies of such cyberweapons can pay from a few hundred dollars to several million. Contractors and companies receiving such weapons sometimes use them for their own purposes, gaining an advantage over their competitors in selling "hacking" services.

Over the past three years, the US intelligence sector, made up of government agencies like the CIA and NSA and their contractors like Booz Allan Hamilton, has been the victim of an unprecedented number of leaks backed by their own employees.

Several members of the intelligence community, whose names have not yet been released, have already been arrested or prosecuted.

The most notable case was the conviction of Harold T. Martin, who was found guilty of 20 counts of disclosure of restricted information. The Justice Department said it was able to intercept 50 gigabytes of information from Harold Martin that he had access to while working on secret NSA and CIA programs, including the source code for many hacking tools.

Once one "cyber weapon" gets out of hand, it can spread around the world within seconds, and it can be used by other states, the cyber mafia, and even teenage hackers.

The US Consulate in Frankfurt is a secret CIA hacker base

In addition to its activities in Langley, Virginia, the CIA also uses the US Consulate in Frankfurt am Main as a secret base for hackers targeting Europe, the Middle East and Africa.

CIA hackers operating out of the consulate in Frankfurt (“Cyber ​​Intelligence Center for Europe” or CCIE) are issued diplomatic (“black”) passports and provided cover by the US State Department. Judging by the text of instructions for novice hackers, the actions of German counterintelligence may seem insignificant: “Knowing your legend by heart, you pass through German customs quickly, and the only thing they do is stamp your passport.”

Your legend (for the duration of this trip)

Question: For what purpose are you here?

Answer: I participate in technical consultations for the consulate.

In two previous publications, WikiLeaks offers a more detailed description of the methods used by the CIA during customs clearance and re-screening.

Arriving in Frankfurt, CIA hackers can travel without additional border checks to 25 European countries that are part of the Schengen zone, which has abolished passport and immigration controls at common borders - including France, Italy and Switzerland.

Some of the CIA's electronic attack methods are designed to operate in close proximity to the target. These attack methods allow access to highly tamper-resistant networks that are disconnected from the Internet, such as police databases of criminal records and drives. In these cases, a CIA officer or agent or NATO intelligence officer, acting in accordance with instructions, physically infiltrates the computer system of interest at the workplace. The attacker carries a USB drive containing malware designed for this purpose by order of the CIA, which is inserted into the computer of interest. The attacker then infects and immediately downloads the data to removable media. For example, the Central Intelligence Agency's Fine Dining system allows CIA agents to use 24 apps that serve as disguises to divert the attention of witnesses present. To these bystanders, the agent appears to be running a video viewer (eg, VLC), showing slides (Prezi), playing a computer game (Breakout2, 2048), or even running an anti-virus program (Kaspersky, McAfee, Sophos). But while the "distracting" application is displayed on the screen, the computer system is automatically infected, browsing and extracting information.

How the CIA dramatically increased the threat of cyberweapon proliferation

In order to achieve its goals, which are certainly among the most amazing in living memory, the CIA organized its covert regime in such a way that, in general, in terms of the market value of the Vault 7 project - malware used by the Agency as a tool for achieving these goals (nested programs + zero-day vulnerabilities), information interception posts (LP), as well as command and control systems (C2) - the CIA has no special legal mechanisms (legal grounds).

Why the CIA chose not to classify its cyber arsenal shows that concepts designed for military use are quite difficult to apply on the "battlefields" of cyber "warfare."

To attack its targets, the CIA typically needs its embedded codes to communicate with its control programs over the Internet. If all the programs used by the CIA—embedded codes, C2s, and interception posts—were classified, then CIA employees could be prosecuted or fired for violating rules against posting classified information on the Internet. Therefore, the CIA secretly decided not to classify most of its programs used for cyber espionage/cyber warfare. The US government cannot make them the subject of its copyright due to the restrictions imposed by the US constitution. This means that the creators of cyberweapons and computer hackers, having gained access to this "weapon", will be able to "pirate" freely, illegally copying it. The CIA has previously had to resort to data obfuscation to protect its secret malware.

Conventional weapons, such as rockets, can be launched to strike at the enemy (that is, launched into undefended territory). The proximity of the target or contact with it creates the conditions for the detonation and explosion of ammunition - including its secret part. Consequently, the military does not violate the requirements of secrecy by firing ammunition containing classified parts. The ammunition is likely to explode. If not, then this will happen through no fault of the gunner and against his will.

For the past decade, cyberattacks by the United States have been camouflaged using military jargon to gain access to Defense Department funding streams. For example, attempted "malware injections" (commercial jargon) or "programming" (NSA jargon) are referred to as "shooting"—as if guns were being fired or missiles were being fired. However, this analogy is highly questionable.

Unlike bullets, bombs, or missiles, most CIA malware is designed to "keep alive" for days or even years after reaching its "target". CIA malware doesn't "explode" when it hits a target, but rather infect it constantly. In order to infect a device, it is necessary to inject several copies of the malware into this device so that it is completely dependent on this malware in a physical sense. In order for the malware to extract data and send it to the CIA, or remain pending further instructions, it must be able to communicate with command and control systems hosted on CIA servers connected to the Internet. But such servers are usually not allowed to store classified information, so the CIA does not classify command and control systems.

A successful "attack" on a computer system of interest is not so much like shooting with weapons systems, but more like a series of complex maneuvers with assets in an attempt raider capture or the careful dissemination of rumors in order to gain control over the leadership of the organization. If comparisons can be made to military action, then defeating a target is perhaps akin to performing a series of military maneuvers near the territory of this object - including surveillance, infiltration, occupation and exploitation.

Evasion of examination and action bypassing anti-virus programs

A set of guidelines developed by the CIA outlines malware infection patterns that can help forensic experts, as well as Apple, Microsoft, Google, Samsung, Nokia, Blackberry, Siemens, and antivirus software companies, describe and protect against hacker attacks. .

In the instructions on the methods of conducting special events (Tradecraft DO "s and DON" Ts), the CIA provides rules for writing malicious programs that allow you not to leave identification marks that give reason to talk about the involvement of "the CIA, the US government, or its knowingly acting partners" in the conduct of " forensic expertise". Similar classified regulations apply to activities such as the use of encryption to hide the traces of a CIA hacker and the spread of malware, the description of attack targets and extracted data, as well as working with payloads and the presence of an object in systems for an extended period.

CIA hackers have developed and carried out successful attacks that bypass most of the most well-known anti-virus programs. They are documented in AV defeats, Personal Security Products, Detecting and defeating PSPs, and PSP/Debugger/RE Avoidance. For example, Comodo's antivirus program was overcome by injecting CIA malware into the Recycle Bin in Windows - since Comodo 6.x has a vulnerability (Gaping Hole of DOOM).

The CIA hackers discussed what mistake the NSA's Equation Group hackers made and how the CIA malware creators could have avoided similar mistakes.

Examples

The CIA's Engineering Development Division (EDG) control system contains about 500 different projects (only a few of them are designated "Year Zero"), each of which has its own subprojects, hacker programs and tools.

Most of these projects are related to tools used for hacking, infection ("injection"), control and extraction.

Another line of development is focused on the development and operation of Listening Posts (LP) and command and control (C2) systems used to establish communication and control of implants; special projects are used to attack specific equipment from routers to smart TVs.

Some examples of such projects are given below. FROM complete list projects described by WikiLeaks in Year Zero can be found in the table of contents.

UMBRAGE

The CIA's inept hacking poses a problem for the agency. Each technique he creates forms a kind of "fingerprint" that can be used by forensic investigators to identify a single source of various attacks.

This is analogous to finding traces of the same special knife on the body of different unrelated victims. The unique way of inflicting wounds creates suspicion that the same killer is involved in the murders. Once one of the kills in a chain is solved, the other kills are likely to be solved as well.

The CIA's Remote Devices Division, the UMBRAGE group, collects and maintains an impressive library of attack techniques "stolen" from hacking equipment manufactured in other countries, including the Russian Federation.

With the help of UMBRAGE and related projects, the CIA can not only increase the total number of types of attacks, but also divert the trail, leaving "fingerprints" of those groups whose equipment was stolen.

Among the UMBRAGE components are keyloggers, a collection of passwords, webcam information, destroyed data, long-term storage, granting privileges, providing stealth, avoiding anti-virus programs (PSP) and surveillance techniques.

fine dining

Fine Dining has a standard questionnaire, that is, a menu that CIA operatives fill out. Questionnaire used by the Department technical support agencies (OSB) in order to transform the requests of operatives into technical requirements for hacker attacks (usually by "seizing" information from computer systems) necessary for specific operations. The questionnaire allows the OSB to determine how to fine-tune the existing tools for the operation and pass this information on to the staff responsible for configuring the CIA's hacking software. The OSB functions as a link between the CIA operatives and the relevant technical support staff.

The list of possible targets in the collection includes "Asset", "Liason Asset", "System Administrator", "Foreign Information Operations" , "Foreign Intelligence Agencies" and "Foreign Government Entities". It is worth noting the absence of any information about extremists or international criminals. The "operations officer" should also clarify the characteristics of the target, such as the type of computer, the information system used, the Internet connection, the installed anti-virus utilities (PSP), as well as the list of file types to be seized, for example, office documents, audio, video, images or custom file types. The "menu" also requires information about whether the target can be re-accessed and how long the computer can be accessed before it is detected. This information is used by the JQJIMPROVISE software (see below) to configure a series of CIA hack programs to suit the specific needs of the operation.

Improvise (JQJIMPROVISE)

"Improvise" is a set of configuration, post-processing, payload tuning and execution vector selection tools for exploration/extraction tools supporting all major operating systems such as Windows (Bartender), MacOS (JukeBox). ”) and Linux (DanceFloor, “dance floor”). Its configuration utilities, such as Margarita, allow the NOC (Network Operations Center) to personalize tools based on the requirements of Fine Dining questionnaires.

HIVE is a multi-platform suite of CIA hacking software and related monitoring software. The project provides customizable implants for Windows, Solaris, MikroTik (used in Internet routers), as well as the technical base for Linux platforms and the Listening Post (LP)/Command and Control System (C2) to communicate with these implants.

The implants are configured to communicate via HTTPS with a security domain server; each operation using these implants has a separate protective domain, and the technical base can withstand any number of protective domains.

Each domain leads to the IP address of a commercial VPS (virtual private server) provider. The public server sends all incoming traffic over the VPN to the "Blot" server, which controls the actual connection requests from clients. This is the order for additional SSL authentication of the client: if it sends a valid client certificate (and only implants can do this), the connection is passed to the "Honeycomb" toolserver that communicates with the implant; if a valid certificate is not provided (which happens if someone accidentally tries to open a site with a secure domain), then traffic is directed to the security server, which sends it to an unsuspicious site.

The Honeycomb toolserver receives the seized information from the implant; the operator can also instruct the implant to execute work on the target computer, thus the toolserver acts as a C2 (Command and Control System) server for the implant.

Similar functionality (though limited to Windows) is provided by the RickBobby project. See the secret user and developer instructions for HIVE.

Frequently asked Questions

Why now?

In February, the Trump administration issued an executive order calling for a report on "Cyberwar" within 30 days.

While the report is delayed and heightens the importance of publication, it did not affect the publication date of the material.

Treatment

Names, addresses Email and external IP addresses were changed in the published pages (total 70875 changes) before the analysis was completed.

1. Other amendments: some information has been edited that does not relate to employees, performers, goals and other relations with the agency; for example, it concerned the authors of documentation for other public projects involved in the agency.

2. Personality vs. human: the corrected names have been replaced with user IDs (numbers) to enable readers to associate large volumes of pages with a single author. Given the correction procedure applied, one person may be represented by more than one identifier, but an identifier cannot correspond to more than one person.

3. Archive Applications (zip, tar.gz,…) replaced by PDF, which lists all file names in the archive. Once the content of the archive has been verified, it may be available; Until then, the archive will be edited.

4. Applications with other two-level content replaced with a hexadecimal content dump to prevent accidental activation of routes that may have been infected by CIA hacks. Once the content has been verified, it may become available; until then, the content will be edited.

5. Tens of thousands of links to routable addresses(including more than 22,000 in the United States), corresponding possible goals, hidden CIA listening servers, intermediary and test systems are being edited for further exclusive investigation.

6. Two-level files of non-public origin are only available as dumps to prevent accidental activation of CIA hacked files.

Organizational structure

The organizational structure is consistent with material published by WikiLeaks until now.

Since the organizational structure of the CIA below the directorate level is not publicly available, the placement of the EDG and its departments in the agency structure is reconstructed from the information contained in the documents that have been released to date. This can serve as a rough outline internal organization; please be aware that the revamped organizational structure is not fully represented and internal reorganizations occur frequently.

Wiki pages

"Year Zero" contains 7818 web pages from the group software's internal developments. The software used for this purpose is called Confluence and is the property of Atlassian. Web pages in this system (as well as in Wikipedia) have version histories, which provide an interesting insight into the evolution of a document over time; 7818 documents include the history of these pages with 1136 latest versions.

The order of the named pages at each level is determined by the date (the first being the earliest). Page content is missing if it was originally dynamically generated by the Confluence software (as indicated on the reconstructed page).

What time period is covered?

From 2013 to 2016. The sort order of pages within each level is determined by the date (the first is the most distant).

WikiLeaks got the date created/last updated by the CIA of each page, but technical reasons this information is not yet displayed. The date can usually be determined or approximated from the content and page order. If it is extremely important for you to know the exact time/date, please contact WikiLeaks.

What is Vault 7?

Vault 7 is a major collection of CIA material obtained by WikiLeaks.

When were the individual parts of Vault 7 received?

The first part was received recently and covers the whole of 2016. Details on other parts will be available at the time of publication.

Does each part of Vault 7 come from a separate source?

Details on other parts will be available at the time of publication.

What is the total volume of "Vault 7"?

This series is the most extensive publication on the intelligence agency in history.

How did WikiLeaks get each part of Vault 7?

Sources prefer that WikiLeaks not disclose information that could help identify them.

Is WikiLeaks worried that the CIA will take action against its employees to stop this series from being published?

No. This would be extremely counterproductive.

Has WikiLeaks collected all the best stories yet?

No. WikiLeaks intentionally kept hundreds of high-profile stories down, encouraging others to find them, and thus setting the benchmark for future stories in the series. Here they are. Take a look. Readers who demonstrate superior journalism skills may receive earlier access to future installments.

Won't other journalists outrun me in search of the best stories?

Unlikely. There are many more stories than there are journalists and academics able to write about them.

The materials of InoSMI contain only assessments of foreign media and do not reflect the position of the editors of InoSMI.

CIA, CIA(English) Central Intelligence Agency, CIA) is an agency of the US Federal Government whose main function is to collect and analyze information about the activities of foreign organizations and citizens. The main body of foreign intelligence and counterintelligence of the United States. The activities of the CIA are associated with the possibility of its official non-recognition.

The headquarters of the CIA, called Langley, is located near Washington DC in the city of McLean, Fairfax County, Virginia.

The CIA is part of the US Intelligence Community, which is led by the Director of National Intelligence.

Functions

The duties of the Director of the CIA include:

• Gathering intelligence information through a spy network and other appropriate means. At the same time, the director of the CIA does not have police, law enforcement or subpoena powers, and does not perform internal security functions;
• Comparing and evaluating the received intelligence related to national security, and providing intelligence information to the appropriate authorities;
• General direction and coordination of national intelligence gathering outside the United States through intelligence community intelligence sources authorized to collect information, in coordination with other departments, agencies, and agencies of the United States government. At the same time, it is necessary to ensure the most efficient use of resources, as well as taking into account potential threats to and all persons involved in the collection of intelligence;
• Performing other similar functions and duties relating to national security intelligence activities as directed by the President or the Director of National Intelligence.

Unlike similar structures in many other countries, officially the CIA is a civilian organization. In this connection, the agents of this organization do not have military ranks, and the collection of intelligence is carried out by employees who have received tactical training.

Operationally-tactically, the most prepared unit is the Department Special Events(original - Special Activities Division). Consisting mainly of experienced veterans of such special forces of the US armed forces as the Delta Force, Navy SEAL, etc.

Structure

Management and directorates

The structure of the CIA for May 2009 looked like this:

• The Intelligence Directorate is engaged in the processing and analysis of the received intelligence information. Head - director of intelligence.

• The National Secret Service (former Operational Directorate) solves the tasks related to the collection of information by undercover intelligence, organizes and conducts covert operations. The head is the director of the national secret service.

• The Scientific and Technical Directorate conducts research and development technical means collection of information.

• Supply Directorate. The head is the director of supply.

• The Center for the Study of Intelligence deals with the storage and study of historical materials of the CIA. The head is the director of the intelligence study center.

• Office of the General Counsel. Head - General Counsel. Employees this department monitor the observance by the employees of the Department of the Constitution and laws, existing rules and instructions.

• Office of the Inspector General. The leader is the Inspector General. Appointed by the President with the approval of the Senate. Independent from other departments and offices, reports directly to the director of the CIA. Performs inspections, investigations, and audits at CIA headquarters, in the field, and in foreign offices of the Agency. Every six months he prepares a report for the director of the CIA, which he submits to the Intelligence Committee of the US Congress.

• Public Relations Office. Head - director of public relations.

• The Office of Military Affairs provides intelligence support to the US military.

Structure of the CIA Cyber ​​Intelligence Center

In March 2017, the Council on Foreign and Defense Policy published a report prepared by PIR Center consultant Oleg Demidov and dedicated to the largest CIA data leak. An IT expert studied the data set published on the WikiLeaks website and found out how the intelligence service's cyber unit works and what it does.

According to data received by WikiLeaks, the CIA's work on developing its own cyber potential is concentrated within one of five departments - the Directorate of Digital Innovation. Its key structure is the Center of Cyber ​​Intelligence, whose competence included the development of the agency's published "knowledge base" on cyber tools and the direct development of the latter.

The activities of the Cyber ​​Intelligence Center are divided into three main areas: the Computer Operations Group, the Physical Access Group, and the Engineering Development Group. It was the latter that was involved in the development, testing and maintenance of the software contained in the leak.

Certain areas of software development were distributed among two subgroups and their nine departments within the Engineering Development Group. Among them - the department of mobile devices (Mobile Devices Branch; used vulnerabilities for smartphones), the department of automated software implants (Automated Implant Branch; using a vulnerability in a PC), the department of network devices (Network Devices Branch; was responsible for creating network attacks on web servers) . Projects of the Embedded Devices Branch included the development of exploitation tools for software vulnerabilities in various smart devices, including TVs.

In 2013, the amount of funding for the Cyber ​​Intelligence Center was $4.8 billion, and the number of its employees was 21,000 people. Thus, the CIA can be considered the operator of the world's largest program for the development of the state cyber arsenal, Demidov notes.

The WikiLeaks report also notes that there is a unit in the US intelligence structure that develops malicious software exclusively for Apple products. WikiLeaks explains that the share of iOS phones in the world market is not so large - only 14.5% against 85% of Android phones. However, iPhone devices are very popular among politicians, diplomats and business representatives.

From the published documents it also follows that the American consulate in Frankfurt am Main is a CIA “hacker center” that oversees the regions of Europe, the Middle East and Africa.

Story

2018

Mike Pompeo appointed Secretary of State, Gina Haspel at the head of the CIA

2017

Vault 8 leak

Even if the owner of a foreign computer discovered that an implant was running on his device - malware that extracts information - thanks to Hive, the user could in no way connect his work with the CIA. When the owner of the computer checked which servers on the Internet the implant was transmitting information to, Hive masked the software's connection with the agency's servers. In fact, the tool is a hidden communication platform for the CIA malware, through which it sends the obtained data to the control and receives new instructions, writes WikiLeaks.

At the same time, when malware is authenticated in the CIA server system, digital certificates are generated that imitate that the software belongs to real-life manufacturers. Three samples present in the source code published by WikiLeaks forge certificates from Kaspersky Lab in Moscow, allegedly signed by a trusted certificate from Thawte Premium Server in Cape Town. If the user who discovered the implant is trying to figure out where the traffic from his network is going, he will think not of the CIA, but of the specified software manufacturer.

The "Lab" responded to the publication of WikiLeaks with the following comment: "We have examined the statements that were published on November 9 in the Vault 8 report, and can confirm that the certificates imitating ours are not real. Keys, services and clients of Kaspersky Lab are safe and have not been affected.”

Server system

Hive performs a series of operations through implants running on the computer, each operation being registered in an innocuous-looking shell domain. The server on which the domain is located is rented from commercial hosting providers as a virtual private server (VPS). His software is customized to CIA specifications. These servers are the public facade of the CIA server system, and then they pass HTTP(S) traffic through the virtual private network(VPN) to a hidden server called Blot.

If someone visits a cover domain, he shows the visitor quite innocent information. The only troubling difference is an infrequently used HTTPS server option called Optional Client Authentication. Thanks to it, authentication is not required from the user browsing the domain - it is not required. But the implant, having contacted the server, passes it without fail so that the Blot server can detect it.

Traffic from the implants is sent to the implant operator's control gateway called Honeycomb, and all other traffic goes to the front end server, which delivers innocuous content available to all users. During the implant authentication process, a digital certificate is generated, which imitates that the software belongs to real-life manufacturers.

Development of 137 AI projects

The Central Intelligence Agency cannot keep up with the large amount of data and is relying on artificial intelligence (AI). US intelligence is actively working on 137 AI projects, CIA Deputy Director Dawn Meyerriecks noted in September 2017.

AI offers intelligence services a wide range of capabilities, from battlefield weapons to the ability to recover a computer system from cyberattacks. Most valuable to intelligence agencies is the ability of AI to detect meaningful patterns in social media.

Intelligence has previously collected data from social media, said Joseph Gartin, head of the CIA's Kent School. The innovation lies in the amount of data being processed, as well as the speed of collecting information, Gartin said.

In 20 years, manually analyzing images from commercial satellites will require 8 million analysts, said Robert Cardillo, director of the National Geospatial-Intelligence Agency. According to him, the goal is to automate 75% of the tasks.

Tool for displaying data via SMS

In mid-July 2017, the Wikileaks website published information about another tool for surveillance in cyberspace, developed and actively used by the CIA. This time we are talking about the HighRise program, which was disguised as the TideCheck application.

Documentation obtained by Wikileaks indicates that the tool must be downloaded, installed, and activated manually; in other words, to carry out a successful attack, it is necessary either to have physical access to the device, or in some way to get potential victims to install the application themselves.

The second scenario is very unlikely: the user is required to open the TideCheck application, enter the password "inshallah" ("if Allah wills") and select the Initialize option from the menu. After that, the program will automatically start and run in the background.

By itself, this program does not cause any harm. Most likely, it was used by the CIA agents themselves as a gateway through which, in the form of an SMS message, data retrieved from smartphones belonging to surveillance objects (and already infected with other malware) was redirected to the CIA servers. The SMS channel was used in cases where Internet connections were unavailable.

At least a significant part of these spyware for different platforms has already somehow appeared in Wikileaks publications as part of the Vault 7 campaign.

The latest known version of the HighRise program - 2.0 - was released in 2013. It only works under Android versions 4.0-4.3. Since then, Google developers have significantly increased the security of their operating system, so that HighRise will not run on later versions.

Cybercriminals successfully write malware for new versions of Android, so it would be logical to assume that the CIA already has something similar to HighRise, but successfully functioning under later versions of the mobile OS, says Ksenia Shilak, Sales Director at SEC Consult. - In any case, the leaked tool could theoretically be adapted to Android 4.4 and later and used for criminal purposes.

Symantec: CIA hacking tools used in 40 cyberattacks in 16 countries

In April 2017, the antivirus company Symantec named the approximate number of cyberattacks carried out using hacking tools used by the CIA and which became known from materials from the WikiLeaks website.

According to Symantec, over several years, at least 40 cyber attacks in 16 countries (including the countries of the Middle East, Europe, Asia, Africa, and the United States) were carried out using programs that were previously declassified by WikiLeaks.

Symantec did not disclose the names of programs that could be used by the CIA or someone else for cyber attacks.

Cyber ​​espionage for the CIA special group, which Symantec dubbed Longhorn. Participants infected computer networks government bodies of different states, the systems of telecommunications, energy enterprises, as well as aircraft manufacturing companies, were also infected. The package of tools that WikiLeaks said was used, according to Symantec, from 2007 to 2011.

Vault 7 leak is the largest in the history of the department

For example, the documents reveal details that the CIA keeps information about a variety of 0-day vulnerabilities in products from Apple, Google, Microsoft, and others. large companies putting the entire industry at risk.

The papers also talk about the Weeping Angel malware, created by the CIA Embedded Devices Branch (EDB), with the participation of specialists from their British MI5. With its help, intelligence agencies can infect Samsung smart TVs, turning them into spy devices. And although the installation of Weeping Angel, apparently, requires physical access to the device, the malware provides the intelligence services with a variety of options. Here are just a few: Weeping Angel can extract credentials and browser history, as well as intercept WPA and Wi-Fi information. The malware is able to inject fake certificates to facilitate man-in-the-middle attacks on the browser and obtain remote access. Weeping Angel can also give the impression that the TV is turned off, while in fact it continues to work, and the built-in microphone "listens" to everything that happens around.

The documents mention Samsung TVs F800, and there are also indications that the CIA developers tested firmware versions 1111, 1112 and 1116. Most likely, Weeping Angel is a danger to all models of the Fxxxx series.

The papers also indicate that under the auspices of the CIA, a lot of very different mobile malware for iPhone and Android was created. Infected devices almost completely come under the control of government hackers and send data on geolocation, text and audio communications to the side, and can also secretly activate the camera and microphone of the device.

So, it is reported that in 2016 the CIA had 24 zero-day vulnerabilities for Android, as well as exploits for them. Moreover, the CIA finds and “works out” vulnerabilities both on its own and receives from its colleagues, for example, the FBI, NSA or the British Center for Government Communications. It is zero-day vulnerabilities that help intelligence agencies bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman, since the interception of data occurs even before the encryption has worked.

Prime suspect

In the case of the largest data breach in the history of the CIA, known as Vault 7, a prime suspect has emerged. According to The Washington Post in May 2018, citing court documents, he is former CIA officer Joshua Adam Schulte.

According to the documents, classified intelligence files describing its hacking arsenal were stolen while the suspect was still working for the CIA. “The government immediately received enough evidence to initiate an investigation against him. Several warrants were issued to search the defendant's residence,” the documents say.

Be that as it may, according to the documents, the evidence received was not enough to bring a formal charge. The suspect was charged in another unleaked child pornography case. Due to lack of evidence of involvement in the leak of classified CIA documents former employee intelligence agencies were charged with operating a server containing 54 GB of child pornography).

According to the defenders, Schulte did manage the public server, but had no idea that it contained illegal material. As a result, the accused was found not guilty.

Until 2016, Schulte worked in a group of CIA development engineers. Thanks to his official position, he had access to thousands of intelligence documents, which were transferred to WikiLeaks in 2017.OS Windows.

Grasshopper contains a set of modules from which you can assemble a custom implant virus. The virus behavior model is set depending on the characteristics of the victim's computer. Before the implant is inserted, the target computer is examined to determine which version of Windows it is running and which security software it is using. If these parameters match the virus, it is installed on the device. When installed, the implant remains invisible to well-known antivirus programs such as MS Security Essentials, Rising, Symantec Endpoint and Kaspersky Internet Security.

One of Grasshopper's sustainability mechanisms is called Stolen Goods. According to the documentation, the basis for this mechanism was the Carberp program, malware for hacking banking networks. Presumably Carberp was developed Russian hackers, CIA documents say.

Borrowing the Carberp code was made possible by the fact that it was posted in open access. The CIA claims that "most" of the code was not useful to them, but the persistence mechanism and some components of the installer were adopted and modified for the needs of the agency.

The reaction of the CIA, vendors and countries

The CIA refused to confirm the authenticity of the documents released by WikiLeaks, indicating only that the agency is collecting information abroad in order to "protect America from terrorists, hostile countries and other adversaries." At the same time, the department categorically rejected suspicions of spying on citizens.

The official representative of the Russian Foreign Ministry, Maria Zakharova, said that the actions of the CIA, if the WikiLeaks information is correct, pose a danger and could undermine trust between countries. Moscow is calling on US intelligence agencies to give a full response to WikiLeaks' allegations of US intelligence hackers.

The Chinese government is also concerned about the leaked CIA cyber intelligence material and is calling on the US to stop surveillance of other countries and cyber attacks, Chinese Foreign Ministry spokesman Geng Shuang said.

In turn, the new German Foreign Minister Sigmar Gabriel, where, according to the WikiLeaks report, the CIA hacker center is located, said that the German authorities prefer to consider this information rumors.

Technology companies Apple, Samsung and Microsoft reacted to the release of confidential intelligence documents, saying that most of the vulnerabilities identified in the report are fixed in the latest versions of operating systems.

The developers of the Notepad++ text editor also announced the elimination of security "holes" used by the special service. Along with Google Chrome, VLC Media Player, Firefox, Opera, Thunderbird, LibreOffice, Skype and other programs, this software was included in the list of vulnerable applications that the intelligence service hacked using the Fine Dining system. It seemed to the user that the agent was launching a video viewer (for example, VLC), showing slides (Prezi), playing a computer game (Breakout2, 2048), or even running an anti-virus program (Kaspersky, McAfee, Sophos), in fact, so far a "distraction" application displayed on the screen, the computer system is automatically infected, viewed and information is extracted

Reaction to the leak of classified CIA documents

According to information Agency Reuters, citing unnamed Cisco employees, following the leak, company executives instantly brought in experts from various of their projects to figure out how the CIA's hacking methods work, help Cisco customers fix their systems, and prevent criminals from using the same cyber techniques. Around the clock for several days, Cisco programmers analyzed CIA hacking tools, fixed vulnerabilities, and prepared notifications for company customers about possible risks when operating the equipment. It is noted that more than 300 models of Cisco products were under the threat of hacking.

CIA spokeswoman Heather Fritz Horniak declined to comment on the Cisco case at the request of Reuters and only noted that the agency pursued "the goal of being innovative, advanced and at the forefront in protecting the country from foreign enemies."

• 47% of apps analyze and share location information with third parties;
• 18% share usernames;
• 16% forward to the side of the email address (

The CIA on its website opened free access to declassified documents, including reports on UFO research and telepathy. The results obtained under the Stargate program, in which the CIA “tested” Uri Geller, the famous British psychic, who became famous for publicly bending teaspoons and even tablespoons with his eyes, stopped the hands of the Big Ben clock, became public knowledge. ” in London, made stopped alarm clocks go off all over the world.

From the declassified documents it follows: Uri Geller demonstrated his abilities to scientists from the CIA, who in August 1973 experimented with him at Stanford Research Institute(Stanford Research Institute). The purpose of the experiments was to determine whether the subject actually possesses telepathic abilities, and whether they - these abilities - can be used for intelligence purposes.

To start, the scientists randomly selected a word from a dictionary. The choice fell on the word "firecracker", which they drew. Geller, who was sitting in another room, telepathically received this information. And he said that he "sees" something cylindrical that makes noise. But in the end, I drew not a firecracker, but a drum.

The first picture mentally sent to Geller from the CIA

Here is what Geller accepted and drew

The CIA officer drew a bunch of grapes. The "telepath" stated that he "sees" many, many round drops of some kind. And he drew a very similar bunch - both the conceived one and the reproduced one had the same number of berries. There were 24 of them.

Below - "transmission" from the CIA, above - "reception" by Geller

The experiments continued in the same spirit for a week. Uri Geller drew many pictures mentally sent to him. And reproduced most of them correctly. At least the plot. Very similar depicted a dove, kite. A little "let us down" with a camel - instead of a two-humped creature, Geller painted a horse.

CIA scientists suggested that the subject does not mechanically copy the lines of the picture “sent” to him, but reproduces it after he processes the information received in the brain.

Picture sent from the CIA

Geller drawing

The CIA concluded that telepathy is a real phenomenon. Nevertheless, the Stargate program was closed. The experiments ended in 1998. According to the official version, the abilities of psychics disappointed the scouts.

After all, it was assumed that telepathy could be used for covert transmission of information without any technical means - just from one person to another. But the accuracy of "reception" - especially with long distances- turned out to be low. The same Geller could not draw a suspension bridge, the image of which was "transferred" to him from another city. Although he correctly reproduced the outlines of one of the elements - a curved rope.

Bridge handed over from the CIA

In this form, the image of the bridge reached Geller

Almost failed and another attempt - to portray the devil. It turned out a set of different items. But among them was a trident, which was in the original picture.

Devil, mentally "sent" to Geller

Geller has only a trident left from the devil

How can one disagree with the CIA and not believe that telepathy does exist. And Uri Geller, who has demonstrated very convincing results, owns it to some extent.

A page from a previously classified CIA report on the results of experiments with Uri Geller

The journalists contacted Uri Geller, who now lives in Israel. And he said that the CIA declassified only a small part of the documents that related to his work for the secret services.

I did a lot for the CIA,” Geller said. - Once they asked me to go to the Russian embassy in Mexico City and erase - remotely - floppy disks obtained by Russian agents.

I was present not far from the places where politicians were holding important talks on nuclear deterrence, - the "telepath" confides. - And inspired: sign, sign!

According to Geller, one of the foreign intelligence agencies asked him to mentally stop the heart of a pig. Which he did, for some reason assuming that the far-reaching goal of this experiment was to remotely kill Andropov, who at that time headed the KGB.

And during the Cold War, it was “tested” in an atomic laboratory - they checked whether it could affect the rate of a nuclear reaction.

Allegedly, the Americans had the idea to telepathically influence Soviet atomic bombs in order to detonate them remotely.

Young Uri Geller: the picture was taken just in the year he joined the CIA

How such strange experiments ended, Geller did not say.

But he said that he was not at all embarrassed, to put it mildly, by the cool attitude on the part of skeptics - especially when he bent spoons. Like, the image of an eccentric magician served as an excellent cover for his main activity - espionage: both for the CIA and for the Mossad.

Translation from English.

Secret

US President Barack Obama

The White House

1600 Pennsylvania Avenue NW

Washington DC 20500

Copies:

U.S. Secretary of Defense Chuck Hagel,

1400 Defense Pentagon

Washington, DC 20301-1400

CIA Director John Brennan

Central Intelligence Agency

Washington, D.C. 20505

Dear Mr. President, I am sending you the strategic plan for the war with Russia developed by me in addition to the materials provided earlier by the CIA. I want to emphasize that I still do not intend to take part in CIA operations to spy on US senators and congressmen and political assassinations.

The strategic task of the United States is to destroy Russia as the main geopolitical enemy by dismembering it, seizing all resource zones and switching to governing the country through the government of liberal puppets. No fronts, no strategic operations and bombardments. The main instrument of aggression is a coordinated lightning attack on Russia by NATO troops, primarily by special forces and the "fifth column". The Russians must quickly find themselves in a new country - the Union of Independent States of Russia. The passive majority will remain silent, as in the collapse of the USSR. Iraq, Libya and Syria are not only a redistribution of the world and a war for oil, but also testing grounds for a war with Russia.

I phase of the war (informative)

1. Discrediting President V. Putin as a fascist dictator.

2. Encouragement of corruption and direct purchase of the political elite in Moscow and the regions.

3. Creation of the image of Russia as a fascist state. The fascist state of Russia is a threat not only to Europe, but to the entire world community.

The artificial fascistization of Russia's image in the eyes of the West should be carried out by liberal politicians, writers, public figures through compromising the role of the Soviet Army and the people in the main historical event of the 20th century - the victory in World War II. The war was a clash of two fascist dictators - Stalin and Hitler, and in today's Russia, President Putin revived dictatorship, the state supports Nazism in every possible way, the superiority of the Russian nation, declares its role in world politics as one of the leading nuclear powers. Russia's national security strategy allows for the possibility of delivering a preventive nuclear strike, which poses a mortal danger to world civilization. The people of Russia need to bring democracy.

Sp.: US State Department, CIA

II phase of the war (economic)

Complete economic and political blockade of Russia, provoking a sharp drop in world oil and gas prices in order to cause a crisis of power and the economy of the Russian Federation.

Sp.: US State Department, CIA, governments of NATO member countries, Saudi Arabia and other "oil" and "gas" countries.

Responsible: Secretary of State D. Kerry, CIA Director D. Brennan

III phase of the war (special and military operations)

1. Ukraine's entry into NATO, the deployment of American bases there. Even if Ukraine does not become a member of NATO, it must put its territory and airfields at NATO's disposal.

2. Complete reorientation of the vector of radical Islam towards Russia.

3. Anti-fascist (not "color") revolution, which will be supported by the world community.

4. The escalation of the revolution into a full-scale civil war. A sharp surge of provoked inter-ethnic clashes.

5. NATO's lightning-fast military operation after the means of communication in the army are disabled, with a peacekeeping function - to stop the civil war. In fact, in Moscow and St. Petersburg, it will be fired up by special forces. Disorganization of the system of state and military administration, a powerful attack on all types of electronic communications.

On X day, the army is paralyzed through bought generals in the Ministry of Defense and the General Staff, the generals must directly declare their refusal to obey the orders of the Commander-in-Chief, who has become a fascist dictator, and their intention to remain neutral. This has already been tested in Ukraine - the secret services and the army did not interfere in the "orange" revolution of 2004. There will be no mobilization. President Putin's order to launch a nuclear strike on the United States will be sabotaged. Russia's "asymmetric response" - terrorist attacks using miniature nuclear warheads in the United States and special forces sabotage - will also be blocked through the purchased leaders in the Ministry of Defense and special services.

6. On the same day, all major Western media declare the agony of the bloody regime of dictator Putin. On the same day in Moscow and St. Petersburg, groups of radical youth are to storm government buildings with casualties.

Secret instructions of the CIA and the KGB on the collection of facts, conspiracy and disinformation Popenko Viktor Nikolaevich

CIA School Training Program

Above is a general outline of the training program for future CIA agents at Camp Perry, describes the main methods of work of operational officers and gives a general idea of ​​​​some of the technical devices and devices used by them in intelligence activities. Now let's consider each topic separately, give specific examples of the agent's actions in a particular case, and present the main samples of technical means and ways to work with some of them.

As already mentioned, the training course at Camp Perry is divided into three main disciplines - intelligence, conspiracy and paramilitary operations (it should be noted that such a division is somewhat arbitrary, and in practice they are often intertwined).

1. Intelligence service includes various ways in which information is collected and transmitted by an agent, including:

Work with sound recording and transceiver equipment (tape recorders and radio stations);

Installation of various eavesdropping equipment (microphones-"bugs");

Photo and video filming (under various lighting conditions), copying documents;

Recruitment of new informants (agents);

Production of keys;

Penetration into enclosed spaces (including hacking) to obtain information;

Secret autopsy mail correspondence(letters, packages, etc.).

2. Conspiracy is a set of measures taken by an agent to keep his intelligence activities secret. It provides for certain actions on the part of the agent to ensure his safety and his behavior in the event of a threat of arrest (and after it):

Message encryption;

Using books to encrypt secret information;

cryptography;

Production of microfilms and microdots (using special photographic equipment);

Use of secret telephones (telephone taps with closed numbers, by which the agent can transmit an oral message at any time);

Storage of encrypted messages and their transmission;

Ways to detect surveillance and avoid it;

Change in appearance;

Equipment of caches for the transmission, receipt and storage of intelligence materials;

Working out conditions for appearances (secret meetings with other agents);

Mental “getting used to” your biography - a legend (which the agent must memorize in all details before throwing);

Use of mail and postal channels of the host country to send messages to secret addresses;

Encrypted radio communication; - methods for detecting double agents; - ways of resisting an arrest attempt; - ways to escape from the place of detention.

3. Psychological and paramilitary operations(active actions with the use of weapons, explosive and incendiary devices, psychotropic drugs), which include the organization of riots, strikes, rallies, conspiracies, rebellions, political intrigues, sabotage, sabotage, neutralization of objectionable persons, coup d'état.

This text is an introductory piece. From the book Japanese manual for the preparation of tank units in 1935 author USSR Ministry of Defense

CHAPTER 1 BASICS OF TRAINING I. Tank1. Places of the commander and other persons of the tank crew23. The places of the commander and other crew members when outside the tank are shown in fig. 1. The tank commander, artilleryman and machine gunner line up on the line of the front edge of the tank at such an interval each

From the book Blitzkrieg: how is it done? [Secret of Lightning War] author Mukhin Yury Ignatievich

The effectiveness of military training Further, Martynov proceeds from training to the results of this training, conducted in full accordance with the requirements of bureaucratic management. “Each of the major military commanders has a special headquarters, with the help of which he manages

From the book Stalin's Supermen. Saboteurs of the Land of the Soviets the author Degtyarev Klim

In the school of saboteurs In October 1930, Mykola Prokopyuk was transferred to Kharkov, to the Special Department of the GPU of Ukraine, where he quickly advanced to assistant, and then head of the department. Here he learns reconnaissance and sabotage wisdom in courses led by the famous

From the book GRU Spetsnaz in Kandahar. military chronicle author Shipunov Alexander

The learning process The daily routine was normal, but tough. At six o'clock in the morning the command sounded: “Company, get up! Building on the morning hour of physical activity in one minute! Dress code number three. Overboard - minus fifteen. Winter. I'm still sleeping, but the body works on the machine -

From the book Fighters - take off! author Zhirokhov Mikhail Alexandrovich

STANDARDS OF TRAINING With the increase in the size of the Air Force of the Red Army, it was necessary to fundamentally change the system of staffing aviation schools with a variable composition that had developed by that time.

From the book of Asa and propaganda. Exaggerated victories of the Luftwaffe author Mukhin Yury Ignatievich

Purpose of training As you saw from the epigraph to V. Dymich's article, Hitler believed that “the art of fighting in the air is a truly German privilege. The Slavs will never be able to master it.” In fact, Hitler was wrong quite often, but, perhaps, he never made such a mistake as in

From the book The First Snipers. "Service of super-sharp shooters in the World War" author Hesketh-Pritchard H.

Chapter VII Training in the school of the 1st Army Teaching a soldier to shoot well in 17 days is not an easy task. The sniping school in the 1st Army was established with the aim of training officers and non-commissioned officers, who in turn were to serve as instructors in their units, and therefore to courses

From the book Special Forces Combat Training author Ardashev Alexey Nikolaevich

Appendix No. 2 The program for training in the school of reconnaissance, surveillance and sniping in the 1st Army

From the book Snipers of the First World author Hesketh-Pritchard Major X.

Sample program sniper training 1. SVD.2 sniper rifle materiel. Purpose and combat properties of the SVD. The main parts and mechanisms, their purpose and device. Incomplete disassembly and assembly.3. The principle of operation of SVD automation, the device of an optical sight. Care for

From the book Combat Training of the Airborne Forces [Universal Soldier] author Ardashev Alexey Nikolaevich

CHAPTER VII Training in the School of the 1st Army Teaching a soldier to shoot well in 17 days is not an easy task. The sniping school in the 1st Army was established with the aim of training officers and non-commissioned officers, who in turn were to serve as instructors in their units, and therefore to courses

From the book Afghan, again Afghan ... author Drozdov Yuri Ivanovich

An exemplary training program for domestic snipers 1. The material part of the SVD.2 sniper rifle. The purpose and combat properties of the SVD. The main parts and mechanisms, their purpose and device. Incomplete disassembly and assembly.3. The principle of operation of SVD automation, device

From the book Kronstadt-Tallinn-Leningrad War in the Baltic in July 1941 - August 1942. author Trifonov V.I.

Chapter 41 They have done a great job, they even got a shower room. I immediately remembered the quarrelsome old ambassador. That's probably going through: all around dirty

From the book Special Forces. firearms training course author Komarov Konstantin Eduardovich

At the 1st Naval Special Secondary School on July 27, 1940, when I returned home from duty on the Ucha River, my father said that he had listened to the speech of the People's Commissar on the radio (we had a small detector receiver). navy Kuznetsov, who spoke about opening in

From the book of Zhukov. Portrait against the backdrop of the era the author Otkhmezuri Lasha

About teaching methods For professional reasons, I have always been interested in the issue of marksmanship and in particular the methodology for mastering it. I collected information by any accessible ways, and since about 1997, one circumstance began to interest me: more and more often

From the author's book

In the non-commissioned officer school In March 1916, the training of the squadron, in which Zhukov was enrolled, ended. It lasted eight months, three months longer than the training of an infantryman. This is a luxury that the tsarist army should not have allowed itself in that position, in

From the author's book

In the Higher Cavalry School In the autumn of 1924, Zhukov first arrived in the former capital. In the photo we see him in winter uniform, in Budyonovka with a red star on his head. He is 28. He wears a small mustache trimmed with a brush. He has broad shoulders and hardened features.