Nestled west of Washington, D.C., amid the bland northern Virginia suburbs, are generic-looking office parks that hide secret government installations in plain sight. Employees in civilian dress get out of their cars, clutching their Starbucks, and disappear into the buildings. To the casual observer, they resemble anonymous corporate drones. In fact, they hold Top Secret clearances and work in defense and intelligence. One of these buildings, at an address that is itself a secret, houses the cyberintelligence division of the Central Intelligence Agency. The facility is surrounded by a high fence and monitored by guards armed with military-grade weapons. When employees enter the building, they must badge in and pass through a full-body turnstile. Inside, on the ninth floor, through another door that requires badge access, is a C.I.A. office with an ostentatiously bland name: the Operations Support Branch. It is the agency's secret hacker unit, in which a cadre of élite engineers create cyberweapons.

"O.S.B. was focussed on what we referred to as 'physical-access operations,' " a senior developer from the unit, Jeremy Weber—a pseudonym—explained. This is not dragnet mass surveillance of the kind more often associated with the National Security Agency. These are hacks, or "exploits," designed for individual targets. Sometimes a foreign terrorist or a finance minister is too sophisticated to be hacked remotely, and so the agency is obliged to seek "physical access" to that person's devices. Such operations are incredibly dangerous: a C.I.A. officer or an asset recruited to work secretly for the agency—a courier for the terrorist; the finance minister's personal chef—must surreptitiously implant the malware by hand. "It could be somebody who was willing to type on a keyboard for us," Weber said. "It often was somebody who was willing to plug a thumb drive into the machine." In this manner, human spies, armed with the secret digital payloads designed by the Operations Support Branch, have been able to compromise smartphones, laptops, tablets, and even TVs: when Samsung developed a set that responded to voice commands, the wizards at the O.S.B. exploited a software vulnerability that turned it into a listening device.

The members of the O.S.B. "built quick-reaction tools," Anthony Leonis, the chief of another cyberintelligence unit of the C.I.A., said. "That branch was really good at taking ideas and prototypes and turning them into tools that could be used in the mission, very quickly." According to the man who supervised the O.S.B., Sean, the unit could be "a high-stress environment," because it was supporting life-or-death operations. (With a few exceptions, this piece refers to agency employees by pseudonyms or by their first names.)