InfraGard

Last updated
InfraGard
Formation1996
Type Non-profit organization
Membership
86,691
Website www.infragard.org

InfraGard is a national non-profit organization serving as a public-private partnership between U.S. businesses and the Federal Bureau of Investigation. The organization is an information sharing and analysis effort serving the interests, and combining the knowledge base of, a wide range of private sector and government members. [1] InfraGard is an association of individuals that facilitates information sharing and intelligence between businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to preventing hostile acts against the United States. [2]

Contents

History

InfraGard began in the Cleveland, Ohio, Field Office in 1996, [3] [4] and has since expanded to become a national-level program, with InfraGard coordinators in every FBI field office. Originally, it was a local effort to gain support from the information technology industry and academia for the FBI's investigative efforts in the cyber arena, but it has since expanded to a much wider range of activities surrounding the nation's critical infrastructure. [1]

The program expanded to other FBI Field Offices, and in 1998 the FBI assigned national program responsibility for InfraGard to the former National Infrastructure Protection Center (NIPC) directed by RADM James B. Plehal and to the FBI's Cyber Division in 2003. [3] Since 2003, InfraGard Alliances and the FBI said that they have developed a TRUST-based public-private sector partnership to ensure reliability and integrity of information exchanged about various terrorism, intelligence, criminal, and security matters. It supports FBI priorities in the areas of counterterrorism, foreign counterintelligence, and cybercrime. [3] [5]

Information sharing

InfraGard chapters participate to assure that the critical infrastructure owners and operators—estimated at 85% private sector—are engaged and represented in local and regional planning efforts. [6] Working on all 16 critical infrastructure sectors, the organization provides resources and information not only on prevention, but also on building resilience and response capabilities. [7]

Training

InfraGard chapters around the nation also provide cyber and physical security training sessions that focus on the latest threats as identified by the FBI. Sessions include threat briefings, technical sessions on cyber and physical attack vectors, response training, and other resources to help CISOs and CSOs protect their enterprise. InfraGard approaches threats to critical infrastructure from both a tactical and strategic level, addressing the needs of those on the front lines of security as well as those decision makers tasked with assessing their enterprise's vulnerabilities and allocating resources to protect it. [8]

The information sharing between the organization and government has been criticized by those protecting civil liberties, concerned the membership would be surrogate eyes and ears for the FBI. [9] The group has also been the subject of hacking attacks intended to embarrass the FBI. [10] Local chapters regularly meet to discuss the latest threats or listen to talks from subject matter experts on security issues, [11] with membership open to U.S. citizens at no cost. [12] As of July 2012, the organization reported membership at over 54,677 (including FBI). [3]

Civil liberties

Partnership between government agencies and private organizations has its critics. [9] [13] [14] Concerned about civil liberties, the American Civil Liberties Union (ACLU) warned that there "is evidence that InfraGard may be closer to a corporate TIPS program, turning private-sector corporations — some of which may be in a position to observe the activities of millions of individual customers — into surrogate eyes and ears for the FBI". Concluding that "any program that institutionalizes close, secretive ties between such organizations raises serious questions about the scope of its activities, now and in the future." [9] [11] While others describing Infragard state "the architecture of the Internet—and the many possible methods of attack— requires governments, corporations, and private parties to work together to protect network security and head off threats before they occur." [15] Responding to the ACLU criticism, Chairwoman Kathleen Kiernan of the InfraGard National Members Alliance (INMA) denies that InfraGard is anything but beneficial to all Americans stating "It's not an elitist group in any way, shape or form," she says. "We're out there trying to protect everybody. Any U.S. citizen on the planet is eligible to apply to InfraGard." [11]

LulzSec attacks

In 2011, LulzSec claimed responsibility for attacking chapter websites managed by local members in Connecticut and Atlanta, in order to embarrass the FBI with "simple hacks". [10] The group leaked some of InfraGard member e-mails and a database of local users. [16] The group defaced the website posting the following message, "LET IT FLOW YOU STUPID FBI BATTLESHIPS", accompanied with a video. LulzSec has posted the following message regarding the attack:

It has not come to our unfortunate attention that NATO and our good friend Barrack Osama-Llama 24th-century Obama [sic] have recently upped the stakes with regard to hacking. They now treat hacking as an act of war. So, we just hacked an FBI affiliated website (Infragard, specifically the Atlanta chapter) and leaked its user base. We also took complete control over the site and defaced it[.] [17]

2022 breach

In December 2022 it was reported that an 80,000 member database of Infragard was allegedly breached by a cybercriminal using the username "USDoD" on a hacking forum after he completed a social engineering attack by posing as a CEO of a major United States financial institution applying for InfraGard membership to both Infraguard members and the FBI who later granted the hacker InfraGard membership and access to the InfraGard portal, once granted access the hacker used a script to obtain the InfraGard database information. Following the hack "USDoD" then asked for $50,000 for the entire database on a hacking forum. The FBI has not commentated on the hack but was aware of the false account in the InfraGard portal. The hack occurred roughly one year after the 2021 FBI email hack. [18] [19] [20]

See also

Related Research Articles

<span class="mw-page-title-main">Computer security</span> Protection of computer systems from information disclosure, theft or damage

Computer security, cyber security, digital security or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

<span class="mw-page-title-main">Hacktivism</span> Computer-based activities as a means of protest

Internet activism, hacktivism, or hactivism, is the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change. With roots in hacker culture and hacker ethics, its ends are often related to free speech, human rights, or freedom of information movements.

Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet by means of tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, programming scripts can all be forms of internet terrorism. Cyberterrorism is a controversial term. Some authors opt for a very narrow definition, relating to deployment by known terrorist organizations of disruption attacks against information systems for the primary purpose of creating alarm, panic, or physical disruption. Other authors prefer a broader definition, which includes cybercrime. Participating in a cyberattack affects the terror threat perception, even if it isn't done with a violent approach. By some definitions, it might be difficult to distinguish which instances of online activities are cyberterrorism or cybercrime.

<span class="mw-page-title-main">U.S. critical infrastructure protection</span>

In the U.S., critical infrastructure protection (CIP) is a concept that relates to the preparedness and response to serious incidents that involve the critical infrastructure of a region or the nation. The American Presidential directive PDD-63 of May 1998 set up a national program of "Critical Infrastructure Protection". In 2014 the NIST Cybersecurity Framework was published after further presidential directives.

<span class="mw-page-title-main">Federal Office for Information Security</span> German federal agency

The Federal Office for Information Security is the German upper-level federal agency in charge of managing computer and communication security for the German government. Its areas of expertise and responsibility include the security of computer applications, critical infrastructure protection, Internet security, cryptography, counter eavesdropping, certification of security products and the accreditation of security test laboratories. It is located in Bonn and as of 2020 has about 1,100 employees. Its current president, since 1 February 2016, is former business executive Arne Schönbohm, who took over the presidency from Michael Hange.

The Institute for Information Infrastructure Protection (I3P) is a consortium of national cyber security institutions, including academic research centers, U.S. federal government laboratories, and nonprofit organizations, all of which have long-standing, widely recognized expertise in cyber security research and development (R&D). The I3P is managed by The George Washington University, which is home to a small administrative staff that oversees and helps direct consortium activities.

<span class="mw-page-title-main">Anonymous (hacker group)</span> Decentralized hacktivist group

Anonymous is a decentralized international activist and hacktivist collective and movement primarily known for its various cyberattacks against several governments, government institutions and government agencies, corporations and the Church of Scientology.

Proactive cyber defense, means acting in anticipation to oppose an attack through cyber and cognitive domains. Proactive cyber defense can be understood as options between offensive and defensive measures. It includes interdicting, disrupting or deterring an attack or a threat's preparation to attack, either pre-emptively or in self-defence.

<span class="mw-page-title-main">LulzSec</span> Hacker group

LulzSec was a black hat computer hacking group that claimed responsibility for several high profile attacks, including the compromise of user accounts from PlayStation Network in 2011. The group also claimed responsibility for taking the CIA website offline. Some security professionals have commented that LulzSec has drawn attention to insecure systems and the dangers of password reuse. It has gained attention due to its high profile targets and the sarcastic messages it has posted in the aftermath of its attacks. One of the founders of LulzSec was computer security specialist Hector Monsegur, who used the online moniker Sabu. He later helped law enforcement track down other members of the organization as part of a plea deal. At least four associates of LulzSec were arrested in March 2012 as part of this investigation. Prior, British authorities had announced the arrests of two teenagers they alleged were LulzSec members, going by the pseudonyms T-flow and Topiary.

<span class="mw-page-title-main">Operation AntiSec</span> Series of cyberattacks conducted by Anonymous and LulzSec

Operation Anti-Security, also referred to as Operation AntiSec or #AntiSec, is a series of hacking attacks performed by members of the hacking group LulzSec and Anonymous, and others inspired by the announcement of the operation. LulzSec performed the earliest attacks of the operation, with the first against the Serious Organised Crime Agency on 20 June 2011. Soon after, the group released information taken from the servers of the Arizona Department of Public Safety; Anonymous would later release information from the same agency two more times. An offshoot of the group calling themselves LulzSecBrazil launched attacks on numerous websites belonging to the Government of Brazil and the energy company Petrobras. LulzSec claimed to retire as a group, but on 18 July they reconvened to hack into the websites of British newspapers The Sun and The Times, posting a fake news story of the death of the publication's owner Rupert Murdoch.

Hector Xavier Monsegur, known also by the online pseudonym Sabu, is an American computer hacker and co-founder of the hacking group LulzSec. Monsegur became an informant for the FBI, working with the agency for over ten months to aid them in identifying the other hackers from LulzSec and related groups while facing a sentence of 124 years in prison. LulzSec intervened in the affairs of organizations such as News Corporation, Stratfor, UK and American law enforcement bodies and Irish political party Fine Gael.

The Criminal, Cyber, Response, and Services Branch (CCRSB) is a service within the Federal Bureau of Investigation (FBI). The CCRSB is responsible for investigating financial crime, white-collar crime, violent crime, organized crime, public corruption, violations of individual civil rights, and drug-related crime. In addition, the Branch also oversees all computer-based crime related to counterterrorism, counterintelligence, and criminal threats against the United States.

A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack (DDoS).

The National Infrastructure Protection Center (NIPC) was a unit of the United States federal government charged with protecting computer systems and information systems critical to the United States' infrastructure. It was founded in 1998 by President Bill Clinton's Presidential Decision Directive 63. It was originally created as a branch of the FBI.

<span class="mw-page-title-main">Mustafa Al-Bassam</span>

Mustafa Al-Bassam is a British computer security researcher, hacker, and co-founder of Celestia Labs. Al-Bassam co-founded the hacker group LulzSec in 2011, which was responsible for several high profile breaches. He later went on to co-found Chainspace, a company implementing a smart contract platform, which was acquired by Facebook in 2019. In 2021, Al-Bassam graduated from University College London, completing a PhD in computer science with a thesis on Securely Scaling Blockchain Base Layers. In 2016, Forbes listed Al-Bassam as one of the 30 Under 30 entrepreneurs in technology.

Ryan Ackroyd, a.k.a.Kayla and also lolspoon, is a former black hat hacker who was one of the six core members of the computer hacking group "LulzSec" during its 50-day spree of attacks from 6 May 2011 until 26 June 2011. Throughout the time, Ackroyd posed as a female hacker named "Kayla" and was responsible for the penetration of multiple military and government domains and many high profile intrusions into the networks of Gawker in December 2010, HBGaryFederal in 2011, PBS, Sony, Infragard Atlanta, Fox Entertainment and others. He eventually served 30 months in prison for his hacking activities.

The Center for Internet Security (CIS) is a 501(c)(3) nonprofit organization, formed in October 2000. Its mission statement professes that the function of CIS is to " help people, businesses, and governments protect themselves against pervasive cyber threats."

Dr. Phyllis Schneck is an American executive and cybersecurity professional. As of May 2017, she became the managing director at Promontory Financial Group. Schneck served in the Obama administration as Deputy Under Secretary for Cybersecurity and Communications for the National Protection and Programs Directorate (NPPD), at the Department of Homeland Security.

<span class="mw-page-title-main">BreachForums</span> Cybercrime forum

BreachForums is an English-language black hat hacking crime forum. The website acts as an alternative and successor to RaidForums following its shutdown and seizure in 2022. Like its predecessor, BreachForums allows for the discussion of various hacking topics and distributed data breaches, pornography, hacking tools and various other services.

References

  1. 1 2 "Robert S. Mueller, III -- InfraGard Interview at the 2005 InfraGard Conference". Infragard (Official Site) -- "Media Room". Archived from the original (mov) on 2011-06-17. Retrieved 2009-12-09.
  2. "Infragard, Official Site". Infragard. Retrieved 2012-07-10.
  3. 1 2 3 4 "About Infragard". Infragard (Official site). Archived from the original on 2011-05-18. Retrieved 2009-12-09.
  4. "InfraGard History". InfraGard National Members Alliance. Archived from the original on 2010-01-08.
  5. "InfraGard - A Partnership That Works". FBI. 2010-03-08. Retrieved 2012-07-15.
  6. Christopher, Ryan (22 March 2016). "MWCOG and InfraGardNCR Key to Government Engagement with Private Sector Critical Infrastructure Stakeholders". CIP Report. George Mason University. Retrieved August 16, 2016.
  7. Stone, Andrea (14 March 2016). "Four Key Imperatives to Building Effective Transportation Infrastructure Resilience". CIP Report. George Mason University. Retrieved August 16, 2016.
  8. NCR, InfraGard. "TAC-STRAT: A Tactical and Strategic Look at Cyber Security". eventbrite. Retrieved August 16, 2016.
  9. 1 2 3 Stanley, J. (2004). The Surveillance-Industrial Complex: How the American Government is Enlisting Private Parties in the Construction of a Surveillance Society (PDF) (Report). ACLU. p. 12. Retrieved 2011-06-05.
  10. 1 2 "Hackers Claim Strike On FBI Partner--Again". Huffington Post. June 21, 2011.
  11. 1 2 3 Kaplan, D. (2009-01-01). "On guard: InfraGard makes strides under new leadership". SCMagazine. Retrieved 2012-07-15.
  12. "InfraGard Membership". InfraGard. Archived from the original on 2012-07-17. Retrieved 2012-07-15.
  13. Madsen, W. (1999). "Details emerge of NSA and FBI involvement in domestic US computer security". Computer Fraud & Security. 1999 (1): 10–11. doi:10.1016/S1361-3723(00)86979-1.
  14. Joh, E. E. (2006). "The Forgotten Threat: Private Policing and the State". Indiana Journal of Global Legal Studies. 13 (2): 357–389. doi:10.2979/GLS.2006.13.2.357. S2CID   143569949.
  15. Balkin, J. M. (2008). "The Constitution in the National Surveillance State" (PDF). Minnesota Law Review. 93 (1).Balkin, Jack M. (10 June 2008). "Abstract". SSRN   1141524.{{cite web}}: Missing or empty |url= (help)
  16. "LulzSec claims to have hacked FBI-affiliated website". LA Times. 2011-06-03. Retrieved 2011-06-04.
  17. Read, M. (2011-06-04). "LulzSec Hackers Go After FBI Affiliates". Gawker. Archived from the original on 2011-06-06. Retrieved 2011-06-04.
  18. "Hacker claims breach of FBI's critical-infrastructure portal". AP NEWS. 2022-12-14. Retrieved 2022-12-17.
  19. "FBI's Vetted Info Sharing Network 'InfraGard' Hacked – Krebs on Security". 13 December 2022. Retrieved 2022-12-17.
  20. "The FBI's Cybersecurity Program for Critical Infrastructure Was Hacked". Gizmodo. 2022-12-14. Retrieved 2022-12-17.

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.