FBI partners with private sector on security

FBI partners with private sector on security

BY PREETI VASISHTHA | GCN STAFF

As the number of Internet users continues to soar, cy berattacks increase exponentially and threats become more serious. Now, hackers also have more to fear.

Under a national information-sharing initiative called Infragard, the FBI has joined forces with businesses and academic institutions to prevent and investigate computer intrusions and unlawful acts that threaten or target critical infrastructures. These include banking and finance, transportation, emergency services, government operations, energy and utilities.


The government and private sector must work together on security, the FBI's Leslie G. Wiser Jr. says.
'The idea is that our country depends on certain critical infrastructures, and the government alone cannot protect them,' said Leslie G. Wiser Jr., chief of the Training, Outreach and Strategy Section at the FBI's National Infrastructure Protection Center. 'The private sector plays an extremely important role upon which we, as a nation, depend.'

NIPC, an interagency group that works out of the FBI's headquarters, administers Infragard. The program began in 1996 at the FBI's Cleveland office when agency officials met with industry representatives to determine ways to prevent and investigate attacks on information systems.

The program started because the FBI and some industry members recognized that information sharing was an issue that needed work, Wiser said.

Today, all 56 FBI field offices participate in the program, which is made up of regional chapters. There are 475 member organizations nationwide, including companies and universities.

'The local chapters elect a local president, and they govern themselves,' Wiser said. 'We help to administer the chapters and provide support. But as the chapters get up and running, we step off the podium and let them run themselves.'

On alert

One function of the program is intrusion alert. The FBI tries to establish secure agreements with the members. Each agreement details how the FBI and a member will work with each other to serve both their interests.

Members that have secure agreements with the FBI receive e-mail messages from the bureau that warn and advise about crimes or attempted systems breaches.

Though all members can access information posted at www.nipc.gov, the FBI sends the e-mail alerts only to members with which it has secure agreements.

For instance, the Infragard members can access a help desk for technical and software-related problems. Louisiana State University runs the 24-hour help desk for the center.

Through local chapter activities such as meetings, seminars and conferences, members discuss problems and bring in speakers to talk about policy and technology issues.

'This also gives them an opportunity to network with each other and learn about the problems that competitors and other businesses are having,' Wiser said.

Cyberthreats come from many quarters. For instance, there are employees who have access to a system and misuse their privileges. According to last year's Computer Security Institute survey, conducted with the San Francisco FBI Computer Intrusion Squad, 71 percent of respondents detected unauthorized access by insiders. The survey's respondents were primarily large corporations, government agencies and universities.

Similarly, virus writers remain high on the threat list. Eighty-five percent of the respondents to the CSI/FBI survey said they had detected computer viruses in their systems.

Threats also come from criminals engaged in extortion and credit card theft, terrorists using the Internet to conduct violence and foreign intelligence agencies probing for information.

'Our goal is to provide a good service,' Wiser said. 'We are not seeking to increase membership as an end in itself.'

Wiser said he hopes to form a national congress of representatives from all the Infragard chapters. 'We'd like to have a grass roots program that has good networking opportunities in the local community,' he said. 'But we'd also like to find the best way to synthesize their collective wisdom to develop national trends and policy initiatives.'

inside gcn

  • Phishing

    Phishing is still a big problem, but users can help shrink it

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above