THE NATIONAL INFRAGARD PROGRAM Guarding the Information Infrastructure The National InfraGard Program began as a pilot project in 1996, when the Cleveland FBI Office asked local computer security professionals to assist the FBI in determining how to better protect critical information systems in the public and private sectors. From this new partnership, the first InfraGard Chapter was formed to address both cyber and physical threats. As part of its mission, the NIPC conducts outreach and information sharing with the public and private-sector owners and operators of critical infrastructures. The National InfraGard Program is now an essential part of the NIPC's outreach efforts. The Program establishes a mechanism for two-way information sharing about intrusion incidents and system vulnerabilities and provides a channel for the NIPC to disseminate analytical threat products to the private sector. The NIPC, in conjunction with representatives from the private industry, the academic community, and the public sector, further developed the "InfraGard" initiative to expand direct contacts with the private sector infrastructure owners and operators and to share information about cyber intrusions, exploited vulnerabilities, and infrastructure threats. The initiative, encouraging the exchange of information by government and private sector members, continued to expand through the formation of additional InfraGard Chapters, within the jurisdiction of each FBI Field Office. All 56 field offices of the FBI have opened an InfraGard chapter, with hundreds of company members across the nation. PROGRAM OBJECTIVES The National InfraGard Program is designed to address the need for a private and public-sector information sharing mechanism at both national and local levels. Its objectives are as follows: • • • • • Provide members a forum for education and training on infrastructure vulnerabilities and protection measures Provide members prompt, value added threat advisories, alerts, and warnings Ensure the protection of computer intrusion/threat data shared among InfraGard members, FBI Field Offices, and the NIPC through compliance with proprietary, legal, and security requirements Increase the quantity and quality of infrastructure intrusion/threat reports provided to local FBI Field Offices (for investigations and follow-up) and the NIPC (for national-level analysis) Increase interaction and information sharing among InfraGard members, their associated local FBI Field Offices, and the NIPC, on infrastructure threats vulnerabilities, and interdependencies PROGRAM SERVICES The National InfraGard Program provides four basic capabilities or services to its members. Members of InfraGard participate in local chapter activities; have access to an Alert Network to voluntarily report actual or attempted illegal intrusions, disruptions and vulnerabilities of information systems; can access a Secure InfraGard Website with recent information about infrastructure protection; and can call the Help Desk at NIPC to ask questions about the program. These services secure communications among members and facilitate the cooperative effort for which InfraGard was founded. INFRAGARD SECURE WEBSITE The InfraGard Secure Website provides members with information about recent intrusions, research related to infrastructure protection, and the capability to communicate securely with other members. The Website has the following features: • • • • • • • What's New Real-time information about infra-structure protection; Sector News Critical Infrastructure related links, recent news articles, and press releases; Chapter News Internal links for each chapter to post chapter-specific information; Discussion Groups A secure, integrated electronic discussion group capability; Related Links External links to NIPC Web Page and additional infrastructure protection resources; Archives and Research Internal links to recent intrusion summaries, computer security technical papers, and hacker case summaries; Contact/Feedback Links to all FBI Field Offices and the National InfraGard Program Office, InfraGard@fbi.gov. THE ALERT NETWORK The Alert Network is designed to provide each InfraGard member with a mechanism to voluntarily notify the FBI in the event of a physical or cyber attack. When a member determines that a report is appropriate, the member can use encryption technology furnished by the NIPC to send two descriptions of the incident to the NIPC: • • A "sanitized" description of the incident provides relevant information but does not identify the victim member. At the member's option, this description is furnished by the NIPC to other InfraGard members who have signed a non-disclosure agreement. If the members agrees it could also be provided to the public so that they may take action to protect their own systems. A detailed description of the incident gives the NIPC information about the victim's identity and enough background to conduct an in-depth analysis of the threat. The FBI uses the detailed report to determine if an investigation is warranted. The NIPC also takes information supplied by the members of the InfraGard, the Intelligence Community, and criminal investigative sources to produce periodic threat reports for InfraGard members. INFRAGARD PUBLIC WEBSITE Please visit the InfraGard public website at www.infragard.net. This site provides the most complete picture of the latest InfraGard initiatives and activities and helpful contact information for local InfraGard chapters across the country. LOCAL CHAPTER ACTIVITIES Each InfraGard chapter develops a specialized program that addresses the unique needs of the local membership. Representatives from the local FBI Field Office assist InfraGard members in identifying their infrastructure protection concerns and needs. The following list illustrates some of the activities that Local Chapters may offer: • Seminars and conferences on infrastructure protection; • Regular chapter meetings where members present discussion topics; • Infrastructure protection education and training; • A local newsletter; • A Contingency Plan for using alternative systems in the event of a successful large scale attack on the information infrastructure; • A Cyber-Awareness campaign for members and nonmembers. LOS ANGELES CHAPTER INFORMATION The Los Angeles Chapter of the InfraGard Program is in the process of establishing its own website. To communicate with the Chapter FBI coordinator, via the internet, you may e-mail the coordinator at infragard-la@fbi.gov. If you have received an InfraGard Application, and need to mail it in, in order to become a member, please mail it to: Special Agent Greg Mercier, InfraGard Coordinator, 11000 Wilshire Blvd., Suite 1700, Los Angeles, CA 90024