FBI to expand computer intrusion reporting program

The FBI plans to roll out to more than 50 cities an intrusion-detection reporting program that will be one of the first large-scale examples of private companies working with federal law enforcement agencies to fight computer crime.

The FBI is testing the program, called InfraGuard, in Cleveland [FCW, Dec. 15, 1997], but the agency intends to expand the program in the next several months to all 56 cities with an FBI field office.

The initiative seeks to have private-sector entities electronically report computer break-ins to field offices using advanced information technology methods. The key to the program's success is that it allows companies to report computer intrusions without fear that the information will be made public. Traditionally, companies— especially financial institutions and publicly traded companies— have been loath to reveal information about attacks on their systems.

"There seems to be just a lot of interest throughout the private sector," said Kenneth Geide, chief of computer investigations and operations security at the new National Infrastructure Protection Center. "The private sector is hungry for real data about what kinds of exploits [are occurring] so they can risk-manage their activities. If there are no glitches [in Cleveland]...then we're looking to do this immediately."

The government— spurred by its fear of the damage an electronic attack could do to such infrastructures as the electrical power grid and telecommunications systems operated by the private sector— has focused increased attention on tracking threats to the computer systems that operate these critical infrastructures.

Donald Krysakowski, director of laboratories with the International Computer Security Association, said that while the shortage of raw data on cyberthreats to the private sector does present a problem for the government, it is not clear if private companies have put aside their fears of reporting these incidents.

Using public-key cryptography technology, private-sector participants in the Cleveland pilot are issued certificates from VeriSign Inc., which carry digital signatures to authenticate a user's identity. The participants then use technology from AT&T, called Secret Agent, to encrypt and digitally sign e-mail messages detailing computer break-ins before sending them to an FBI file server.

The server collects the messages and sends them back to all other program participants— without information that would identify the companies that were attacked— so participants will be aware of common attack methods.

Geide said FBI officials have not yet determined which technology they will use for the expansion because they want to make sure they have the "latest and greatest" products when each program is rolled out in the various cities.


  • Social Media
    Editorial credit: pcruciatti / Shutterstock.com

    They took all the tweets and put 'em in a tweet museum

    Twitter cancelled @realdonaldtrump, but the National Archives will bring presidential tweets back via the Trump library website.

  • Workforce
    Avril Haines testifies SSCI Jan. 19, 2021

    Haines looks to restore IC workforce morale

    If confirmed, Avril Haines says that one of her top priorities as the Director of National Intelligence will be "institutional" issues, like renewing public trust in the intelligence community and improving workforce morale.

Stay Connected