FBI partnership used to monitor networks
- By Sara Michael
- Aug 25, 2003
The formation of the Homeland Security Department has created new information-sharing challenges for an old partnership in cybersecurity.
For seven years, the FBI has brought the public and private sectors together to share information about security breaches of the nation's critical infrastructures through the InfraGard program. Members who have enjoyed a trusted partnership in sharing tips and risks now face the challenge of welcoming a new partner and new procedures.
DHS "brings together so many of the agencies that have information," said Phyllis Schneck, vice president of enterprise services for eCommSecurity Inc. and chair of the InfraGard board. "InfraGard members will be a part of setting up how that process will work. It's a very big challenge."
Critical infrastructure protection duties have been transferred to DHS, but InfraGard remains with the FBI, said Brett Hovington, the bureau's InfraGard national coordinator. Both agencies are monitoring security threats using a few programs, such as DHS' Information Analysis and Infrastructure Protection Directorate and the FBI's Awareness of National Security Issues and Response. InfraGard officials are working to determine how to share with the new department or consolidate the programs.
It would make sense to utilize the InfraGard structure and policies for information sharing across the security programs, said Ed Stowe, head of corporate investigations and law enforcement liaison for Pepco Inc. in Washington, D.C.
"We're hoping for a consolidation of the infrastructure under one roof," Stowe said. "This is a maximum opportunity to consolidate and make sure we're playing from the same sheet of music."
Jim Dempsey, executive director of the Center for Democracy and Technology, said although the members share information, the concern lies not in privacy but in redundancy. The program raises concerns that other agencies are running similar programs and questions whether the FBI is the proper agency to lead the effort, he said.
Because the FBI would be the bureau investigating such threats, it was logical for it to spearhead this effort. "We are the lead agency for domestic threats, so let's be proactive about it," said Bill Murray, spokesman for the FBI's Cyber Division. "The FBI is really good at coming in after the fact and finding out who did it. We're trying to prevent it in the first place."
When companies find strange cyber activity or a breach in the network, they alert the FBI coordinator who can then investigate and alert other members. InfraGard members also hold monthly meetings and conferences.
"We can't put cyber cops on the Web," Murray said. "The best thing we can do is get information out, and information is power."
Eighty percent of the nation's infrastructures, from bridges to computer networks, is run by the private sector. Since its inception in the FBI's Cleveland field office in 1996, InfraGard has grown to 9,000 members representing the FBI, businesses, academic institutions and law enforcement, up from 2,000 members two years ago. A private-sector board governs the program, and each field office has at least one InfraGard coordinator.
"It's not about an informant's network, and it's not about a spilling all your company's information," Schneck said. "It's about getting private citizens to take more responsibility. They learn from us. We learn from them. It works."
But it wasn't always such a smooth relationship. Bringing together the public and private sectors to share information presented a challenge for members. The bureau had to convince the private-sector partners it was a fair player, Hovington said.
"We had some hurdles," he said. "People think when the FBI knocks on the door, it's to put the handcuffs on and drag them out the door."
More companies are willing to share information when they know it's a secure network, Schneck said. "It seemed unfamiliar to have the FBI in the meeting, and now they're a trusted partner."
Critical infrastructure protections
The FBI facilitates the InfraGard program by:
* Gathering information and distributing it to members.
* Educating the public and members on infrastructure protection.
* Disseminating information through the InfraGard network.
* Producing analytical products on information received through the network.
* Opening lines of communication between the government and private sector.