apwa international sunday september 11, 200pm...•1 d e p a r t m e n t of j u s t i c e f e d e r...
TRANSCRIPT
•1
DEPA
RTMEN
T OF JUSTICE
FEDERAL BUREAU OF IN
VEST
IGATION
FIDELITY
BRAVERY
INTEGRITY
APWA International Congress and Exposition 2005
InfragardSunday September 11, 200PM
Presented byNorman Arendt, CHS-III, PhDShort Elliott Hendrickson Inc.
Board of Directors Infragard Western Wisconsin
Benefits to You to Participate
The Threat What is Infragard
Overview
• The Threat• Critical Infrastructures • Presidential Decision Directive 63• The National Infrastructure
Protection Center• The National InfraGard Program
•2
Strategy ComponentsCyber Security Awareness– Support for National Initiative
Strong Cryptography– Digital Signature– Encryption
Good Security-Enabled Commercial Information TechnologyGlobal Security Management InfrastructureDefense Infrastructure– National Attack Sensing & Warning Capability– Coordinated Response Mechanisms
National Information Assurance
Coupled With
andInternationalAgreements
EnablingNational
Legislation
You are here. They are somewhere.
toU.S. Information and Systems
GROWINGIN NUMBER ANDSOPHISTICATION
•3
If your organization is not susceptible to natural disasters, doesn’t compete
with foreign companies, uses no computers, produces no information or
products of value, has no enemies, and all your past and present
employees are happy and loyal, then congratulations
-- you are
THREAT - FREE!!
state sponsoredactivity
developing nations
criminal elements
non-traditionalterrorists hackers
insiders
WHY TARGET AMERICA?
Insight Magazine
U.S. Holds 70% Of World’s Intellectual Property
Leads In R&D By Spending $125B Annually, And Will
Spend Another $2 Trillion In Research Over Next 10 Years
•4
Allah the almighty legislated the permission and the option to take revenge. Thus if we are attacked then we have the right to attack back. When they destroy our villages and towns then we have the right to destroy their villages and towns. If they steal our wealth then we have the right to destroy their economy. And when they kill our civilians, then we have the right to kill theirs.– Letter to America, Osama bin Laden
Terrorist GroupsOsama’s actions on 9-11
Al QaedaHizballahHAMASArmy of the Pure Lash-e-TaibaALF and ELFFALNThe Secrete Army for Justice – AnthraxTSA (Terrorist Support Agency – FAA Special Agent Steve Elson)
9-11Vigilant Guardian/ WarriorNorthern VigilanceNORADPresident’s ActionsLIHOP (let it happen on purpose)WTC7 – FBI, CIA, DoD Store RoomsMASCAL – Pentagon – 341NRO – Jet into building
•5
MethodologyGather informationKidnappingAssassinateFreeing captured brothersSpreading false rumorsBlasting and destroying places of amusementBlasting and destroying embassiesBlasting and destroying bridges
Weapons
Cold steel weaponsPoisonsPistols and riflesExplosivesSpecial weaponsCyber
Surveillance - IndividualName, age, residenceWorkDepartureReturnRoutesHow he spends free timeFriends and their addressesCar
•6
Surveillance - IndividualWife’s workChildren schoolPhysicianStores where he shopsPlaces where he vacationsHouse detailsWays of sneaking into the houseArmed
Surveillance - IndividualStreet widthsTransportation to placeThe area – physicalTraffic signalsSecurity PersonnelNearby embassies etcEconomic characteristics of areaLightingCharacteristics of the place
AppearanceNot reveal true nameAppearance not IslamicDon’t use common expressionsAvoid Islamic placesCarry falsified documentsHave protection preceding visitKnowledge of those around himMaintain familyNo to letters and messengers
•7
Information
Public sourcesRecordingPhotographyInterrogationBurglaryDruggingSurveillance
Public Sources
NewspapersMagazinesOfficialParty (meetings with officials)Radio and Television
Information - Covert
Information about government personnelInformation about strategic buildingsDrawingDescriptionPhotograph – panoramic
•8
Speculating on Cyber Attacks
As a blended fashionCyber only Why no reports
Concern over securityLack of insight into identityLimits on law enforcementPerception of targetPerception of resultsTried and true
Why Potential Will Grow
Symbolic victoriesMedia attention – first of kindForce multiplier –chaos/vulnerabilitiesEconomic damageTerrorist innovationSCADA weaknesses
Blended Attacks
Cyber to Exacerbate Physical
Cyber to Facilitate Physical
Physical to Exacerbate Cyber
Physical to Facilitate Cyber
•9
SCADA Security
ComplexOutdated computer systemsHave inherent security problems and weaknessesNo built in security
Nation’s Infrastructure
Crowded SchoolsTraffic Choked RoadsTransit Cutbacks12 Infrastructures per ASCE slipped to a D-
The Beginning1976 – Warning to Cheney (Pres. Ford)1996 – PCCIP1996 – InfraGard - Cleveland1997 – EPA1998 - NIPC1998 - ISACs – PDD 632002 – Public Health Security and Bioterrorism Preparedness and Response Act
•10
What Can You Do?
Join InfragardNIMS – www.fema.gov/nimcastNRPAre You ReadyISACBe Aware of the ThreatsDesign Accordingly
InfraGard
“ A cooperative undertaking between the U.S. Government (the FBI) and an association of businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of United States critical infrastructures. “
Critical Infrastructures
Services so vital that their incapacity or destruction would have a debilitating impact on the defense or economic security of the United States.
- Executive Order 13010
•11
MODEM
SATELLITE
COMPUTER
FAX
PHONE
PAGER
MICROWAVE
CABLE
PALM PILOTCELL PHONE
Vulnerabilities:A New Dimension
• Physical vulnerabilities are known
• Cyber vulnerabilities are growing and are not well understood
•12
THE ENVIRONMENT:VOLUME, VELOCITY, AND VARIETY
Every Minute: 5 Million E-mails are sent
Every Hour: 35 Million VoiceMail messages are left
Every Day: 50,000 new wireless users join existing 200 million-plus and 37 Million users log into the Internet
Every Week: 630,000 phone lines are installed
Every 100 Days: Internet traffic DOUBLESSource: Lucent Technologies
PDD-63: Organizational Diagram
Secretary----------------------------------
Deputy Secretary
Under SecretaryScience and Technology
Under Secretary Information Analysis and Infrastructure Protection
Under SecretaryBorder &
Transportation Security
Under Secretary Emergency
Preparedness and Response
Under SecretaryManagement
Inspector General
Director of theSecret Service (1)
Commandant ofCoast Guard (1)
Director, Bureau of Citizenship & Immigration Services (1)
General Counsel
State and Local Coordination
Special Assistant to the Secretary(private sector)
National Capital Region Coordination
Shared Services
Citizenship & Immigration Service
Ombudsman (1)
Legislative Affairs
Public Affairs
Civil Rights and Civil Liberties
Department of Homeland Security
Chief of StaffPrivacy Officer
International Affairs
Counter Narcotics
Small & Disadvantaged Business
Executive Secretary
•13
NIPC is now known as the Department of Homeland
Security Information Analysis and Infrastructure Protection
IAIP for short
InfraGard
A Government and Private Sector Alliance
Why InfraGard?
• Presidential Decision Directive 63
• Vulnerability information not always being shared by owners and operators
• Computer expertise is identified and enhanced
• Relationships are established between private industry and government agencies
•14
Why InfraGard?
• Most infrastructure components are privately owned
• Both sectors have wealth of information to be shared
• Systems are interconnected
• Reliance on automation is increasing
Why InfraGard?
• Tools to do harm are widely available and do not require technical skill
• Globalization increases exposure
• Sophisticated systems exist in the hacker community
• Victims do not report cyber intrusions
Membership
• Interest in infrastructure protection
• Commitment to participate and assist other members
• Pledge to maintain sensitive information as confidential
• Signing of membership agreements
•15
• Forum for members to communicate • Prompt dissemination of threat
warnings • Help in protecting computer systems • Education and training on
infrastructure vulnerabilities • A community that shares information
in a trusted environment
Benefits to Members
• More intrusions reported • Satisfies PDD63 for the FBI to play an
active role in protecting critical infrastructure
• New channel to disseminate threat warnings to the private sector
• New contacts in the business community
Benefits to Government
• Prompt threat warnings from the FBI and other Infragard members
• Better understanding of the FBI/other resources to combat cyber crime
• Opportunity to interact and share information law enforcement/academia/private/public
• Education and training on cyber/physical security topics
Benefits to Government
•16
Unified Membership -Benefits
Membership is tied to the individual rather than their organization.– A member does not have to complete another
application if he/she leaves their job
Members have access to the secure website (As of August, over 500 articles posted)
Members are given SmartPass VPN software for secure communications
Unified Membership -Benefits
Members will have an InfraGard email address– Email sent within the InfraGard network is
secure and encrypted– Free virus scanning of InfraGard email
Access to secure membership ListServ (alerts, advisories, program updates)
Members will receive discounts to 3rd
party vendor conferences (e.g. SANS)
Substitutes For Records Checks
Individuals with an existing U.S. Government issued security clearance do not have to undergo additional records checks:– Confidential– Secret– Top Secret
An InfraGard Applicant/Member may submit evidence of their possession of one of the above clearances to expedite the initial processing and periodic renewal of their InfraGard membership.
•17
Security Clearances
Record checks performed for InfraGard membership will not be granting you a security clearance.
Periodic Re-ConfirmationApplicants must agree to periodic re-confirmation of membership requirements.
The FBI will automatically perform subsequent records checks on or near every 5th anniversary of a member’s acceptance as an InfraGard member– Results evaluated against the most current
standards and criteria as published in the Federal Register.
Members that were vetted through the former Secured Application will be re-confirmed at the 5th anniversary of their acceptance as a Secured member.
Appeals ProcessIn the event that InfraGard Membership is denied or a periodic re-confirmation fails, the applicant may request an appeal– Applicant receives notification that their
application for InfraGard Membership has been denied
– Applicant completes an Appeal Request Form and submits to the Membership Appeals Committee
– The Committee, based on all available information and at its’ sole discretion, will make the final determination of Applicant’s membership status.
•18
Completing the Application
Application is a writeable pdf which allows filling out the application online.Print the completed application and mail it to your state FBI office:
FBIAttention: Eric Brelsford330 East Kilbourn Ave, Suite 600Milwaukee, WI 53202
New application available on the web– www.infragard.net– www.wi-infragard.com
Steps Toward An EffectiveNational Defense
Uninhibited Exchange of Actionable Incident Data
Do you really know
what’s on
your web page?
biographical data of high-level employees
military exercise planning
personal data
organizational structure
AIS-equipment connectivity
•19
Public Private
•Web Pages•Phone Books•News Media
•OpPlans •Privacy Information•Classified Information
Protection of Information
Organizations have information they choose to make publicand information they protect to keep private.
Availability of InformationWhat is Really Available?
Public Private
Known
Unaware
•Web Pages•Phone Books•News Media
•OpPlans •Privacy Information•Classified Information
•Web Pages•News Media•Emissions•Shared Networks
• Shared Networks• Auto Backup File
?
?
Overall GoalsPublic Private
Known
Unaware
Clearly Define Public Private
Boundary
Base Risk Management Decisions on Facts, Not Mis-Perceptions !
Expand Awareness
of Your Information
•20
Information Assurance Elements
Successful Mission ExecutionInformation Assurance
People Technology Operations
Defense In Depth StrategyDefense In Depth Strategy
Robust & Integrated Set ofInformation Assurance Measures & Actions
InfraGard Services
• Secure Web Site
• Alert Network
• Chapter Activities
• Help Desk
Chapter Activities• Members establish relationships with
others interested in Infrastructure Protection
• Chapter committees are formed to focus on local issues
• Seminars, conferences, and training sessions are offered
•21
Secure Web Site Features• Real-time information on
infrastructure protection• Infrastructure-related information• Chapter information• Chat and conference capability • Links to other security sites• Archives of intrusion
incidents • Original research on
security issues
Alert Network• Member sends an encrypted
message to the FBI via E-mail• FBI distributes sanitized
description to othermembers
• FBI analyzes incident• Trends identified and reported• Investigation opened if
appropriate
•22
Goals: Provide a balanced security protection system with appropriate resources dedicated to reducing risk.
Goals
RISK RESOURCES
It’s a Different Game
No Time-Outs
Offense and Defense
on the Field at theSame Time
Most often the team that wins
is the one whose DEFENSE
makes the fewer mistakes
ARE WE PREPARING TO WIN?
•23
Conclusion• The cyber threat is real and growing: the
physical threat is proven
• There is a need for a greateralliance between public andprivate sectors
• Cooperation and informationsharing will enhance aneffective response
For More Information:Contact Your Local FBI Officewww.infragard.net
For More Information:Contact Norm Arendt, CHS-III, PhD–Madison, Wisconsin–608-270-5364 / [email protected]