fbi’s infragard. overview n today’s fbi n the fbi’s role in cyberspace –fbi’s cyber...
TRANSCRIPT
FBI’s InfraGardFBI’s InfraGard
OverviewOverview Today’s FBIToday’s FBI The FBI’s role in cyberspace The FBI’s role in cyberspace
– FBI’s Cyber DivisionFBI’s Cyber Division– Critical Infrastructure protectionCritical Infrastructure protection
InfraGardInfraGard– OverviewOverview– MembershipMembership– InitiativesInitiatives
Today’s FBIToday’s FBI
After the terrorism acts of After the terrorism acts of 9/119/11
FBI Mission StatementFBI Mission Statement
The Mission of the FBI is to protect The Mission of the FBI is to protect and defend the United States and defend the United States against terrorist and foreign against terrorist and foreign intelligence threats, to uphold and intelligence threats, to uphold and enforce the criminal laws of the enforce the criminal laws of the United States, and to provide United States, and to provide leadership and criminal justice leadership and criminal justice services to federal, state, services to federal, state, municipal, and international municipal, and international agencies and partners. agencies and partners.
Organization of the FBIOrganization of the FBI
Field OfficesField Offices– 5656– 400 satellite or resident agencies400 satellite or resident agencies
InternationalInternational– 45 Legal Attache offices45 Legal Attache offices
PersonnelPersonnel
Special Agents - 11, 633 (6/30/03)Special Agents - 11, 633 (6/30/03) Training at QuanticoTraining at Quantico 17 weeks17 weeks Academics, Firearms, Physical ExercisesAcademics, Firearms, Physical Exercises
– Assigned as needs dictateAssigned as needs dictate Professional Support - 15, 904Professional Support - 15, 904 Recruit and hire own directly through 56 Field Recruit and hire own directly through 56 Field
OfficesOffices www.fbi.govwww.fbi.gov
FBI HeadquartersFBI Headquarters
FBIFBI AcademyAcademy
The FBI’s RoleThe FBI’s Role
In CyberspaceIn Cyberspace
Cyber DivisionCyber Division
June 2002, Director Mueller approved June 2002, Director Mueller approved organizational structureorganizational structure
Addresses cyber threats in a coordinated Addresses cyber threats in a coordinated manner by examining all violations with a manner by examining all violations with a cyber nexuscyber nexus
Supports FBI priorities across program lines: Supports FBI priorities across program lines: counterterrorism, counterintelligence, counterterrorism, counterintelligence, criminalcriminal
Forms and maintains public/private Forms and maintains public/private alliances alliances
Assistant Director
Deputy Assistant DirectorOperational
Support Staff
COMPUTER INTRUSION
SECTIONCYBER CRIME SECTION
CYBER DIVISION
CRIMINAL COMPUTER
INTRUSION UNIT (CCIU)
CYBER INTELLIGENCE ACTION UNIT
COUTERTERRORISM/
COUNTERINTELLIGENCE
INTRUSION UNIT (C3IU)
INTELLECTUAL PROPERTY
RIGHTS UNIT
INTERNET FRAUD --- INTERNET
CRIME COMPLAINT CENTER
(IFCC)
INNOCENT IMAGES NATIONAL
INITIATIVES UNIT (IINI)
SPECIAL TECHNOLOGIES AND
APPLICATIONS SECTION
INFRASTRUCTURE and ENGINEERING UNIT
RESEARCH and DEVELOPMENT UNIT
TECHNICAL ANALYSIS UNIT
CYBER OPERATIONS DEPLOYMENT UNIT
OUTREACH, CAPABILITY AND
DEVELOPMENT SECTION
SPECIALIZED TRAINING UNIT
CYBER TASK FORCE UNIT
PUBLIC and PRIVATE ALLIANCE UNIT
INTERNATIONAL INVESTIGATIVE SUPPORT
UNIT
Special Assistant
To detect, prevent and investigate Cyber-based attacks and high technology crimes
Mission Statement
The FBI’s RoleThe FBI’s Role
Critical Infrastructure Critical Infrastructure ProtectionProtection
Critical InfrastructureCritical Infrastructure “Systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”
USA Patriot Act, Section 1016(e)
Is there a threat to theIs there a threat to theCritical Infrastructure?Critical Infrastructure?
Terrorist OrganizationsTerrorist OrganizationsState Sponsored ActivityState Sponsored ActivityRecreational HackersRecreational HackersHactivistsHactivistsOrganized CrimeOrganized CrimeTrusted Insiders Trusted Insiders Foreign and Domestic Foreign and Domestic
CompetitorsCompetitorsLone CriminalsLone CriminalsInformation Warfare Units Information Warfare Units The UnknownThe Unknown
Critical Infrastructure ProtectionCritical Infrastructure Protection
How do we protect or secure infrastructure, How do we protect or secure infrastructure, including cyber systems?including cyber systems?– Reduce/Eliminate Vulnerabilities - educationReduce/Eliminate Vulnerabilities - education– Reduce/Eliminate Threats – information sharingReduce/Eliminate Threats – information sharing– Reduce/Eliminate Consequences with planningReduce/Eliminate Consequences with planning
Who protects the infrastructure?Who protects the infrastructure?– #1, the owners & operators #1, the owners & operators – FBI/Law Enforcement – investigationFBI/Law Enforcement – investigation– DHS – threat warning and analysisDHS – threat warning and analysis
It is no longer possible to separate our country’s It is no longer possible to separate our country’s economic well-being from its national securityeconomic well-being from its national security
•Identify, prioritize, and mitigate vulnerabilities
•Develop incident response plans
•Educate employees on best security practices
•Maintain audit logs
•Practice due diligence
•Report suspicious activity within organization
•Network with like-minded professionals
•Develop a relationship with law enforcement•Share information
•InfraGard concept
What can be done?
Law Enforcement’s RoleLaw Enforcement’s Role
Assist owners and operators with Assist owners and operators with threat reductionthreat reduction– Information sharingInformation sharing
New era requires new solutions – partnerships New era requires new solutions – partnerships with industrywith industry
– Investigation Investigation Law Enforcement has legal authorities and Law Enforcement has legal authorities and
ability to seek resource leveraging to ability to seek resource leveraging to determine who is (are) behind an attack(s) determine who is (are) behind an attack(s)
InfraGardInfraGard
– OverviewOverview– InitiativesInitiatives– MembershipMembership
InfraGardInfraGard
OverviewOverview
InfraGard Program InfraGard Program Mission StatementMission Statement
To support an information sharing partnership between the private and public sectors for the purpose of protecting the nation’s critical infrastructures against attacks or failure caused by either foreign or domestic threats, and to support all FBI investigative programs, especially Counterterrorism, Counterintelligence, and Cyber Crime.
What is InfraGard?What is InfraGard?Program with 11,500+ members spread across Program with 11,500+ members spread across 84 local chapters nationwide84 local chapters nationwideWho: business executives, entrepreneurs, Who: business executives, entrepreneurs, military and government officials, computer military and government officials, computer security professionals, academia, state and security professionals, academia, state and local LE, and concerned citizenslocal LE, and concerned citizensWhy: public/private partners share expertise, Why: public/private partners share expertise, strategies, and information adding to strategies, and information adding to intelligence and criminal casesintelligence and criminal cases
What is InfraGard?What is InfraGard?
www.InfraGard.netwww.InfraGard.net - - public web sitepublic web site withwith DHS threat alerts, warnings, DHS threat alerts, warnings, vulnerabilitiesvulnerabilities
Intelligence Bulletins from FBIHQIntelligence Bulletins from FBIHQ Essence is information sharing, primarily Essence is information sharing, primarily
from FBI Agents assigned to each Chapter, from FBI Agents assigned to each Chapter, bringing meaningful news and informationbringing meaningful news and information
FBI’s Role in InfraGardFBI’s Role in InfraGard
Gather information and distribute Gather information and distribute it to membersit to members
Process membership applicationsProcess membership applications Perform background checks for Perform background checks for
secure net accesssecure net access Organize and facilitate local Organize and facilitate local
chapter meetingschapter meetings Recruit new membersRecruit new members
Non-FBI InfraGard RolesNon-FBI InfraGard Roles PartnersPartners
– National Center for Manufacturing SciencesNational Center for Manufacturing Sciences– National Institute of Standards and TechnologyNational Institute of Standards and Technology– Small Business AdministrationSmall Business Administration
Board of Directors (7)Board of Directors (7)– InfraGard National Member AllianceInfraGard National Member Alliance– Voluntary, two-year termsVoluntary, two-year terms– Responsible for representing membership in their Responsible for representing membership in their
alliance with the FBIalliance with the FBI InfraGard Member Alliances – per each InfraGard Member Alliances – per each
ChapterChapter– An FBI Field Office may have more than one ChapterAn FBI Field Office may have more than one Chapter
Non-FBI InfraGard RolesNon-FBI InfraGard Roles
InfraGard Program OfficeInfraGard Program Office– Under contract with FBI to support Under contract with FBI to support
InfraGard and Law Enforcement OnlineInfraGard and Law Enforcement Online Sustains InfraGard’s ability to collect and Sustains InfraGard’s ability to collect and
disseminate informationdisseminate information Principal point of contact for daily Principal point of contact for daily
operations operations
– Significant assistance:Significant assistance: Processes member applications; assists Processes member applications; assists
with organizing training conferences; with organizing training conferences; moderates 190 Listservsmoderates 190 Listservs
Non-FBI InfraGard RolesNon-FBI InfraGard Roles
Formats and uploads daily public and Formats and uploads daily public and secure web site contentsecure web site content
24/7 technical support for members24/7 technical support for members Administers InfraGard and LEO, Administers InfraGard and LEO,
reducing overall costsreducing overall costs
Why InfraGard?Why InfraGard? Sharing of FBI & DHS informationSharing of FBI & DHS information Protection requires assistance from owners Protection requires assistance from owners
and operators of critical infrastructures and operators of critical infrastructures Computer and physical security expertise Computer and physical security expertise
shared and enhancedshared and enhanced Relationships help establish trust between Relationships help establish trust between
private industry and government agenciesprivate industry and government agencies Aids Law Enforcement and intelligence Aids Law Enforcement and intelligence
gatheringgathering
How accomplished?How accomplished? Jointly with DHSJointly with DHS Intelligence product for dissemination to Intelligence product for dissemination to
InfraGard secure webInfraGard secure web– Produced by Analyst/Agent -- Field Intelligence Produced by Analyst/Agent -- Field Intelligence
Group – dissemination – FBIHQ to InfraGardGroup – dissemination – FBIHQ to InfraGard InfraGard LES admonishments and InfraGard LES admonishments and
accompanying question or statementaccompanying question or statement– Assimilation of new information into Assimilation of new information into
intelligence or case workintelligence or case work Electronic communication – FBI field officeElectronic communication – FBI field office
What Chapters have doneWhat Chapters have done Philadelphia: CIDDAC – automated cyber attack Philadelphia: CIDDAC – automated cyber attack
early warning system prototype early warning system prototype Las Vegas: aided investigation allowing LE to Las Vegas: aided investigation allowing LE to
capture a criminal who used a computer to capture a criminal who used a computer to embezzle $150,000+embezzle $150,000+
Los Angeles: participated in a two-day nationwide Los Angeles: participated in a two-day nationwide simulated terrorist attack training exercisesimulated terrorist attack training exercise
San Francisco: trained FBI Agents on hacker toolsSan Francisco: trained FBI Agents on hacker tools Vermont: offers free classes to teach local Vermont: offers free classes to teach local
residents how to protect themselves from online residents how to protect themselves from online threatsthreats
Portland: Phishing authority added to FBI Subject Portland: Phishing authority added to FBI Subject Matter Expert allianceMatter Expert alliance
InfraGardInfraGard
MembershipMembership
Who should join?• You, if you, your company or government
agency supports the critical infrastructures
• Anyone who works for organizations that can assist in assessing vulnerabilities and minimizing risks
• Persons capable of accepting Law Enforcement Sensitive, unclassified information and providing feedback to aid criminal cases or intelligence gathering
• Good citizen
InfraGardInfraGard
InitiativesInitiatives
Special Interest GroupsSpecial Interest Groups AgGard & ChemGardAgGard & ChemGard InfraGard & WMD sponsored portals designed InfraGard & WMD sponsored portals designed
to allow sector sharing of sensitive B2B to allow sector sharing of sensitive B2B information w/o government’s direct information w/o government’s direct involvementinvolvement– Facilitate sharingFacilitate sharing– Know when to contact LEKnow when to contact LE
LSU facilitatingLSU facilitating Online application to WMD Unit for admissionOnline application to WMD Unit for admission
– WMD gatekeeper of info to determine valueWMD gatekeeper of info to determine value Commencement TBDCommencement TBD