InfraGard is a national

non-profit organization A nonprofit organization (NPO) or non-profit organisation, also known as a non-business entity, not-for-profit organization, or nonprofit institution, is a legal entity organized and operated for a collective, public or social benefit, in co ...

serving as a public-private partnership between U.S. businesses and the

Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, ...

. The organization is an information sharing and analysis effort serving the interests, and combining the knowledge base of, a wide range of private sector and government members. InfraGard is an association of individuals that facilitates information sharing and intelligence between businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to prevent hostile acts against the United States.

History

InfraGard began in the

Cleveland, Ohio Cleveland ( ), officially the City of Cleveland, is a city in the U.S. state of Ohio and the county seat of Cuyahoga County. Located in the northeastern part of the state, it is situated along the southern shore of Lake Erie, across the U.S. ...

, Field Office in 1996, and has since expanded to become a national-level program, with InfraGard coordinators in every FBI field office. Originally, it was a local effort to gain support from the information technology industry and academia for the FBI's investigative efforts in the cyber arena, but it has since expanded to a much wider range of activities surrounding the nation's

critical infrastructure Critical infrastructure (or critical national infrastructure (CNI) in the UK) is a term used by governments to describe assets that are essential for the functioning of a society and economy – the infrastructure. Most commonly associated wit ...

. The program expanded to other FBI Field Offices, and in 1998 the FBI assigned national program responsibility for InfraGard to the former

National Infrastructure Protection Center The National Infrastructure Protection Center (NIPC) was a unit of the United States federal government charged with protecting computer systems and information systems critical to the United States' infrastructure.Gale Encyclopedia of Espionage & I ...

(NIPC) directed by RADM James B. Plehal and to the FBI's Cyber Division in 2003. Since 2003, InfraGard Alliances and the FBI said that they have developed a TRUST-based public-private sector partnership to ensure reliability and integrity of information exchanged about various terrorism, intelligence, criminal, and security matters. It supports FBI priorities in the areas of

counterterrorism Counterterrorism (also spelled counter-terrorism), also known as anti-terrorism, incorporates the practices, military tactics, techniques, and strategies that Government, governments, law enforcement, business, and Intelligence agency, intellig ...

, foreign

counterintelligence Counterintelligence is an activity aimed at protecting an agency's intelligence program from an opposition's intelligence service. It includes gathering information and conducting activities to prevent espionage, sabotage, assassinations or ot ...

, and

cybercrime A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing the ...

Information sharing

InfraGard chapters participate to assure that the critical infrastructure owners and operators—estimated at 85% private sector—are engaged and represented in local and regional planning efforts. Working on all 16 critical infrastructure sectors, the organization provides resources and information not only on prevention, but also on building resilience and response capabilities.

Training

InfraGard chapters around the nation also provide cyber and physical security training sessions that focus on the latest threats as identified by the FBI. Sessions include threat briefings, technical sessions on cyber and physical attack vectors, response training, and other resources to help CISOs and CSOs protect their enterprise. InfraGard approaches threats to critical infrastructure from both a tactical and strategic level, addressing the needs of those on the front lines of security as well as those decision makers tasked with assessing their enterprise's vulnerabilities and allocating resources to protect it. The information sharing between the organization and government has been criticized by those protecting

civil liberties Civil liberties are guarantees and freedoms that governments commit not to abridge, either by constitution, legislation, or judicial interpretation, without due process. Though the scope of the term differs between countries, civil liberties may ...

, concerned the membership would be surrogate eyes and ears for the FBI. The group has also been the subject of hacking attacks intended to embarrass the FBI. Local chapters regularly meet to discuss the latest threats or listen to talks from subject matter experts on security issues, with membership open to U.S. citizens at no cost. As of July, 2012, the organization reported membership at over 54,677 (including FBI).

Civil liberties

Partnerships between government agencies and private organizations has its critics. Concerned about

, the

American Civil Liberties Union The American Civil Liberties Union (ACLU) is a nonprofit organization founded in 1920 "to defend and preserve the individual rights and liberties guaranteed to every person in this country by the Constitution and laws of the United States". T ...

(ACLU) warned that there "is evidence that InfraGard may be closer to a corporate TIPS program, turning private-sector corporations — some of which may be in a position to observe the activities of millions of individual customers — into surrogate eyes and ears for the FBI". Concluding that "any program that institutionalizes close, secretive ties between such organizations raises serious questions about the scope of its activities, now and in the future." While others describing Infragard state "the architecture of the Internet—and the many possible methods of attack— requires governments, corporations, and private parties to work together to protect network security and head off threats before they occur." Responding to the ACLU criticism, Chairwoman Kathleen Kiernan of the InfraGard National Members Alliance (INMA) denies that InfraGard is anything but beneficial to all Americans stating "It's not an elitist group in any way, shape or form," she says. "We're out there trying to protect everybody. Any U.S. citizen on the planet is eligible to apply to InfraGard."

LulzSec attacks

In 2011,

LulzSec LulzSec (a contraction for Lulz Security) was a black hat computer hacking group that claimed responsibility for several high profile attacks, including the compromise of user accounts from PlayStation Network in 2011. The group also claimed ...

claimed responsibility for attacking chapter websites managed by local members in Connecticut and Atlanta, in order to embarrass the FBI with "simple hacks". The group leaked some of InfraGard member e-mails and a database of local users. The group defaced the website posting the following message, "LET IT FLOW YOU STUPID FBI BATTLESHIPS", accompanied with a video. LulzSec has posted the following message regarding the attack:

2022 breach

In December 2022 it was reported that a 80,000 member database of Infragard was allegedly breached by a cybercriminal using the username "USDoD" on a hacking forum after he completed a

social engineering Social engineering may refer to: * Social engineering (political science), a means of influencing particular attitudes and social behaviors on a large scale * Social engineering (security), obtaining confidential information by manipulating and/or ...

attack by posing as a CEO of a major United States financial institution applying for InfraGard membership to both Infraguard members and the FBI who later granted the hacker InfraGard membership and access to the InfraGard portal, once granted access the hacker used a script to obtain the InfraGard database information. Following the hack "USDoD" then asked for $50,000 for the entire database on a hacking forum. The FBI has not commentated on the hack but was aware of the false account in the InfraGard portal. The hack occurred roughly one year after the

2021 FBI email hack On November 13, 2021, a hacker compromised the FBI's external email system, sending thousands of spam emails warning of a fake cyberattack by cybersecurity researcher and CEO of Night Lion Security and Shadowbyte Vinny Troia, who is falsely labeled ...

References

External links

InfraGard website

InfraGard Members Alliance
{{FBI 1996 establishments in Ohio Organizations established in 1996 Information technology organizations based in North America Federal Bureau of Investigation Computer security organizations Non-profit organizations based in Ohio