The FBI Wants To Know About Your IT Skills 211
AHuxley writes "The FBI, via the Office of Management and Budget, would like to find out more about your information technology expertise if you are part of InfraGard. Terms like 'practical utility' have been included in a 60-day emergency notice of information collection via the Paperwork Reduction Act of 1995. Is your boss or cubicle colleague part of InfraGard? It's a private, non-profit organization run as a public-private partnership with the Federal Bureau of Investigation. Are they passing info back about you or your company?"
Sooo, essentially... (Score:2, Informative)
Re:Funny stuff (Score:4, Informative)
I am a member of InfraGard. In the past, our local FBI office has asked members of our chapter to self-identify their expertise in a particular IT specialty. I and others did so, and subsequently assisted them in a couple of criminal investigations. I think the FBI just wants to broaden and formalize their inventory of IT subject matter experts.
So? (Score:4, Informative)
Disclaimer; I'm an Infragard member (have been for about 7 years). Why are they collecting this? Easy, they're public/private partnership that focuses on emergency response. "In the event", they want to know who within there membership has skills that may be needed. Don't like it, don't join (or quit). Don't want them to have your data, make them remove it (you have the legal right to do so). No conspiratorial aspect here.
Re:Did any of you actually READ the link? (Score:5, Informative)
Most people didn't. They panicked when they saw the headline.
I've known about InfraGard for a while now. It's more of a group of security consulting people, gathered together to try to get a solid handle on securing the infrastructure of the country.
I might be in the minority here, but this request is probably more in line with gathering a list for the FBI to go contact when they need an independent contractor for something. Like you said...while there's some aspects of tech they've got a handle on, there's others including this sort of thing that they just simply don't- and I'm thinking they thought it might be useful to get a list of that class of individual and what they do so they know who to turn to for help when they need it.
Re:First post! (Score:4, Informative)
Of the three things you mentioned, only one is an acronym and thus only one should be ALL CAPS.
Gestapo is a shortened version of "Geheime Staatspolizei"
and Stasi is a shortened version of "Ministerium für Staatssicherheit"
Re:Did any of you actually READ the link? (Score:5, Informative)
I have taught classes to an InfraGuard chapter in my area, it is quite different than the scary statements that have been made by many.
It is about being aware of your vulnerabilities and developing contingency plans and fairly basic security procedures to make it less easy for someone to mess with your infrastructure. Most of the folks who attend the InfraGuard monthly meetings are already in middle management and have been tasked with the chore of improving security. While pretty much anyone can participate there are levels to it. Some information is compartmentalized on a need to know basis when it comes to specific incidents or threats.
Re:Jesse Ventura (Score:3, Informative)
And for the question of if they have legitimate grievances against the west - they do but they exaggerate and combine legitimate ones with crazy conspiracy theories which frankly a child could debunk. They are not honest about the atrocities they commit - ie atrocities in darfur and sudan are all western propaganda etc and the popular belief that jews organised 9/11 even within al-quada. There is just no common acceptance of realty that would make negotiations feasible.
Infragard is not nefarious (Score:3, Informative)
I am an Infragard member. I was working for a university research group and was required to join Infragard as a part of this research. I did not like the idea of being forced to join an organization I knew little to nothing about so I did research into the organization first. I read up on all of the conspiracy theories about Infragard and spoke with some members before joining.
The conspiracy theories link this organization to "big brother" programs that encourage people to spy on their neighbors. This is not actually the case with Infragard - as far as I can tell.
From what I can see, this organization is put into place for very good reasons. Look into the Russian action in Georgia last year - a large component of that military action was cyber-based. The Russians took over the Georgian infrastructure (electric, news and radio) far before tanks rolled into Georgian territory. If the US is ever attacked on a large scale, our infrastructure will be the first strike. Infragard allows a secured group of IT professionals to be "in the loop" on potential threats that cannot be made widely public yet. It also allows these professionals to collaborate on security issues in real time - as they happen.
Say a new worm was propagating across major infrastructure networks. An administrator at the water company finds evidence of this worm and sends a message to Infragard asking if anybody else has seen it. A person working at the electric company reads that message and notices that it matches something they are addressing as well. The issue may be quickly escalated and addressed appropriately. If these individuals had to deal with conventional reporting then the link between two critical infrastructure networks experiencing the same problem at the same time may be missed.
In my experience Infragard does not care a bit about individuals ripping a CD or something. This is about bridging the gap between law enforcement and IT professionals in order to minimize the time it takes to address a potential cyber threat on critical infrastructure.
Registering your IT skills with Infragard is optional, not mandatory. This is not as evil as it sounds and I see much more upside to this than downside.