iGuardian Portal Shares Cyberattack Data with the FBI

InfraGard’s industry and critical infrastructure members can send the FBI information about computer intrusions, allowing the agency to quickly investigate the incident.

by / August 12, 2013

The FBI has launched an online portal, called iGuardian, in an effort to make it easier for companies and critical infrastructure to report cyberattack data to the federal agency. The FBI compares the platform to the eGuardian portal that law enforcement agencies use to report potential terrorism-related threats and information.

“We did not have a structured way that we were collecting the information from companies that had been hacked,” Richard McFeely, executive assistant director for the FBI’s Criminal, Cyber, Response and Services Branch, said at the AFCEA Global Intelligence Forum, Federal Times reported. “We did not have, really, a form that we could share with companies to make sure we were getting all the information that we needed.”

Currently available to the more than 55,000 members of InfraGard, an FBI-sponsored program that builds relationships between government and industry, the portal collects information on computer intrusions like malware infections and denial-of-service attacks. “Within minutes of submitting the form, agents and analysts will be able to quickly triage the submissions, notify previously unknown intrusion victims and assign leads as appropriate to field offices for further investigation,” according to the FBI.

In the future, InfraGard members will be able to send the FBI malware, and additional upgrades will allow industry representatives to submit information about threats and hazards including theft of trade secrets and potential terrorism-related matters. McFeely said iGuardian’s success with InfraGard members will determine if the FBI makes the portal available to other companies.

Launched last week, the portal builds on InfraGard’s mission of creating and enhancing information sharing between government and industry.

"One of the problems in the security industry has always been, 'Who do I notify?'" Shane Shook, chief knowledge officer and global vice president of consulting with Cylance, told NetworkWorld. "Do I notify local police? Local federal law enforcement? National federal law enforcement? Just the fact that they're providing a one-stop, information submission is actually very valuable to these customers.”

Platforms & Programs