CBSN

Feds Form Anti-Terror E-Posse

Internet, Listening, Phone Bug, Bugging, Tapping, Computer, Screen
CBS
Power plants, bridges and buildings aren't the only things vital to national security — computer networks also are crucial. And the FBI can't keep an eye on everything.

So a unique partnership called the Infragard program has developed between the FBI and 8,300 companies to share information about both cyber and physical threats.

On Monday, experts from around the country were expected to gather for the program's first national conference in Washington, D.C. Some 1,500 people were expected to attend the three-day meetings.

"It's going to be a whole new business growth area," said Paul Bracken, an information technology and security expert at the Yale School of Management.

The program, started in 1996, was growing slowly but steadily until the terrorist attacks of Sept. 11, 2001, made security the top priority for the FBI.

"When Wall Street was shut down, banking was hit very hard, transportation was hit very hard — they're all part of the infrastructure we're trying to shore up and protect," said Brett Hovington, the FBI's national coordinator of the Infragard program.

"Our economy is still feeling the impact of that," Hovington said.

Unlike World War II, the FBI also must protect the computer networks and telecommunications systems that make up the nation's modern electronic infrastructure, in addition to bridges, roads, buildings and dams.

"I've been preaching that message for a long time — you can't have one without the other," Hovington said.

Banks and brokerages, in particular, are vulnerable and need to take new steps to protect the financial system from computer hackers, electronic thieves and terrorists, Bracken said.

Dave Gulosh, a security manager in Oregon, said Infragard allows government agencies and private companies to share confidential information they would not have shared in the past.

"A lot of companies and agencies are not going to get that information unless you have something like Infragard," Gulosh said. "I think with Infragard the walls are coming down."

Hovington, the program's national coordinator, says the program allows the FBI to detect patterns that could alert the agency to a terrorist threat.

For example, an e-mail to a power plant manager from a worker who notices something minor but unusual in Oregon may be significant when compared to a similar e-mail to another plant manager in Florida or another state — messages that would never have been shared or compared in the past, he said.

"They're our eyes and ears," Hovington said. "Because once we start putting all the pieces together, we can see if this sort of activity is taking place across the country."

Cetin Koc, an Oregon State University electrical and computer engineering professor, said major computer networks are relatively secure but are only as strong as their weakest link — some could possibly be controlled or disrupted with devices as simple as a personal digital assistant, the handheld minicomputers that are increasingly popular.

"I don't really care who the attacker is — it could be a terrorist, it could be a 15-year-old kid," Koc said.

The FBI and companies emphasize that the Infragard program is voluntary and they do not share information such as confidential personnel records protected by privacy laws.

But the American Civil Liberties Union is concerned the program could trample on constitutional rights to block a threat.

"We haven't seen any evidence so far of any deprivation of civil liberties through this program," said Barry Steinhardt, the ACLU's technology director. "But there is the potential that this will allow companies to engage in a form of high-tech vigilantism."

Another government effort to detect patterns in personal electronic activity, the Pentagon's nascent Terrorism Information Awareness program, came under fierce criticism by privacy advocates earlier this year.

Congress placed restrictions on the development of the program, which was originally known as the Total Information Awareness program.

Some privacy groups also take issue with the CAPPS II system. The Computer Assisted Passenger Pre-Screening Program is a method of collecting data to determine if certain air passengers pose terrorist threats.