Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Ughh. FBI’s Vetted Threat Sharing Network ‘InfraGard’ Hacked

    Stu Sjouwerman | Dec 14, 2022

    Welcome-to-InfragardInvestigative reporter Brian Krebs reported December 13, 2022 that "InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself."

    Here is another extract from Krebs 

    "On Dec. 10, 2022, the relatively new cybercrime forum Breached featured a bombshell new sales thread: The user database for InfraGard, including names and contact information for tens of thousands of InfraGard members.

    The FBI’s InfraGard program is supposed to be a vetted Who’s Who of key people in private sector roles involving both cyber and physical security at companies that manage most of the nation’s critical infrastructures — including drinking water and power utilities, communications and financial services firms, transportation and manufacturing companies, healthcare providers, and nuclear energy firms.

    “InfraGard connects critical infrastructure owners, operators, and stakeholders with the FBI to provide education, networking, and information-sharing on security threats and risks,” the FBI’s InfraGard fact sheet reads.

    In response to information shared by KrebsOnSecurity, the FBI said it is aware of a potential false account associated with the InfraGard Portal and that it is actively looking into the matter.

    “This is an ongoing situation, and we are not able to provide any additional information at this time,” the FBI said in a written statement.

    KrebsOnSecurity contacted the seller of the InfraGard database, a Breached forum member who uses the handle “USDoD” and whose avatar is the seal of the U.S. Department of Defense."

    READ THE WHOLE STORY AT KREBS:

    https://krebsonsecurity.com/2022/12/fbis-vetted-info-sharing-network-infragard-hacked/

    Topics: Cybersecurity

    Get Your Customized Automated Security Awareness Program, ASAP!

    Many IT pros don’t exactly know where to start when it comes to creating a security awareness program that will work for their organization.

    We’ve taken away all the guesswork with our Automated Security Awareness Program (ASAP).

    ASAP is a revolutionary tool for IT professionals, which allows you to create a customized Security Awareness Program for your organization that will show you all the steps needed to create a fully mature training program in just a few minutes!

    asap-monitor-1Here's how it works:

    • Answer seven questions about your organization’s goals, compliance needs, and culture
    • ASAP recommends suggested training content based on your answers
    • See a detailed calendar with a customized task lisk to get your program started
    • Easily export detailed and executive summary PDF versions of your program
    • Get a fully mature awareness program ready in 5 minutes

    Get Started Now

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All