Infrastructure Protection Center (NIPC), United States National

views updated

Infrastructure Protection Center (NIPC), United States National

Formerly a unit of the Federal Bureau of Investigation (FBI), the National Infrastructure Protection Center (NIPC) moved to the Department of Homeland Security (DHS) when the latter began its functions in March 2003. NIPC is charged with assessing threats to critical infrastructure—particularly computer systems—and providing warnings concerning threats and vulnerabilities. It also conducts investigations and provides a response to computer attacks.

NIPC's mission. Although infrastructure, or critical infrastructure, includes vital systems ranging from roads to banking, the tasks of NIPC are directed toward those computer and information systems that provide much of the control mechanism over other components of the national infrastructure. The mission of NIPC is manifold, though its many components all relate in some way to computers. The NIPC is tasked with detecting, averting, assessing, warning against, responding to, and investigating unlawful acts that target or threaten critical infrastructures in general, and computer and information technologies in particular. It manages investigations of computer intrusion, and supports the response of law enforcement to cyber crimes and computer intrusion.

When incidents of intrusion go beyond the level of crime to that of terrorism or acts of warfare, NIPC works with counterintelligence, counterterrorism, and national security authorities in responding to attacks on interests of the United States. It also coordinates the training of computer investigators and other protectors of infrastructure both in the public and private sectors.

NIPC at work. An example of NIPC at work occurred in May 2000, when the "Love Bug" computer worm (a virus-like program) propagated itself across world computer networks. Within 24 hours, investigators at the New York FBI field office, assisted by NIPC, tracked the virus to Onel de Guzman in the Philippines. Due to the lack of cyber crime statutes in the Philippines, Guzman was not charged, but the incident led to Philippine approval of the international E-Commerce Act, which provides for criminal prosecution of cyber crimes. NIPC has conducted a number of other major investigations against cyber criminals.

The NIPC issues three levels of infrastructure warnings: assessments, which provide general information about non-specific threats; advisories, which address particular dangers that call for preparedness or a change in posture; and alerts, which warn of major and specific threats. In September 2002, for instance, it issued an assessment warning against possible "hacktivism" (the use of computer hacking in the service of political activism) connected with upcoming meetings of the International Monetary Fund and World Bank. As of February 2003, NIPC advisory addressed the dangers of global hacking associated with escalating tensions between the United States and Iraq. In August, 2002, NIPC issued an alert based on "credible but nonspecific information" concerning possible cyber attacks originating from Europe. That no problems were reported may be evidence that there was no actual threat—or that NIPC was successful in its job.

█ FURTHER READING:

BOOKS:

Improving Our Ability to Fight Cybercrime: Oversight of the National Infrastructure Protection Center: Hearing Before the Subcommittee on Technology, Terrorism, and Government Information of the Committee on the Judiciary, United States Senate, One Hundred Seventh Congress, First Session, July 25, 2001. Washington, D.C.: U.S. Government Printing Office, 2002.

National Infrastructure Protection Center (NIPC): A Public-Private Partnership to Protect America's Critical Infrastructures. Washington, D.C.: U.S. Department of Justice, 2002.