Inside ‘Project Indigo,’ the quiet info-sharing program between banks and U.S. Cyber Command

A secret information sharing agreement between the Financial Services Information Sharing and Analysis Center (FS-ISAC) and U.S. Cyber Command reveals the blurring line between the country’s public and private sectors as the U.S. government becomes increasingly receptive to launching offensive hacking operations. The pilot program, codenamed “Project Indigo,” recently established a confidential information sharing channel for a subunit of FS-ISAC known as the Financial Systemic Analysis & Resilience Center (FSARC). That subunit shares “scrubbed” cyberthreat data, including malware indicators, with the Fort Meade-based Cyber Command, according to current and former U.S. officials. Project Indigo also provides data to the Department of Homeland Security and U.S. Treasury. However, those agencies were already getting data from the banks, which is narrowly leveraged for defensive measures. The broad purpose of Project Indigo is to help inform U.S. Cyber Command about nation-state hacking aimed at banks. In practice, this intelligence is independently evaluated and, if appropriate, […]

The post Inside ‘Project Indigo,’ the quiet info-sharing program between banks and U.S. Cyber Command appeared first on Cyberscoop.

Continue reading Inside ‘Project Indigo,’ the quiet info-sharing program between banks and U.S. Cyber Command

FBI warns InfraGard members of ‘malicious,’ copy cat website

The FBI has warned members of its InfraGard program that a website is mimicking its genuine Infragard.org property, requesting login credentials for the bureau’s information sharing platform. “Please be aware www.InfraGard.com is not associated with the InfraGard Program. This site is maliciously collecting information that is entered. You are strongly advised not to visit this site or enter any personal/account information,” an alert sent Friday to InfraGard members reads. The FBI’s threat sharing website has been domain squatted pic.twitter.com/7bVSmPzNIW — Sean Cassidy (@sean_a_cassidy) March 25, 2017 When it was still up and running, the InfraGard.com website offered duplicate forms for new applicants to input sensitive information, including social security numbers. If a user tried logging into the fake site, it would redirect them to the real site’s error page. InfraGard.com was most recently taken down on March 24. The fake site (left) looks pretty close to the real site (right). Easily will fool […]

The post FBI warns InfraGard members of ‘malicious,’ copy cat website appeared first on Cyberscoop.

Continue reading FBI warns InfraGard members of ‘malicious,’ copy cat website