A sort of sister set of codes to
FPCON, INFOCON is the
Information Operations Condition level system. The
military characterizes INFOCON as "a comprehensive
defense posture and response system based on the status of
information systems, military operations, and
intelligence assessments of adversary capabilities and intent The INFOCON system presents a structured, coordinated approach to defend against a computer
network attack."
As with FPCON, there are five levels of security:
INFOCON NORMAL is established if there is no significant threat of
terrorist activity against defense computer networks. All points of access and their operational necessity are identified, as is operational importance of all information and information systems. An effective
password management system is established, normal auditing takes place, and training proceeds as scheduled.
INFOCON ALPHA indicates an increased risk of attack. This results in increased intelligence watch and heightened security measures. All
Department of Defense computer
end users are responsible for keeping their systems secure, and should use caution when accepting information from unknown sources. Use of the Internet is limited to official government business, and access to certain sites may be restricted. End users are also instructed to back up critical files to
removable media. System administrators review audit logs of servers for unusual or malicious activity.
INFOCON BRAVO is established when there is
specific risk of attack. The
Computer Network Defense system is set to increased readiness, and an immediate internal security review is performed on critical systems. Unclassified dial-up connections are disconnected.
INFOCON CHARLIE is used when a limited attack has taken place, but the CND system is not put to full readiness.
Mission critical communications are routed through unaffected systems, and non-critical networks may be disconnected. Alternative modes of communication may be used, and access points will be limited.
INFOCON DELTA is used for general attacks, and the CND system is at maximum readiness. Applicable portions of the
Continuation of Operations Plan are enacted, and procedures are executed for
graceful degradation of information systems. Compromised systems are isolated from the rest of the network.
Post-
9/11, many Department of Defense facilities operate at INFOCON ALPHA on a regular basis.
Sources
http://today.dla.mil/infocon.htm
https://spot.hpcmo.hpc.mil/hpc/docs/Htdocs/DREN/INFOCON/infocon_mode.html