- Information Operations Condition
Information Operations Condition (INFOCON) is a threat level system in the
United Statessimilar to that of FPCON. INFOCON is a defense system based primarily on the status of information systems and is a method used by the militaryto defend against a computer networkattack.
Descriptions of INFOCONs
There are five levels of INFOCON, which recently changed to more closely correlate to
DEFCONlevels. They are:
*INFOCON 5 describes a situation where there is no apparent hostile activity against computer networks. Operational performance of all information systems is monitored, and password systems are used as a layer of protection.
*INFOCON 4 describes an increased risk of attack. Increased monitoring of all network activities is mandated, and all Department of Defense
end users must make sure their systems are secure. Internetusage may be restricted to government sites only, and backing up files to removable mediais ideal.
*INFOCON 3 describes when a risk has been identified. Security review on important systems is a priority, and the
Computer Network Defensesystem's alertness is increased. All unclassified dial-upconnections are disconnected.
*INFOCON 2 describes when an attack has taken place but the Computer Network Defense system is not at its highest alertness. Non-essential networks may be taken offline, and alternate methods of communication may be implemented.
*INFOCON 1 describes when attacks are taking place and the Computer Network Defense system is at maximum alertness. Any compromised systems are isolated from the rest of the network.
imilar concepts in private-sector computing
computer science, ThreatCon is a system used by computer securitycompany Symantecin order to assess how dangerous a software or networking exploit is to the global internet and communications network. There are four levels of ThreatCon in this manner:
*Level 1/4 describes a situation where there are no threats of malicious coding or exploits that can affect the global network. The only precautions needed are basic security systems that can detect and remove simple bugs that are of no serious threat.
*Level 2/4 describes a situation where an exploit of moderate concern is apparent and exposed systems may be vulnerable. Updating security software with new virus definitions is a priority.
*Level 3/4 describes a situation where a known threat is either imminent or starting to affect the global network. Updating virus definitions and rules is a must, and increased monitoring is necessary as well, as well as reconfiguring security and firewall settings.
*Level 4/4 describes a situation where a known threat in the form of malicious coding or an exploit is currently underway and is heavily affecting the global network. Taking measures against a threat of this level will most likely affect and cause hardships for the global computing infrastructure.
author = Strategic Command Directive (SD) 527-1
title = Department of Defense (DOD) Information Operations Condition (INFOCON) System Procedures
publisher = Space and Naval Warfare (SPAWAR) Systems Center Charleston | date = 2006-01-27
url = https://infosec.navy.mil/pub/docs/documents/dod/dodd/stratcom_d527-011_infocon_20060127.pdf
format = PDF | accessdate=2006-11-23
Wikimedia Foundation. 2010.