Information Operations Condition
Encyclopedia

Descriptions of INFOCONs

INFOCON (short for Information Operations Condition) is a threat level system in the United States similar to that of FPCON. It is a defense system based primarily on the status of information systems and is a method used by the military to defend against a computer network attack.

There are five levels of INFOCON, which recently changed to more closely correlate to DEFCON
DEFCON
A defense readiness condition is an alert posture used by the United States Armed Forces. The DEFCON system was developed by the Joint Chiefs of Staff and unified and specified combatant commands. It prescribes five graduated levels of readiness for the U.S...

 levels. They are:
  • INFOCON 5 describes a situation where there is no apparent hostile activity against computer networks. Operational performance of all information systems is monitored, and password systems are used as a layer of protection.

  • INFOCON 4 describes an increased risk of attack. Increased monitoring of all network activities is mandated, and all Department of Defense
    United States Department of Defense
    The United States Department of Defense is the U.S...

     end users must make sure their systems are secure. Internet
    Internet
    The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...

     usage may be restricted to government sites only, and backing up files to removable media
    Removable media
    In computer storage, removable media refers to storage media which is designed to be removed from the computer without powering the computer off.Some types of removable media are designed to be read by removable readers and drives...

     is ideal.

  • INFOCON 3 describes when a risk has been identified. Security review on important systems is a priority, and the Computer Network Defense system's alertness is increased. All unclassified dial-up connections are disconnected.

  • INFOCON 2 describes when an attack has taken place but the Computer Network Defense system is not at its highest alertness. Non-essential networks may be taken offline, and alternate methods of communication may be implemented.

  • INFOCON 1 describes when attacks are taking place and the Computer Network Defense system is at maximum alertness. Any compromised systems are isolated from the rest of the network.

ThreatCon (Symantec)

In computer science
Computer science
Computer science or computing science is the study of the theoretical foundations of information and computation and of practical techniques for their implementation and application in computer systems...

, ThreatCon is a system used by computer security
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...

 company Symantec
Symantec
Symantec Corporation is the largest maker of security software for computers. The company is headquartered in Mountain View, California, and is a Fortune 500 company and a member of the S&P 500 stock market index.-History:...

 in order to assess how dangerous a software or networking exploit is to the global internet and communications network. There are four levels of ThreatCon in this manner:
  • Level 1/4 describes a situation where there are no threats of malicious coding or exploits that can affect the global network. The only precautions needed are basic security systems that can detect and remove simple bugs that are of no serious threat.

  • Level 2/4 describes a situation where an exploit of moderate concern is apparent and exposed systems may be vulnerable. Updating security software with new virus definitions is a priority.

  • Level 3/4 describes a situation where a known threat is either imminent or starting to affect the global network. Updating virus definitions and rules is a must, and increased monitoring is necessary as well, as well as reconfiguring security and firewall settings.

  • Level 4/4 describes a situation where a known threat in the form of malicious coding or an exploit is currently underway and is heavily affecting the global network. Taking measures against a threat of this level will most likely affect and cause hardships for the global computing infrastructure.

See also

  • Alert state
    Alert state
    An alert state is an indication of the state of readiness of the armed forces for military action or a State against terrorism or military attack.Examples are the DEFCON levels of the US armed forces, and the British government's UK Threat Levels....

  • Attack (computer)
    Attack (computer)
    In computer and computer networks an attack is any attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset.- IETF :Internet Engineering Task Force defines attack in RFC 2828 as:...

  • LERTCON
    LERTCON
    In United States military doctrine, LERTCON is an abbreviation of Alert Condition, and is a measure of the level of action and readiness to be taken in a given situation. There are specific procedures laid out for responses to changes in LERTCON...

  • DEFCON
    DEFCON
    A defense readiness condition is an alert posture used by the United States Armed Forces. The DEFCON system was developed by the Joint Chiefs of Staff and unified and specified combatant commands. It prescribes five graduated levels of readiness for the U.S...

  • EMERGCON
    EMERGCON
    EMERGCON is a state of readiness that is separate from DEFCON, or defense readiness condition used by the United States, in that it incorporates civilian measures in addition to the DEFCON military measures....

  • FPCON (THREATCON)
  • Threat (computer)
    Threat (computer)
    In Computer security a threat is a possible danger that might exploit a vulnerability to breach security and thus cause possible harm.A threat can be either "intentional" or "accidental" In Computer security a threat is a possible danger that might exploit a vulnerability to breach security and...

  • WATCHCON
    WATCHCON
    WATCHCON is an alert state system used by and coordinated between the South Korean armed forces and United States Department of Defense to measure reconnaissance posture, utilized often in matters concerning North Korea....

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK