Introduction
Information operations condition (INFOCON) is a threat level system in the United States similar to that of FPCON.
It is a defence system based primarily on the status of information systems and is a method used by the military to defend against a computer network attack.
Other Systems
Should not be confused with similar systems used by the US military, such as:
- Alert Condition (LERTCON).
- Emergency Condition (EMERGCON).
- Defence Readiness Condition (DEFCON).
- Force Protection Condition (FPCON), previously THREATCON.
- Readiness Condition (REDCON).
- Information Operations Condition (INFOCON), and its future replacement Cyber Operations Condition (CYBERCON).
- Watch Condition (WATCHCON), or the former Homeland Security Advisory System used by the United States Department of Homeland Security.
- Hurricane Condition (HURCON), a military developed scale.
Levels
There are five levels of INFOCON, which recently changed to more closely correlate to DEFCON levels.
Level | Description |
---|---|
INFOCON 5 | Describes a situation where there is no apparent hostile activity against computer networks. Operational performance of all information systems is monitored, and password systems are used as a layer of protection. |
INFOCON 4 | Describes an increased risk of attack. Increased monitoring of all network activities is mandated, and all Department of Defence end users must make sure their systems are secure. Internet usage may be restricted to government sites only, and backing up files to removable media is ideal. |
INFOCON 3 | Describes when a risk has been identified. Security review on important systems is a priority, and the Computer Network Defence system’s alertness is increased. All unclassified dial-up connections are disconnected. |
INFOCON 2 | Describes when an attack has taken place but the Computer Network Defence system is not at its highest alertness. Non-essential networks may be taken offline, and alternate methods of communication may be implemented. |
INFOCON 1 | Describes when attacks are taking place and the Computer Network Defence system is at maximum alertness. Any compromised systems are isolated from the rest of the network. Similar concepts in private-sector computing. |
Similar Concepts in Private-Sector Computing
ThreatCon (Symantec)
Symantec’s ThreatCon service no longer exists as Broadcom acquired Symantec.
In Popular Culture
In the 2014 TV Series Crisis, the US government goes to INFOCON 2 when Francis Gibson has a massive cyber attack initiated upon the United States, nearly bringing it to war with China.