Threats to information security in Russia. Information security doctrine of the Russian Federation II

It should be noted that, although the information security problems generated by informatization are global, for Russia they acquire special significance in connection with its geopolitical and economic position.

In the Doctrine of Information Security of the Russian Federation, approved by the President of the Russian Federation on September 9, 2000, threats to the information security of the country, according to their general orientation, are divided into threats:

* constitutional rights and freedoms of man and citizen in the field of information activities;

* the spiritual life of society;

Information Security

* information infrastructure;

* information resources.

Threats to constitutional human and civil rights and freedoms in the field of information security can be:

* the adoption by public authorities of regulatory legal acts that infringe on the constitutional rights and freedoms of citizens in the field of information activities;

* creation of monopolies on the formation, receipt and distribution of information in the Russian Federation, including using telecommunication systems;

* opposition, including from criminal structures, to the exercise by citizens of their constitutional rights to personal and family secrets, secrecy of correspondence, telephone conversations and other messages, as well as ineffective application of the existing regulatory framework in this area;

* irrational, excessive restriction of access to socially necessary information;

* violation of constitutional rights and freedoms of man and citizen in the field of mass media;

* non-compliance by state authorities, organizations and citizens with the requirements of the legislation of the Russian Federation regulating relations in the information sphere.

Threats to the spiritual life of society can be:

* the use of means of influencing the mass consciousness of citizens;

* disorganization and destruction of the system of accumulation and preservation of cultural values, including archives;

* restriction of citizens' access to open state information resources of state authorities, other socially significant information;

* decline in the spiritual, moral and creative potential of Russia;

* manipulation of information (disinformation, concealment or distortion of information).

Threats to information infrastructure may be:

* violation of targeting and timeliness of information exchange, illegal collection and use of information;

* violation of information processing technology;

* introduction into hardware and software products of components that implement functions not provided for in the documentation for these products;

* development and distribution of programs that disrupt the normal functioning of information and information and telecommunication systems, including information security systems;

* destruction, damage, electronic suppression or destruction of means and systems of information processing, telecommunications and communications;

* theft of software or hardware keys and means of cryptographic information protection;

* interception of information in technical channels, its leakage arising from the operation of technical means of processing and storage, as well as during the transfer of information through communication channels;

* introduction of electronic devices for intercepting information in technical means of processing, storing and transmitting information through communication channels, as well as in the office premises of government bodies and organizations;

* destruction, damage, destruction or theft of machine and other media;

* interception, decryption and imposition of false information in data transmission networks, communication lines and mass media systems;

* impact on the password-key protection systems of automated systems for processing and transmitting information;

* purchase abroad of information technologies, informatization means, telecommunications and communications, which have domestic counterparts that are not inferior in their characteristics to foreign models.

Threats to information resources can be:

* activity of space, air, sea and ground technical means of reconnaissance of foreign states;

* implementation of unauthorized access to information resources and their illegal use;

* theft of information resources from libraries, archives, banks and databases;

* violation of legal restrictions on the distribution of information resources.

In his Address on National Security (June 13, 1996), the President of the Russian Federation determined the main threats to Russia in the information sphere in the following way:

* internal - the country's lag behind the leading countries in terms of the level and pace of informatization, the lack of a clearly formulated information policy;

* external - attempts to prevent Russia from participating on equal terms in international information exchange, interference and targeted penetration into the activities and development of the information infrastructure of the Russian Federation, the desire to reduce the use of the Russian language as an international means of communication and, through this, the narrowing of the Russian information space.

These and other internal and external threats by methods of exposure(realizations) are divided into informational, software-mathematical, physical and organizational.

Information Threats are implemented through unauthorized access to information resources and their theft for the purpose of illegal use, negative manipulation of information (disinformation, distortion of information, its concealment), violation of information processing technology, etc.

Mathematical threats are implemented by introducing components into hardware and software systems that perform functions that are not described in the documentation for these systems and reduce the efficiency of their operation, the development and distribution of programs (viruses, Trojan horses, etc.) that disrupt the normal functioning of systems, including information security systems.

Physical threats associated with physical impact (destruction, damage, theft) on information systems and their elements, signal interception of information in transmission channels or in office premises, etc.

TO organizational threats first of all, the weak legal framework for ensuring information security should be attributed. There is practically no legal support for information security at the regional level. The requirements of existing legislative acts (the Constitution of the Russian Federation, the laws of the Russian Federation "On Security", "On State Secrets", "On Information, Informatization and Protection of Information", etc.) are not always met. The shortcomings of the legal system lead to the fact that a significant amount of information with limited access in the financial exchange, tax, customs, foreign economic, housing and other spheres in the form of specific databases is distributed by various commercial firms.

IN information space from the point of view of information security, the most typical there are two dangers:

1) control (extraction) of information resources of the state, that is, in fact, information intelligence (espionage). The information space has been and remains the sphere of activity of numerous intelligence services. Today, information intelligence can be implemented in two ways: unauthorized entry into information and control systems; legally, due to the active participation of foreign firms in the creation of the information structure of Russia. At the same time, in addition to the negative consequences associated with the fact that the country's information resources are under the control of the relevant foreign structures, direct damage is inflicted on the economy - domestic science and production are left without their own orders;

2) the threat of destruction or disorganization of information resources of elements of state structures. With the current level of development of information technology, such impacts can be carried out even in peacetime. They are fraught with the destruction of valuable information for the state, its distortion or the introduction of negative information in order to disorganize or make wrong decisions at the appropriate level of government.

A special place is occupied by security of computer networks, which allow to combine and share a large amount of information resources of local and global scale. Computer networks are becoming one of the main means of information communication. At the same time, their enormous capabilities come into conflict with the problem of ensuring the protection of information. This circumstance must be taken into account when creating and developing both local and global computer networks. Thus, in the process of creating the Internet in the United States in January 1981, the Center for Computer Security of the Ministry of Defense was created, in 1985 it was transformed into the National Center for Computer Security and transferred to the National Security Agency.

Analysis of the above threats, forms and methods of their impact on security objects in the information sphere, as well as methods and means of combating these threats allows us to assert that at present, in the theory and practice of information security, two directions are already beginning to crystallize, which can be determined (although rather tentatively) as information and psychological security and information protection.

Information and psychological security - the state of protection of citizens, individual groups and social strata of society, mass associations of people, the population as a whole from negative information and psychological influences carried out in the information space (more on this later).

Protection of information - ensuring information security (countering threats to information infrastructure and information resources).

Currently, the most actively developed problems of information protection: organizational, legal, technical and technological measures to prevent and reflect threats to information resources and systems, eliminate their consequences. The theory of information security is being formed, methods and means of information security are being created and actively used in practice, specialists are being trained in a number of specialties and specializations, such as information security technology, comprehensive information security of automated systems, information security and protection, etc.

threats to the constitutional rights and freedoms of man and citizen in the field of spiritual life and information activities, individual, group and public consciousness, the spiritual revival of Russia: the adoption by federal government bodies, government bodies of the constituent entities of the Russian Federation of regulatory legal acts that infringe on the constitutional rights and freedoms of citizens in areas of spiritual life and informational activity; creation of monopolies on the formation, receipt and distribution of information in the Russian Federation, including using telecommunication systems; opposition, including from criminal structures, to the exercise by citizens of their constitutional rights to personal and family secrets, secrecy of correspondence, telephone conversations and other messages; irrational, excessive restriction of access to socially necessary information; illegal use of special means of influencing individual, group and public consciousness; non-fulfillment by federal government bodies, government bodies of the constituent entities of the Russian Federation, local government bodies, organizations and citizens of the requirements of federal legislation regulating relations in the information sphere; unlawful restriction of citizens' access to open information resources of federal government bodies, government bodies of the constituent entities of the Russian Federation, local government bodies, to open archival materials, to other open socially significant information; disorganization and destruction of the system of accumulation and preservation of cultural property, including archives; violation of constitutional human and civil rights and freedoms in the field of mass media; ousting Russian news agencies and mass media from the domestic information market and increasing dependence of the spiritual, economic and political spheres of public life in Russia on foreign information structures; devaluation of spiritual values, propaganda of models of mass culture based on the cult of violence, on spiritual and moral values ​​that contradict the values ​​accepted in Russian society; a decrease in the spiritual, moral and creative potential of the Russian population, which will significantly complicate the preparation of labor resources for the introduction and use of the latest technologies, including information; manipulation of information disinformation, concealment or distortion of information.



threats to information support of the state policy of the Russian Federation: monopolization of the information market in Russia, its individual sectors by domestic and foreign information structures; blocking the activities of state media to inform Russian and foreign audiences; low efficiency of information support of the state policy of the Russian Federation due to a shortage of qualified personnel, the absence of a system for the formation and implementation of state information policy. threats to the development of the domestic information industry, including the industry of informatization, telecommunications and communications, meeting the needs of the domestic market for its products and the entry of these products to the world market, as well as ensuring the accumulation, safety and effective use of domestic information resources: opposition to the access of the Russian Federation to the latest information technologies , mutually beneficial and equal participation of Russian manufacturers in the global division of labor in the information services industry, information technology, telecommunications and communications, information products, as well as creating conditions for strengthening Russia's technological dependence in the field of modern information technologies; procurement by public authorities of imported means of informatization, telecommunications and communications in the presence of domestic analogues that are not inferior in their characteristics to foreign models; ousting from the domestic market of Russian manufacturers of information technology, telecommunications and communications; an increase in the outflow of specialists and intellectual property owners abroad. threats to the security of information and telecommunications facilities and systems, both already deployed and created on the territory of Russia: illegal collection and use of information; violation of information processing technology; introduction into hardware and software products of components that implement functions that are not provided for by the documentation for these products; development and distribution of programs that disrupt the normal functioning of information and information and telecommunication systems, including information security systems; destruction, damage, electronic suppression or destruction of means and systems of information processing, telecommunications and communications; impact on the password-key protection systems of automated systems for processing and transmitting information; compromise of keys and means of cryptographic protection of information; information leakage through technical channels; the introduction of electronic devices for intercepting information in technical means of processing, storing and transmitting information through communication channels, as well as in the office premises of state authorities, enterprises, institutions and organizations, regardless of the form of ownership; destruction, damage, destruction or theft of machine and other media; interception of information in data transmission networks and on communication lines, decryption of this information and imposition of false information; the use of non-certified domestic and foreign information technologies, information security means, informatization means, telecommunications and communications in the creation and development of the Russian information infrastructure; unauthorized access to information in banks and databases; violation of legal restrictions on the dissemination of information.



The forecast of information threats to our country does not give grounds for optimism. First of all, we are talking about incessant attempts to revise Soviet and European history, especially in the twentieth century. These actions in relation to national history are undoubtedly elements of an information war. For example, it is regrettable that the decisive battles of the Second World War - the Battle of Stalingrad, the Battle of the Kursk Bulge - are practically not reflected in Western history textbooks. The largest battle in Western historiography is the battle of El Alamein in Africa. This distortion of history is far from harmless. Attempts to belittle the role of our country in the defeat of fascism undermine the image of Russia as a great victorious power, as a founding country of the UN. In such a situation, we have no choice but to intensify and increase the production of our information sources: books, films, Internet products - with content that is beneficial to us, which more objectively assess the role of our country in world history. These projects should be financed by both the state and big business.

Information Security. Lecture course Artyomov A.V.

Question 3. Modern threats to information security in Russia

According to the Security Law under security threat is understood a set of conditions and factors that endanger the vital interests of the individual, society and the state... The concept of national security of the Russian Federation does not define the threat, but names some of them in the information sphere. So, the danger is:

- the desire of a number of countries to dominate the global information space;

- ousting the state from the internal and external information market;

- development by a number of states of the concept of information wars;

- disruption of the normal functioning of information systems;

- violation of the safety of information resources, obtaining unauthorized access to them.

These are the so-called external threats which are due the competitive nature of the development of interstate and international relations... Accordingly, there are internal threats largely related to insufficient implementation of economic, socio-political and other transformations in the field IB. The National Security Concept names them as prerequisites for the emergence of threats. Given these prerequisites, in our opinion, the sources of internal threats include:

- Russia's lag in the field of informatization of government bodies;

- imperfection of the system of organization of state power for the formation and implementation of a unified state policy for information security;

- the criminalization of public relations, the growth of organized crime;

- an increase in the scale of terrorism;

- aggravation of interethnic and complication of external relations.

To neutralize information threats, there is a historically established system of preserving state secrets, which includes the following subsystems:

- a cryptographic network of confidential communications;

- counteraction to foreign technical intelligence services;

- ensuring secrecy at closed state facilities.

Along with the traditional priorities of foreign technical intelligence services, issues of technology, finance, trade, resources, access to which opens up in connection with conversion, the development of international integration processes, and the widespread introduction of computer technologies, are increasingly involved in their sphere of interests. Of the existing information threats, the most relevant are the threats to the economic security of enterprises and firms, determined by unfair competition, economic and industrial espionage. Industrial espionage has always existed.

Industrial espionage represents unauthorized transfer of confidential technology, materials, products, information about them.

Methods and the methods of conducting espionage remain unchanged over many centuries of the development of society and the state. In this case, only the means and forms of its management change. These methods include: bribery, blackmail, the activities of spy ambassadors, interception of messages presented on various media (magnetic media, letters, etc.).

Concerning analysis of the information received , then everything remained unchanged. It is engaged in by a person or a group of people who carry out analytical and synthetic processing of information, including with the use of new information technologies.

The development of technology up to the beginning of the twentieth century. did not affect the means of unauthorized obtaining of information: they drilled holes in the walls and ceilings, used secret passages and translucent mirrors, arranged themselves near keyholes and under windows. The advent of the telegraph and telephone made it possible to use technical means of obtaining information. A huge number of messages began to be intercepted, affecting the conduct of wars and the position on the stock exchange. In 30-40 years. dictaphones, miniature cameras, various radio microphones appeared.

The development of new information technologies made it possible to intercept a huge amount of messages, influencing all spheres of the socio-economic development of society, including the development of industry.

Analysis of the results of research on information threats allows us to assert that one of the main threats to the state security of the Russian Federation is the attempts of Western special services to extract confidential information constituting state, industrial, banking and other types of secrets. Leading Western countries continue to modernize and develop their intelligence services, improve technical intelligence, and build up its capabilities.

Taking into account the considered content of the concept of threat to the state, society and the individual in a broad sense, let us consider the threats that directly affect the processed confidential information. A security threat system represents real or potentially possible actions or conditions leading to theft, distortion, unauthorized access, copying, modification, modification, destruction of confidential information and information about the system itself and, accordingly, to direct material losses.

At the same time, threats to the safety of information are determined by accidental and deliberate destructive and distorting influences of the external environment, the reliability of the functioning of information processing facilities, as well as the deliberate selfish influence of unauthorized users whose purpose is to steal, destroy, destroy, modify and use the processed information. Analysis of the content of the properties of threats allows us to propose the following options for their classification (Fig. 1).

The manifestation of threats is characterized by a number of patterns. First, the illegal seizure of confidential information, its copying, modification, destruction in the interests of intruders, with the aim of causing damage. In addition, unintentional actions of maintenance personnel and users also result in some damage. Secondly, the main ways of implementing threats to information and information security are:

- undercover sources in management and information protection bodies;

- recruitment of officials of governing bodies, organizations, enterprises, etc .;

- interception and unauthorized access to information using technical means of reconnaissance;

- the use of deliberate programmatic and mathematical influence;

- eavesdropping on confidential conversations in office premises, transport and other places of their conduct.

Rice. 1. Classification of security threats

The main factors influencing threats, causing information losses and leading to various types of damage, an increase in losses from illegal actions, are:

- accidents causing failure of equipment and information resources (fires, explosions, accidents, shocks, collisions, falls, exposure to chemical or physical environments);

- breakage of elements of information processing facilities;

- the consequences of natural phenomena (floods, storms, lightning, earthquakes, etc.);

- theft, deliberate damage to material assets;

- accidents and failure of equipment, software, databases;

- errors of accumulation, storage, transmission, use of information;

- errors of perception, reading, interpretation of information content, compliance with the rules, errors as a result of inability, oversight, the presence of interference, failures and distortions of individual elements and signs or messages;

- operating errors: violation of protection, overflow of files, errors of the data management language, errors in the preparation and input of information, errors of the operating system, programming, hardware errors, errors in the interpretation of instructions, skipping operations, etc.;

- conceptual errors of implementation;

- malicious actions in the material sphere;

- talkativeness, disclosure; - losses of a social nature (leaving, dismissal, strike, etc.).

In some cases, informational damage can be estimated depending on the type of loss. It can be:

losses associated with compensation or reimbursement of lost, stolen material assets which include:

The cost of compensation for the compensation of other indirectly lost property;

The cost of repair and restoration work;

The costs of analyzing and researching the causes and magnitude of damage;

Other expenses;

additional expenses on personnel serving technical means of processing confidential information, restoring information, resuming the operation of information systems for collecting, storing, processing, controlling data, including costs:

To support information resources of ICT;

Service personnel not associated with information processing;

Special bonuses, transportation costs, etc .;

operational losses related to damage to banking interests or financial costs, loss of clients, customers requiring additional costs to restore: bank confidence; the size of the profit; lost clientele; income of the organization, etc .;

Loss of funds or damage to property that cannot be restored, which reduces financial opportunities (money, securities, money transfers, etc.);

Costs and losses associated with compensation for moral damage, training, expertise, etc.

Analyzing the quantitative data of losses, it can be concluded that the losses from malicious actions, and especially from economic espionage, are continuously increasing and are the most significant. The conclusions of Western experts show that the leakage of 20% of commercial information in 60 cases out of 100 leads to the bankruptcy of the company.

Summing up the brief analysis of the existing threats to confidential information, we can distinguish two directions of the impact of threats that reduce the security of information.

The first, traditionally developed in the framework of the protection of confidential information, is impact facilitating unauthorized access to this information. The second, which has developed within the framework of a broad understanding of information security problems, is associated with using modern technical and organizational systems, as well as with the participation of people, collectives of people and society as a whole and their exposure to external, negative information influences.

So, it has been theoretically proven, and practice has repeatedly confirmed that the psyche and thinking of a person are subject to external information influences and, with their proper organization, it becomes possible to program human behavior. Moreover, recently, methods and means of computer penetration into the subconscious are being developed in order to exert a deep influence on it. Therefore, the actual problem is not only the protection of information, but also protection from the destructive effects of information that is acquiring an international scale and strategic nature. Due to the change in the concept of the development of strategic weapons, which determines that an armed solution to world problems becomes impossible, the concept of information war ... Now the effectiveness of offensive means of information warfare, information weapons surpasses the effectiveness of information protection systems.

Of interest are the threats of loss of protected information in the course of information processes, the participants of which represent opposite interests. Analysis of these threats revealed a number of their characteristic features. In most cases, the active actions of the parties are quite deliberate and purposeful. These actions include:

- disclosure of confidential information by its owner;

- information leakage through various, mainly technical, channels;

- unauthorized access to confidential information in various ways.

Disclosure of information- This deliberate or careless actions of officials and citizens who, in the prescribed manner, were entrusted with the relevant information on the work, which led to the announcement of the protected information, as well as the transfer of such information through open technical channels... Disclosure is expressed in the message, transfer, provision, transfer, publication, discussion, loss and disclosure by any other means of confidential information to persons and organizations that do not have the right to access protected secrets. Disclosure of information can occur through many channels, including through mail, radio, television, print, etc. Disclosure is possible during business meetings, conversations, when discussing joint work, in contracts, in letters and documents, business meetings and etc. During such events, the partners conduct an intensive exchange of information. It is during communication between them that a "trusting" relationship is established, leading to the disclosure of trade secrets.

Typically, the factors that contribute to the disclosure of confidential information are:

- poor knowledge (or lack of knowledge) of the requirements for the protection of confidential information;

- erroneous actions of personnel due to low production qualifications;

- lack of a system of control over paperwork, preparation of speeches, advertising and publications;

- malicious, deliberate failure to comply with the requirements for the protection of commercial secrets.

Disclosure of confidential information inevitably leads to material and moral damage.

Information leak in general terms can be considered as uncontrolled and illegal exit of confidential information outside the organization or the circle of persons to whom this information was entrusted... At the same time, the nature of the leakage of protected information is characterized by both the circumstances of origin and the reasons, conditions for the occurrence of the leak.

Misappropriation of confidential information due to unsatisfactory personnel management on the part of officials, organizations and departments, the presence of the following circumstances contributes:

- the tendency of employees of the organization to be too talkative - 32%;

- the desire of employees to earn money by any means and at any cost - 24%;

- absence of a security service in the firm - 14%; - the habit of employees sharing information about their work with each other - 12%;

- uncontrolled use of information systems in the company - 10%;

- preconditions for the emergence of conflict situations in the team due to the lack of psychological compatibility of employees, random selection of personnel, lack of work of the leader to rally the team, etc. - 8%.

Also, the leakage of protected information is due to the presence of appropriate conditions related to:

- c emergence of a competitor (an attacker) who is interested in such information and spends certain forces and means to acquire it;

imperfection of the rules for the preservation of trade secrets, as well as violation of these rules , deviation from the rules for handling relevant documents, technical means, product samples and other materials containing confidential information;

- various factors and circumstances that develop in the process of scientific, production, advertising, publishing, information and other activities of the organization and create the preconditions for leaks of information constituting various types of secrets .

Such factors and circumstances may include, for example:

- insufficient knowledge by employees of the rules for protecting the corresponding type of secrecy and lack of understanding of the need for their careful observance;

- Loss of certificates, passes, keys from security rooms, storage rooms, safes (metal cabinets), personal seals - 12%;

- bringing cinema, sound, photo and video recording, radio transmitting, receiving and duplicating and copying equipment for personal use into the territory of the organization without the permission of security officers; failure to report the facts of a possible leak of classified information to the leadership of the unit and the Security Council; removal from the enterprise of secret documents and products without the permission of the head of the organization or the head of the Security Council - 4%;

- incorrect definition of the security stamp of a document (product) - 3%;

- untimely sending of documents for attachment to the case with marks of execution and with the resolution of the head of the unit; leaving open and unopened after the end of the work of the premises (special storage facilities) - 3%;

- leaving secret documents on work tables when leaving the premises, violation of the established procedure for familiarizing seconded persons with secret documents and products, transportation of classified documents and products by personal and public transport and moving with them to places not related to the performance of tasks - 2%;

- incorrect registration of classified documents for printing; non-observance of the procedure for reporting to the Security Council for documents and products held by the contractor upon dismissal, before going on vacation, going on business trips; untimely notification to the personnel department about changes in personal and autobiographical data; negotiating secret issues on unprotected communication lines; performing secret work at home; taking copies of secret documents or making extracts from them without the written permission of the head of the Security Council; transfer and taking of secret documents and items without a receipt - 1% for each case.

The reasons for the illegal seizure of confidential information can be the following circumstances:

use of unapproved technical means processing confidential information

weak control over compliance with information protection rules legal organizational and engineering measures

staff turnover , including those who own information constituting a commercial secret;

violations that do not fall into the field of vision of the administration and the Security Council , - it can be:

Familiarization of persons with confidential documents, products, works that are not included in the scope of their official duties;

Sending confidential documents to addressees, to which they are not related;

Preparation of confidential documents on unaccounted media;

Violation of the procedure for working with confidential documents, products, which does not allow their review by unauthorized persons;

Untimely reporting to the Security Council of data on out-of-service relations with relatives living abroad, with relatives traveling abroad for permanent residence;

Visiting without the permission of the management of the organization of embassies, consulates, foreign private companies and firms;

Establishing radio communication with radio amateurs of foreign countries;

Use of confidential information in unclassified official correspondence, technical assignments, articles, reports and speeches;

Premature publication of scientific and other works that can be regarded at the level of inventions or discoveries, or the publication of which is prohibited in accordance with the established procedure;

Communication orally or in writing to anyone, including relatives, of confidential information, unless it is due to a business need;

Reporting any information about the confidential work carried out when addressing personal issues with complaints, requests and suggestions to federal state authorities, authorities of the constituent entities of the Russian Federation and local governments.

In addition, natural disasters, catastrophes, malfunctions, failures, accidents of technical means and equipment contribute to information leakage.

The ways unauthorized access(NSD) as the problem of confidential information leakage is proposed to be considered from the following positions. The issue of ensuring protection against unauthorized access is associated with the problem of the safety of not only information as a type of intellectual property, but individuals and legal entities, their property property and personal security. It is known that such activity is closely related to the receipt, accumulation, storage, processing and use of various information flows. As soon as the information represents a certain price, the fact that it is received by the attacker brings him a certain income, thereby weakening the capabilities of the competitor. Hence, the main goal of unlawful actions is to obtain information about the composition, status and activities of an object of confidential information to satisfy their information needs for mercenary purposes and to amend the composition of information. Such an action can lead to misinformation in certain areas of activity and be reflected, in particular, on credentials, the results of solving managerial problems.

A more dangerous threat is the destruction of accumulated information arrays in documentary or magnetic form and software products in the environment of an automated data processing system. Destruction - This unlawful action aimed at causing material and informational damage to a competitor by an attacker.

Thus, the considered threats to information, with the exception of the latter, are usually targeted and lead to the receipt of confidential information by the attacker. Analysis of traditional techniques and methods of obtaining confidential information made it possible to identify the most characteristic sources and methods of obtaining it, which in general form describe the actions of subjects of legal relations in the field of information security:

- collection of information contained in the media, including official documents;

- use of information disseminated by employees of competing organizations;

- documents, reports of consultants, financial reports and documents, exhibits and brochures, etc .;

- study of the products of competing and other organizations that are of interest for the relevant types of intelligence, the use of data obtained during conversations with service personnel;

- disguised polls and "fishing" information from employees of the organization at scientific and technical congresses;

- direct observation, carried out covertly;

- conversations about hiring (without the intention of hiring them);

- hiring an employee of a competing firm or organization to obtain the required information;

- bribery of an employee; - eavesdropping of negotiations in office and other premises, interception of telegraph messages, eavesdropping on telephone conversations;

- theft of drawings, documents, etc.

- blackmail and extortion, etc.

The reviewed sources and methods are not exhaustive, but they allow you to group all likely sources of information leak in the following way:

personnel with access to confidential information;

the documents containing this information; - technical means and information processing systems, including the communication lines through which it is transmitted.

Analysis of foreign publications on the sources of information leakage in commercial firms revealed that, despite the high percentage of channels associated with the use of technical intelligence and various technological methods for obtaining information, personnel remains one of the main reasons and one of the sources of confidential information leakage, which confirmed by the approximate following percentages for information leakage channels:

- bribery, blackmail, enticement of employees, the introduction of agents - 43;

- wiretapping of telephone conversations - 5;

- theft of documents - 10;

- penetration into personal computers - 18;

- retrieving information from channels "in the dark" - 24.

To disclose the characteristics of offenses committed in the information sphere, the characteristics of the likely channels of information leakage, which are determined by the availability of appropriate sources of confidential information, are essential. It is advisable to consider such a classification taking into account the fact that the processing of confidential information is carried out in organizations that are complex organizational and technical systems, functioning under conditions of external influences and internal changes of state. At the same time, regardless of the considered impacts on confidential information and its processing system, the emerging channels of information leakage are manifested through such offenses. These channels can be grouped within the three main groups of possible sources of information leakage considered. So, the first group - personnel with access to confidential information, - represents human streams and is the most important group of possible channels of information leakage. In terms of prevalence, the possible channels of information leakage of this group are characterized by the following approximate indicators:

- hiring and dismissing employees of the enterprise - 32%;

- business visits by business travelers - 28%;

- holding meetings on secret issues - 15%;

- conducting secret work in work premises - 15%;

- admission, access and handling of secret (confidential) information - 14%;

- departure of specialists abroad - 10%;

- organization of access and intra-facility regime - 8%;

- undergoing internship by students - 7%;

- visits to international exhibitions - 7%;

- training in refresher courses - 5%;

- preparation of decrees and decisions, orders and other documents - 4%.

Typical violations during the hiring and dismissal of personnel :

- hiring persons without registration of admission in accordance with the established procedure;

- personnel access to confidential information in violation of the established requirements;

- untimely and incomplete familiarization of personnel with the requirements of regulatory legal acts on information security;

- unsatisfactory knowledge of regulatory legal acts;

- dismissal of personnel who are the bearers of confidential information.

Typical violations when visiting enterprises by business travelers :

- admission of business travelers, with the knowledge of the heads of departments, to confidential works and documents without a corresponding permit;

- failure to comply with the requirements of instructions for internal facilities for escorting business travelers who have arrived at the units;

- the absence in the instructions of notes on the information actually issued to representatives of other enterprises;

- reception of business travelers with instructions that do not contain grounds for business travel (number and date of the business agreement, TOR of the joint research and development plan, etc.);

- the degree of confidentiality of materials to which a business traveler is admitted has not been determined.

Violations related to holding office meetings :

- holding meetings without the appropriate permission of the head of the enterprise or his deputies;

- admission to the meeting of persons who are not related to the issues under discussion and whose participation is not caused by official necessity;

- non-observance of the priority of considering issues of a confidential nature;

- non-compliance with the requirements of the internal facility regime during meetings;

- photographing, demonstration of confidential products, films without the consent of the Security Council;

- sound recording of the speeches of the meeting participants on a medium not included in the Security Council;

- sending notebooks (notes) of a secret nature to institutions that are not directly related to this information;

- insufficient knowledge of the workers involved in accepting business travelers of the requirements of the instructions on the procedure for accepting business travelers (this was stated by about 45% of the respondents).

Violations in the conduct of confidential work in work premises consist in the absence of security:

- special means of protecting confidential information, communications, sound recording, sound amplification, intercom and television devices;

- means of production and reproduction of documents;

- fire and security alarm equipment;

- electronic clock systems, electrical equipment and other additional technical means of protection, excluding information leakage due to collateral electromagnetic radiation and interference.

Leakage channels such as access and handling of confidential information , are formed by expanding the circle of persons who have access to documents, products, technical specifications.

Violations in the organization of access and intra-facility regime include:

- Loss of certificates, passes, keys from security rooms, storage rooms, safes (cabinets), personal seals - 12%;

- bringing cinema and photographic equipment, radio transmitting and receiving equipment, as well as duplicating and copying equipment for personal use into the territory of the enterprise without the permission of the Security Council;

- removal of classified documents and products from the enterprise without permission;

- Leaving uncovered and not sealed after the work of the premises (storage facilities).

Leakage channels of confidential information due to improper organization of the technological and pre-diploma practice of students are manifested in the following: students and students of universities and secondary specialized educational institutions, after completing an internship, are not enrolled in a permanent job, where they had an internship and got acquainted with information constituting a state or commercial secret, and other reasons.

Typical violations in solving problems of a sectoral and cross-sectoral nature :

- inclusion of confidential information in open documents in order to simplify the procedure for delivery and approval of documents;

- keeping secret records in personal notebooks, notebooks;

- familiarization with confidential works and information of persons whose duties do not include them;

- sending to addressees confidential documents to which they are not related.

Thus, the analysis of threats to information allows us to clarify its properties that are subject to legal protection. In this case, the content of these properties will be considered taking into account the provisions of the current regulatory enactments.

This text is an introductory fragment. From the author's book

Question 1. The place of information security in the national security system of Russia: concept, structure and content Informatization of the socio-political, economic and military activities of the country and, as a result, the rapid development of information systems

From the author's book

Question 2. The main governing documents regulating information security issues Considering the Concept of National Security of Russia, approved by the Decree of the President of the Russian Federation of 12/17/97 No. 1300 (as amended on 01/10/2000), which reflects the named "Okinawa Charter

From the author's book

Question 2. Threats to confidential information of the organization All information resources of the company are constantly exposed to objective and subjective threats of loss of the medium or value of information. Under the threat or danger of loss of information is understood as a single or

From the author's book

Question 1. Features of information security of banks Since their inception, banks have invariably aroused criminal interest. And this interest was associated not only with the storage of funds in credit institutions, but also with the fact that an important

From the author's book

Question 1. Generalized model of information security processes General models of information security systems and processes are those that allow you to determine (evaluate) the general characteristics of these systems and processes, as opposed to models of local and private,

From the author's book

Question 1. The state of information security issues Currently, information security issues in universities began to take on more and more topical importance. It should be remembered that the problem of computer offenses originated precisely in universities (for example, the Morris virus). By

From the author's book

Question 2. Threats and vulnerabilities KSUZ Under KSUZ refers to a set of workstations and devices that use shared network resources and network services in the interests of educational activities. It should be noted that modern KSUZ are extremely heterogeneous in their

From the author's book

Chapter 2 PROBLEMS AND THREATS TO INFORMATION SECURITY The national security of the Russian Federation essentially depends on ensuring information security, and in the course of technological progress this dependence will increase. Doctrine of information

Sarychev N.V., Melnichenko D.V.

External and internal threats to the information security of Russia

Information security is the protection of the information environment of an individual, society and the state from intentional and unintentional threats and impacts. Ensuring the information security of the Russian Federation is closely interconnected with the solution of the country's internal problems: the problems of ensuring political, economic, military, social and other types of national security. To ensure the external aspect of information security, an important role should be assigned to interaction with information authorities of other countries.

Key words: countering the ideology of terrorism, information sphere, information threats, information security, protection from information and psychological threats.

The information sphere of Russia is characterized by the active development of modern means of information exchange and various types of computer systems. This creates conditions for providing information support to the activities of the management apparatus at all levels and in all branches of government.

At the same time, the weak attention paid to the problems of ensuring information security creates objective conditions for illegal access to classified information, its theft or destruction. A particular danger is the possibility of manipulating various kinds of information to negatively influence the political decision-making process.

In the list of types of threats to information security outlined in the Doctrine, it is worth paying special attention to: - ousting Russian news agencies and mass media from the internal information market and increasing dependence of the spiritual, economic and political spheres of Russian public life on foreign information structures; -manipulation of information (disinformation, concealment or distortion of information).

The main goals of protection against information and psychological threats for Russia are:

1) protection from destructive information and psychological influences of the environment of society, the psyche of the population, social groups of citizens;

2) counteraction to attempts to manipulate the processes of perception of information by the population by political forces hostile to Russia, carried out with the aim of weakening the state's defense capability;

3) defending the national interests, goals and values ​​of Russia in the information space (global, national, regional, sub-regional, CIS countries);

4) constant monitoring of the attitude of Russian society to the most important problems of national security (diagnostics of public opinion, the psychological state of the nation). The leading countries of the world currently have a powerful potential for information warfare (first of all, the United States, China, Israel, France, Great Britain, Germany), which can ensure their achievement of political and economic goals, especially since there are no international legal norms for conducting information warfare.

The Doctrine of Information Security of the Russian Federation identifies the following main sources of internal threats to information security.

Internal sources include: -critical state of domestic industries; - an unfavorable crime situation, accompanied by tendencies for the merging of state and criminal structures in the information sphere, for criminal structures to gain access to confidential information, increase the influence of organized crime on the life of society, reduce the degree of protection of the legitimate interests of citizens, society and the state in the information sphere; -insufficient coordination of the activities of federal bodies of state power, bodies of state power of the constituent entities of the Russian Federation in the formation and implementation of a unified state policy in the field of ensuring the information security of the Russian Federation; -insufficient elaboration of the regulatory legal framework governing relations in the information sphere, as well as insufficient law enforcement practice;

Underdevelopment of civil society institutions and insufficient state control over the development of the information market in Russia; -insufficient financing of measures to ensure the information security of the Russian Federation; -insufficient economic power of the state;

Decrease in the efficiency of the education and training system, insufficient number of qualified personnel in the field of information security; -insufficient activity of federal bodies of state power, bodies of state power of the constituent entities of the Russian Federation in informing society about their activities, in explaining decisions made, in the formation of open state resources and the development of a system of citizens' access to them; - Russia's lag behind the leading countries of the world in terms of informatization of federal government bodies, government bodies of the constituent entities of the Russian Federation and local government bodies,

credit and finance, industry, agriculture, education, health care, services and everyday life of citizens. The following threats to the information security of the Russian Federation pose the greatest danger in the sphere of domestic policy: - violation of the constitutional rights and freedoms of citizens, exercised in the information sphere;

Insufficient legal regulation of relations in the field of the rights of various political forces to use the media to promote their ideas; -dissemination of misinformation about the policy of the Russian Federation, the activities of federal government bodies, events taking place in the country and abroad; - the activities of public associations aimed at forcibly changing the foundations of the constitutional system and violating the integrity of the Russian Federation, inciting social, racial, national and religious enmity, at spreading these ideas in the media. Of the internal threats to the information security of the Russian Federation in the sphere of foreign policy, the most dangerous are: -information and propaganda activities of political forces, public associations, the media and individuals, distorting the strategy and tactics of the foreign policy of the Russian Federation; Of the external threats to the information security of the Russian Federation in the sphere of foreign policy, the greatest danger is presented by: -insufficient awareness of the population about the foreign policy of the Russian Federation. -informational impact of foreign political, economic, military and information structures on the development and implementation of the foreign policy strategy of the Russian Federation; -the spread of misinformation abroad about the foreign policy of the Russian Federation;

Violation of the rights of Russian citizens and legal entities in the information sphere abroad;

Attempts of unauthorized access to information and influence on information resources, information infrastructure of federal executive bodies implementing the foreign policy of the Russian Federation, Russian representations and organizations abroad, representations of the Russian Federation at international organizations. On the basis of the national interests of the Russian Federation in the information sphere, strategic and current tasks of the internal and foreign policy of the state are formed to ensure information security.

There are four main components of the national interests of the Russian Federation in the information sphere.

The first component of the national interests of the Russian Federation in the information sphere includes the observance of the constitutional rights and freedoms of man and citizen in the field of obtaining information and using it, ensuring the spiritual renewal of Russia, preserving and strengthening the moral values ​​of society, the traditions of patriotism and humanism, the cultural and scientific potential of the country.

The second component of the national interests of the Russian Federation in the information sphere includes information support of the state policy of the Russian Federation, associated with bringing to the Russian and international community reliable information about the state policy of the Russian Federation, its official position on socially significant events in Russian and international life, with ensuring citizens' access to open state information resources.

The third component of the national interests of the Russian Federation in the information sphere includes the development of modern information technologies, the domestic information industry, including the industry of information technology, telecommunications and communications, ensuring the needs of the domestic market with its products and the entry of these products into the world market, as well as ensuring accumulation, safety and effective use of domestic information resources. In modern conditions, it is only on this basis that it is possible to solve the problems of creating science-intensive technologies, technological re-equipment of industry, and augmenting the achievements of domestic science and technology. Russia should take its rightful place among the world leaders in the microelectronic and computer industry.

The fourth component of the national interests of the Russian Federation in the information sphere includes protecting information resources from unauthorized access, ensuring the security of information and telecommunication systems, both already deployed and created on the territory of Russia.

According to A.Yu. Kiryanov, the main tasks for the implementation and protection of national interests at the present stage of Russia's development in the information sphere are as follows.

1. Development and adoption of a long-term program to ensure access to the level of the leading countries of the world in the field of creating informatics and management systems based on the latest information technologies.

2. Ensuring freedom of receipt and dissemination of information by citizens, other subjects of public relations in the interests of the formation of civil society, a democratic legal state, the development of science and culture.

3. Ensuring reliable protection of the information potential of Russia (that is, the totality of information that ensures the national interests of the country; systems for its receipt, storage, processing and distribution; its subjects) from its illegal use to the detriment of protected

the law to the interests of the individual, society and the state. Control over the export of intellectual products from the country, as well as information data banks. Organization of an effective system of training and retraining of personnel in the field of information security.

4. Development of interaction between state and non-state information support systems in order to more efficiently use the country's information resources.

5. Improvement of the system of normative legal acts regulating property relations and maintaining the balance of interests of the individual, society and the state in the field of formation, storage and use of information resources. Formation and development of federal and regional certification centers for information security systems and their elements.

6. Counteracting purposeful actions to misinform the authorities, the population of the country, the use of information exchange channels to disrupt management systems in various spheres of the state's life.

7. Creation of a common information space of the CIS countries in the interests of promoting integration processes, increasing the efficiency of interaction in the implementation of common interests. The inclusion of Russia in the international system of information exchange, taking into account the provision of Russian national interests and counteraction by actions of information intervention.

8. Ensuring at the international level decision-making on an unconditional ban on the use of information weapons in peacetime.

Further, it is proposed to focus on the role of the state in the field of information protection. General provisions on the protection of information are established by the Federal Law "On Information" (Art. 16). The law considers the protection of information as a set of “legal, organizational and technical measures aimed at:

1) ensuring the protection of information from unauthorized access, destruction, modification, blocking, copying, provision, distribution, as well as from other illegal actions in relation to such information;

2) observance of confidentiality of information of limited access;

3) the exercise of the right to access information ”.

The last goal, at first glance, has nothing to do with information security. This is not the case. It is necessary to protect not only information with limited access, but also open information, access to which should be unrestricted. It is also the task of the state in relation to the information provided for

general information by state authorities and local self-government bodies.

Publicly available information should be protected from blocking access, destruction, modification (distortion). Restricted information - from destruction, modification, illegal copying, disclosure, illegal access, illegal use.

Taking into account the global nature of informatization processes and the emergence of international cybercrime, the world community should have interstate organizational structures for the coordination of work in the field of information security.

The main international body is the United Nations and the Security Council it created. These bodies coordinate the efforts of states to implement measures in the field of ensuring information security and combating crimes in the field of information technology. Controversial issues at the interstate level are decided by the International Court of Justice.

The information security system of the Russian Federation is built on the basis of the delineation of powers of legislative, executive and judicial authorities of the federal level, the level of the constituent entities of the Russian Federation, departmental structures, as well as services of enterprises and organizations.

So, in connection with the latest scientific and technical achievements in the field of informatics and information technologies, the modern rivalry between states and other objects of social nature is characterized by the emergence of a new factor - information. Threats to national security in various spheres of human activity are realized through targeted impact on the information environment. In the political sphere, information and psychological influence is gaining more and more importance in order to form relations in society, its reaction to the ongoing processes. In the economic sphere, the vulnerability of economic structures to unreliability, delay and illegal use of economic information is growing. In the military sphere, the outcome of an armed struggle increasingly depends on the quality of the information obtained and the level of development of information technologies, on which the systems of reconnaissance, electronic warfare, command and control of troops and precision weapons are based. In the sphere of spiritual life, there is a danger of the development of aggressive consumer ideology in society with the help of electronic media, the spread of ideas of violence and intolerance and other negative influences on the consciousness and psyche of a person. The information environment, being a backbone factor in all types of national security (political, economic, military, etc.), at the same time is an independent object of protection.

Literature

1. Kiryanov A.Yu. The essence of the information aspect of the national security of the Russian Federation // International public and private law. -2005. - No. 3. - P. 42.

2. The doctrine of information security of the Russian Federation, approved by the President of the Russian Federation 09.09.2000. No. Pr. 1895 // Russian newspaper. - 2000. - No. 187.

3. Kovaleva N.N. Information law of Russia: textbook. - M .: building and trade corporation "Dashkov and K", 2007. - 234 p.

4. Volchinskaya E.K. The role of the state in ensuring information security // Information law. - 2008. - No. 4. - S. 9-16.

5. Rodichev Yu.A. Information Security: Regulatory Aspects: A Study Guide. - SPb .: Peter, 2008 .-- S. 86-87.

Along with political, economic, military, social and environmental security, information security is an integral part of the national security of the Russian Federation.

The information security of the Russian Federation is understood as the state of protection of the national interests of the Russian Federation in the information sphere, which are determined by the totality of balanced interests of the individual, society and the state.

The information sphere is a collection of information resources and information infrastructure of the protected object.

The collection of stored, processed and transmitted information used to support management processes is called an information resource.

Information resources include:

· Information resources of enterprises of the defense complex, containing information on the main directions of the development of weapons, on scientific, technical and production potential, on the volumes of supplies and stocks of strategic types of raw materials and materials;

· Information support of control and communication systems;

· Information on fundamental and applied research projects of national importance, etc.

Information infrastructure is a set of information subsystems, control centers, hardware and software and technologies for collecting, storing, processing and transmitting information.

Information infrastructure includes:

· Information infrastructure of central, local government bodies, research institutions;

· Information infrastructure of enterprises of the defense complex and research institutions that carry out state defense orders or deal with defense issues;

· Software and hardware for automated and automatic control and communication systems.

A threat to information security is understood as a set of conditions and factors that create a potential or real danger associated with information leakage and (or) unauthorized and (or) unintended impacts on it. Threats to the information security of the Russian Federation are subdivided into external and internal.

External threats that pose the greatest danger to support facilities are:

· All types of intelligence activities of foreign states;

· Information and technical impact (including electronic warfare, penetration into computer networks);

· Sabotage and subversive activities of special services of foreign states, carried out by methods of information and psychological impact;

· Activities of foreign political, economic and military structures directed against the interests of the Russian Federation in the field of defense.

Internal threats that will pose a particular danger in the context of an aggravated military-political situation include:

· Violation of the established regulations for the collection, processing, storage and transmission of information located in the headquarters and institutions of the power structures of the Russian Federation, at the enterprises of the defense complex;

· Deliberate actions, as well as errors of personnel of information and telecommunication systems of special purpose;

· Unreliable functioning of information and telecommunication systems for special purposes;

· Possible information and propaganda activities that undermine the prestige of the power structures of the Russian Federation and their combat readiness;

· Unresolved issues of protecting the intellectual property of defense enterprises, leading to the leakage of valuable state information resources abroad.

The threats to the security of already deployed and created information and telecommunication facilities and systems include:

· Illegal collection and use of information;

· Violation of information processing technology;

· Introduction into hardware and software products of components that implement functions that are not provided for by the documentation for these products;

· Development and distribution of programs that disrupt the normal functioning of information and information and telecommunication systems, including information security systems;

· Destruction, damage, electronic suppression or destruction of means and systems of information processing, telecommunications and communications;

· Impact on the password-key protection systems of automated systems for processing and transmitting information;

· Compromise of keys and means of cryptographic protection of information;

· Information leakage through technical channels;

· Introduction of electronic devices designed to intercept information in technical means of processing, storing and transmitting information through communication channels, as well as in the office premises of state authorities, enterprises, institutions and organizations, regardless of the form of ownership;

· Destruction, damage, destruction or theft of machine and other storage media;

· Interception of information in data transmission networks and on communication lines, decryption of this information and imposition of false information;

· Use of non-certified domestic and foreign information technologies, information security means, information technology, telecommunications and communications in the creation and development of the Russian information infrastructure;

· Unauthorized access to information in banks and databases;

· Violation of legal restrictions on the dissemination of information.

The main directions for improving the information security system of the Russian Federation are:

· Systematic identification of threats and their sources, structuring of information security objectives and definition of relevant practical tasks;

· Carrying out certification of general and special software, applied software packages and information security tools in existing and created automated control and communication systems, which include elements of computer technology;

· Continuous improvement of information protection means, development of secure communication and control systems, increasing the reliability of special software;

· Improvement of the structure of functional organs of the system, coordination of their interaction.

Information security assessment is based on an analysis of threat sources (potential security breaches).

Activities aimed at preventing leakage of protected information, unauthorized and unintentional influences on it are called information protection. The object of protection is information or information carrier or information process that needs to be protected.

Information protection is organized in three areas: from leakage, from unauthorized exposure and from unintended exposure (see Fig. 4.1).

The first area is information protection from leakage - activities aimed at preventing the uncontrolled distribution of protected information as a result of its disclosure, unauthorized access to information and the receipt of protected information by intelligence.

Protection of information from disclosure is aimed at preventing unauthorized delivery of it to a consumer who does not have the right to access this information.

Protection of information from unauthorized access is aimed at preventing an interested subject from receiving information in violation of the rights or rules of access to protected information established by legal documents or the owner, owner of information. An interested subject exercising unauthorized access to protected information may be: the state; entity; a group of individuals, including a public organization; a separate individual.

Protection of information from technical intelligence is aimed at preventing intelligence from obtaining information using technical means.

The second direction - protection of information from unauthorized influence - activities aimed at preventing impact on the protected information in violation of the established rights and (or) rules to change information, leading to its distortion, destruction, blocking access to information, as well as loss, destruction or malfunction of the information carrier.

The third direction - protection of information from unintentional impact - activities aimed at preventing the impact on the protected information of errors of its user, failure of hardware and software of information systems, natural phenomena or other activities leading to distortion, destruction, copying, blocking access to information, and also to the loss, destruction or malfunction of the information carrier.

Organizing information protection means creating a system for protecting information, as well as developing measures to protect and control the effectiveness of information protection (see Fig. 4.2).

Rice. 4.2. Basic information protection scheme