Threats to the information security of the Russian Federation include: Types of information security threats in Russia

It should be noted that although the problems generated by informatization information security are global, for Russia they acquire special significance in connection with its geopolitical and economic position.

In the Information Security Doctrine Russian Federation, approved by the President of the Russian Federation on September 9, 2000, threats to the country’s information security, according to their general focus, are divided into threats:

constitutional rights and freedoms of man and citizen in the field of information activities;

spiritual life of society;

Information Security

information infrastructure;

information resources.

Threats to the constitutional rights and freedoms of man and citizen in the field of information security may be:

adoption by public authorities of normative legal acts that infringe on the constitutional rights and freedoms of citizens in the field of information activities;

creation of monopolies on the formation, receipt and dissemination of information in the Russian Federation, including using telecommunication systems;

opposition, including from criminal structures, to the exercise by citizens of their constitutional rights to personal and family secrets, secrecy of correspondence, telephone conversations and other messages, as well as ineffective application of the existing regulatory framework in this area;

irrational, excessive restriction of access to socially necessary information;

violation of constitutional rights and freedoms of man and citizen in the field of mass media;

failure of government bodies, organizations and citizens to comply with the requirements of the legislation of the Russian Federation regulating relations in the information sphere.

Threats to the spiritual life of society can be:

the use of means of influencing the mass consciousness of citizens;

disorganization and destruction of the system of accumulation and preservation of cultural property, including archives;

restricting citizens' access to open state information resources of government bodies and other socially significant information;

decline in the spiritual, moral and creative potential of Russia;

manipulation of information (disinformation, concealment or distortion of information).

Threats to the information infrastructure may include:

violation of the targeting and timeliness of information exchange, illegal collection and use of information;

violation of information processing technology;

introduction into hardware and software products of components that implement functions not provided for in the documentation for these products;

development and distribution of programs that disrupt the normal functioning of information and information and telecommunication systems, including information security systems;

destruction, damage, electronic jamming or destruction of information processing, telecommunications and communication facilities and systems;

theft of software or hardware keys and cryptographic information protection means;

interception of information in technical channels, its leakage that occurs during the operation of technical means of processing and storage, as well as during the transmission of information through communication channels;

implementation electronic devices interception of information into technical means of processing, storing and transmitting information via

communication channels, as well as in the office premises of government bodies and organizations;

destruction, damage, destruction or theft of computer and other storage media;

interception, decryption and imposition of false information in data networks, communication lines and mass information systems;

impact on password-key protection systems of automated information processing and transmission systems;

purchase abroad information technologies, means of informatization, telecommunications and communications, which have domestic analogues that are not inferior in their characteristics to foreign models.

Threats to information resources can be:

activities of space, air, sea and ground technical reconnaissance means of foreign states;

unauthorized access to information resources and their illegal use;

theft of information resources from libraries, archives, banks and databases;

violation of legal restrictions on the distribution of information resources.

In his Address on National Security (June 13, 1996), the President of the Russian Federation identified the main threats to Russia in the information sphere as follows:

internal - the country lags behind leading countries in terms of the level and pace of informatization, the lack of a clearly formulated information policy;

external - attempts to prevent Russia from participating on equal terms in international information exchange, interference and targeted penetration into the activities and development of the information infrastructure of the Russian Federation, the desire to reduce the use of the Russian language as an international means of communication and through this narrowing of the Russian information space.

These and other internal and external threats, according to the methods of influence (implementation), are divided into informational, software and mathematical, physical and organizational.

Information threats are realized through

unauthorized access to information resources and their theft for the purpose of illegal use, negative manipulation of information (disinformation, distortion of information, concealment), violation of information processing technology, etc.

Software and mathematical threats are implemented by introducing components into hardware and software systems that perform functions not described in the documentation for these systems and reduce the efficiency of their functioning, development and distribution of programs (viruses, " Trojan horses", etc.), disrupting the normal functioning of systems, including information security systems.

Physical threats are associated with physical impact (destruction, damage, theft) on information systems and their elements, signal interception of information in transmission channels or in office premises, etc.

Organizational threats include, first of all, a weak legal framework for ensuring information security. There is practically no legal support for information security at the regional level. The requirements of existing legislative acts (the Constitution of the Russian Federation, the laws of the Russian Federation “On Security”, “On State Secrets”, “On Information, Informatization and Information Protection”, etc.) are not always met. The shortcomings of the legal system lead to the fact that a significant amount of information with limited access in the financial - exchange, tax, customs, foreign economic, housing and other areas in the form of specific databases is distributed by various commercial firms.

In the information space, from the perspective of information security, the most typical are two dangers: 1)

control (extraction) of the state’s information resources, i.e., in fact, information intelligence (espionage). The information space has been and remains the sphere of activity of numerous intelligence services. Today, information intelligence can be implemented in two ways: unauthorized penetration into information and control systems; legally, at the expense of active participation foreign companies in creating the information structure of Russia. At the same time, in addition to the negative consequences associated with the fact that the country’s information resources are under the control of relevant foreign structures, direct damage is caused to the economy - domestic science and production are left without their own orders;

2) threat of destruction or disorganization of information resources of elements of government structures. With the current level of development of information technology, such influences can be carried out even in peacetime. They are fraught with the destruction of information valuable to the state, its distortion or the introduction of negative information for the purpose of disorganization or adoption wrong decisions

at the appropriate level of government. A special place is occupied by the security of computer networks, which make it possible to combine and share a large amount of information resources on a local and global scale. Computer networks

are becoming one of the main means of information communication. At the same time, their enormous capabilities conflict with the problem of ensuring information security. This circumstance must be taken into account when creating and developing both local and global computer networks. Thus, in the process of creating the Internet in the United States, the Computer Security Center of the Department of Defense was created in January 1981; in 1985, it was transformed into the National Computer Security Center and transferred to the National Security Agency.

Information and psychological security is the state of protection of citizens, individual groups and social strata of society, mass associations of people, the population as a whole from negative information and psychological influences carried out in the information space (more on this will be discussed below).

Information protection - ensuring the security of information (countering threats to information infrastructure and information resources).

Currently, information security problems are being most actively developed: organizational, legal, technical and technological measures to prevent and repel threats to information resources and systems, and eliminate their consequences. The theory of information security is being formed, methods and means of information security are being created and actively used in practice, specialists are being trained in a number of specialties and specializations, such as information security technology, comprehensive provision of information security of automated systems, security and information protection, etc. 11.3.

threats to the constitutional rights and freedoms of man and citizen in the field of spiritual life and information activities, individual, group and social consciousness, the spiritual revival of Russia: the adoption by federal government bodies, government bodies of the constituent entities of the Russian Federation of normative legal acts that infringe on the constitutional rights and freedoms of citizens in areas of spiritual life and information activities; creation of monopolies on the formation, receipt and dissemination of information in the Russian Federation, including using telecommunication systems; opposition, including from criminal structures, to the exercise by citizens of their constitutional rights to personal and family secrets, privacy of correspondence, telephone conversations and other communications; irrational, excessive restriction of access to socially necessary information; illegal use special means impact on individual, group and public consciousness; failure by federal government bodies, government bodies of constituent entities of the Russian Federation, local government bodies, organizations and citizens to comply with the requirements of federal legislation regulating relations in the information sphere; unlawful restriction of citizens' access to open information resources of federal government bodies, government bodies of constituent entities of the Russian Federation, local governments, open archival materials, and other open socially significant information; disorganization and destruction of the system of accumulation and preservation of cultural property, including archives; violation of constitutional rights and freedoms of man and citizen in the field of mass media; ousting Russian news agencies and mass media from the domestic information market and increasing dependence of the spiritual, economic and political spheres of public life in Russia on foreign ones information structures; devaluation of spiritual values, propaganda of mass culture models based on the cult of violence, on spiritual and moral values that contradict the values accepted in Russian society; a decrease in the spiritual, moral and creative potential of the Russian population, which will significantly complicate the preparation of labor resources for implementation and use latest technologies, including informational; manipulation of information disinformation, concealment or distortion of information.

threats to the information support of the state policy of the Russian Federation: monopolization of the Russian information market, its individual sectors by domestic and foreign information structures; blocking the activities of state media to inform Russian and foreign audiences; low efficiency of information support for state policy of the Russian Federation due to a shortage of qualified personnel, lack of a system for the formation and implementation of state information policy. threats to the development of the domestic information industry, including the industry of informatization, telecommunications and communications, meeting the needs of the domestic market for its products and the entry of these products into the world market, as well as ensuring the accumulation, preservation and effective use of domestic information resources: countering the access of the Russian Federation to the latest information technologies , mutually beneficial and equal participation Russian manufacturers in the global division of labor in the industry of information services, information technology, telecommunications and communications, information products, as well as the creation of conditions for strengthening Russia’s technological dependence in the field of modern information technologies; purchase by public authorities of imported information technology, telecommunications and communications equipment in the presence of domestic analogues that are not inferior in their characteristics to foreign models; ousting Russian manufacturers of information technology, telecommunications and communications equipment from the domestic market; an increase in the outflow of specialists and intellectual property rights holders abroad. threats to the security of information and telecommunications means and systems, both already deployed and those being created on the territory of Russia: illegal collection and use of information; violations of information processing technology; introduction into hardware and software products of components that implement functions not provided for in the documentation for these products; development and distribution of programs that disrupt the normal functioning of information and information and telecommunication systems, including information security systems; destruction, damage, electronic jamming or destruction of information processing, telecommunications and communication facilities and systems; impact on password-key protection systems of automated information processing and transmission systems; compromise of keys and means of cryptographic information protection; information leakage through technical channels; the introduction of electronic devices for intercepting information in technical means of processing, storing and transmitting information via communication channels, as well as in the office premises of government bodies, enterprises, institutions and organizations, regardless of the form of ownership; destruction, damage, destruction or theft of computer and other storage media; interception of information in data networks and communication lines, decryption of this information and imposition of false information; the use of uncertified domestic and foreign information technologies, information security tools, informatization tools, telecommunications and communications in the creation and development of Russian information infrastructure; unauthorized access to information located in banks and databases; violation of legal restrictions on the dissemination of information.

The forecast of information threats to our country does not give grounds for optimism. First of all, we are talking about the ongoing attempts to revise Soviet and pan-European history, especially in the 20th century. These actions in relation to national history are certainly elements of information warfare. For example, it is regrettable that the decisive battles of World War II - the Battle of Stalingrad, the Battle of Kursk - are practically not reflected in Western history textbooks. The largest battle in Western historiography is the Battle of El Alamein in Africa. Such a distortion of history is far from harmless. Attempts to belittle the role of our country in the defeat of fascism undermine the image of Russia as a great victorious power, as a founding country of the UN. In such a situation, we have no other choice but to intensify and increase the production of our information sources: books, films, Internet products - with content that is beneficial to us, which more objectively assess the role of our country in world history. These projects should be financed by both the state and big business.

Introduction 3

1. The concept of information security threat 4

2. Sources of threats to information security of the Russian Federation 9

3. Methods and means of information protection 11

4. Examples of information security threats 14

Conclusion 19

List of sources used 20

Introduction

In recent years, computer technology has become an integral part of our lives. It’s quite difficult for people nowadays to imagine how they used to get by without computers, they are so used to them. With the availability of computers, people also began to actively use Internet services - e-mail, World Wide Web, Internet banking. Now every morning of the average person begins with a standard viewing of the news feed, checking the contents of personal mail, visiting various popular social networks, shopping in online stores, paying for various services, etc. The Internet has slowly but surely become a constant assistant in our everyday life. affairs.

The Internet makes communication easier and breaks down language barriers; now, even if your friend lives a thousand kilometers away from you in another city or even in another country, you can communicate with him, if you wish, even for days at a time.

But with all the advantages of the Internet, there are also a lot of dangers hidden in it. First of all, these are threats to personal and state security. The Internet is a free space where personal data and bank card data can easily be stolen, information wars are waged on the Internet, and information conflicts are generated.

Thus, the threat to information security is one of the most important problems of modern human life and we need to know where it comes from and how to protect ourselves.

1. The concept of information security threat

The life of modern society is unthinkable without modern information technologies. Computers serve banking systems, control the operation of nuclear reactors, distribute energy, monitor train schedules, and control airplanes and spaceships. Computer networks and telecommunications determine the reliability and capacity of the country's defense and security systems. Computers provide information storage, processing and provision to consumers, thus implementing information technology.

However, it is precisely the high degree of automation that creates the risk of reduced security (personal, information, state, etc.). The availability and widespread distribution of information technologies and computers makes them extremely vulnerable to destructive influences. There are many examples of this.

Under threat to information security means an action or event that can lead to destruction, distortion or unauthorized use of information resources, including stored, transmitted and processed information, as well as software and hardware.

The main types of threats to the security of information technologies and information (threats to the interests of subjects of information relations) are:

natural disasters and accidents (flood, hurricane, earthquake, fire, etc.);
failures and failures of equipment (technical means) of AITU;
consequences of errors in the design and development of AITU components (hardware, information processing technology, programs, data structures, etc.);
operational errors (users, operators and other personnel);
deliberate actions of violators and attackers (offended personnel, criminals, spies, saboteurs, etc.).

Security threats can be classified according to various criteria.

Based on the results of the action: 1) threat of leakage; 2) threat of modification; 3) threat of loss.

By violation of information properties: a) threat of violation of the confidentiality of the processed information; b) threat of violation of the integrity of the processed information; c) the threat of system malfunction (denial of service), i.e. a threat to availability.

By nature of occurrence: 1) natural; 2) artificial.

Natural threats— these are threats caused by impacts on a computer system and its elements of objective physical processes or natural phenomena.

Man-made threats are threats to a computer system caused by human activity. Among them, based on the motivation for action, we can highlight:

A) unintentional(unintentional, accidental) threats caused by errors in the design of a computer system and its elements, errors in software, errors in personnel actions, etc.;

b) deliberate(intentional) threats associated with the selfish aspirations of people (attackers). Sources of threats in relation to information technology can be external or internal (components of the computer system itself - its hardware, programs, personnel).

The main unintentional man-made threats (actions committed by people accidentally, out of ignorance, inattention or negligence, out of curiosity, but without malicious intent):

unintentional actions leading to partial or complete failure of the system or destruction of hardware, software, information resources of the system (unintentional damage to equipment, deletion, distortion of files with important information or programs, including system ones, etc.);
illegal switching on of equipment or changing operating modes of devices and programs;
unintentional damage to storage media;
launching technological programs that, if used incompetently, can cause loss of system functionality (freezes or loops) or irreversible changes in the system (formatting or restructuring of storage media, deleting data, etc.);
illegal introduction and use of unregistered programs (game, educational, technological, etc., which are not necessary for the violator to perform his official duties) with subsequent unreasonable expenditure of resources (CPU load, hijacking random access memory and memory on external media);
computer infection with viruses;
careless actions leading to the disclosure of confidential information or making it publicly available;
disclosure, transfer or loss of access control attributes (passwords, encryption keys, identification cards, passes, etc.).
design of system architecture, data processing technologies, development of application programs with capabilities that pose a threat to system performance and information security;
ignoring organizational restrictions (established rules) when ranking in the system;
logging into the system bypassing security measures (loading foreign operating system from removable magnetic media, etc.);
incompetent use, configuration or unauthorized disabling of protection by security personnel;
sending data to the wrong address of the subscriber (device);
entering incorrect data;
unintentional damage to communication channels. p.124]

The main intentional artificial threats are characterized by possible ways of deliberate disruption of work, disabling the system, penetration into the system and unauthorized access to information:

physical destruction of the system (by explosion, arson, etc.) or failure of all or some of the most important components of the computer system (devices, carriers of important system information, personnel, etc.);
shutdown or failure of subsystems for ensuring the functioning of computer systems (power supply, cooling and ventilation, communication lines, etc.);
actions to disorganize the functioning of the system (changing operating modes of devices or programs, strikes, sabotage of personnel, setting up powerful active radio interference at the operating frequencies of system devices, etc.);
introduction of agents into the system personnel (including, possibly, into the administrative group responsible for security);
recruitment (by bribery, blackmail, etc.) of personnel or individual users with certain powers;
the use of listening devices, remote photo and video recording, etc.;
interception of side electromagnetic, acoustic and other radiation from devices and communication lines, as well as directing active radiation to auxiliary technical means not directly involved in information processing (telephone lines, power supply networks, heating, etc.);
interception of data transmitted over communication channels and their analysis in order to determine exchange protocols, rules for entering into communication and user authorization and subsequent attempts to imitate them to penetrate the system;
theft of storage media (disks, flash tapes, memory chips, storage devices and personal computers);
unauthorized copying of storage media;
theft of production waste (printouts, records, written off storage media, etc.);
reading remaining information from RAM and external storage devices;
reading information from areas of RAM used by the operating system (including the security subsystem) or other users in asynchronous mode, taking advantage of the shortcomings of multitasking operating systems and programming systems;
illegally obtaining passwords and other access control details (through intelligence, using the negligence of users, through selection, imitation of the system interface, etc.) with subsequent disguise as a registered user (“masquerade”);
unauthorized use of user terminals that have unique physical characteristics, such as workstation number on the network, physical address, address in the communication system, hardware encoding unit, etc.;
breaking information encryption ciphers;
introduction of special hardware attachments, “bookmark” programs and “viruses” (“Trojan horses” and “bugs”), i.e. such sections of programs that are not needed to implement the declared functions, but allow you to overcome the security system and secretly and illegally access to system resources for the purpose of registration and transfer critical information or disruption of the functioning of the system;
illegal connection to communication lines for the purpose of working “between the lines”, using pauses in the actions of a legitimate user on his behalf, followed by entering false messages or modifying transmitted messages;
illegal connection to communication lines with the aim of directly replacing a legitimate user by physically disconnecting him after logging into the system and successful authentication, followed by entering misinformation and imposing false messages. p.71]

It should be noted that most often, to achieve the goal, the attacker uses not one method, but a certain combination of them listed above.

2. Sources of threats to information security of the Russian Federation

Sources of threats information security of the Russian Federation are divided into external and internal.

TO external sources relate:

activities of foreign political, economic, military, intelligence and information structures directed against the interests of the Russian Federation in the information sphere;
the desire of a number of countries to dominate and infringe on Russia’s interests in the global information space, to oust it from the external and internal information markets;
intensifying international competition for the possession of information technologies and resources;
activities of international terrorist organizations;
increasing the technological gap of the world's leading powers and increasing their capabilities to counter the creation of competitive Russian information technologies;
activities of space, air, sea and ground technical and other means (types) of intelligence of foreign states;
development by a number of states of information warfare concepts that provide for the creation of means of dangerous influence on the information spheres of other countries of the world, violation normal functioning information and telecommunication systems, safety of information resources, obtaining unauthorized access to them. 7, p.15]

TO internal sources relate:

critical state of domestic industries;
unfavorable crime situation, accompanied by trends in the merging of state and criminal structures in the information sphere, criminal structures gaining access to confidential information, increasing the influence of organized crime on the life of society, reducing the degree of protection of the legitimate interests of citizens, society and the state in the information sphere;
insufficient coordination of the activities of federal government bodies, government bodies of constituent entities of the Russian Federation in the formation and implementation of a unified state policy in the field of ensuring information security of the Russian Federation;
insufficient development of the regulatory legal framework regulating relations in the information sphere, as well as insufficient law enforcement practice;
underdevelopment of civil society institutions and insufficient state control the development of the Russian information market;
insufficient funding for measures to ensure information security of the Russian Federation;
insufficient economic power of the state;
decreased efficiency of the education and training system, insufficient number of qualified personnel in the field of information security;
insufficient activity of federal government bodies, government bodies of the constituent entities of the Russian Federation in informing the public about their activities, in explaining the decisions made, in the formation of open government resources and the development of a system of access to them for citizens;
Russia's lag behind the leading countries of the world in terms of the level of informatization of federal government bodies, government bodies of constituent entities of the Russian Federation and local governments, credit and financial sphere, industry, agriculture, education, healthcare, services and everyday life of citizens.9, p.119 ]

3. Methods and means of information protection

The problem of creating an information security system includes two complementary tasks:

1) development of an information security system (its synthesis);

2) assessment of the developed information security system.

The second problem is solved by analyzing it technical characteristics in order to determine whether the information protection system satisfies the set of requirements for these systems. This task is currently solved almost exclusively by experts through certification of information security tools and certification of the information security system in the process of its implementation.

Let's consider the main content of modern information security methods, which form the basis of security mechanisms.

Obstacles— methods of physically blocking an attacker’s path to protected information (equipment, storage media, etc.).

Access Control- a method of protecting information by regulating the use of all resources of a computer information system (database elements, software and hardware). Access control includes the following security features:

identification of users, personnel and system resources (assigning a personal identifier to each object);
identification (authentication) of an object or subject by the identifier presented by it;
verification of authority (checking compliance of the day of the week, time of day, requested resources and procedures with the established regulations);
permission and creation of working conditions within the established regulations;
registration (logging) of requests to protected resources;
registration (alarm, shutdown, delay of work, refusal of request) in case of attempts of unauthorized actions.

Disguise- a method of protecting information by cryptographic closure. This method is widely used abroad both in processing and storing information, including on floppy disks. When transmitting information over long-distance communication channels, this method is the only reliable one.

Regulation— a method of information protection that creates conditions for automated processing, storage and transmission of protected information under which the possibility of unauthorized access to it would be minimized.

Compulsion- a method of protection in which users and system personnel are forced to comply with the rules for the processing, transfer and use of protected information under the threat of material, administrative or criminal liability.

Inducement- a method of protection that encourages the user and system personnel not to violate the established order by observing established moral and ethical standards (both regulated and unwritten).

The considered methods of ensuring security are implemented in practice through the use of various means of protection, such as technical, software, organizational, legislative and moral and ethical. K. main protective equipment, used to create a security mechanism include the following:

Technical means are implemented in the form of electrical, electromechanical and electronic devices. The entire set of technical means is divided into hardware and physical.

Under hardware it is customary to understand the technology or devices that are interfaced with such equipment according to standard interface. For example, a system for identifying and restricting access to information (through passwords, recording codes and other information on various cards).

Physical means are implemented in the form of autonomous devices and systems. For example, locks on doors where equipment is located, bars on windows, sources uninterruptible power supply, electromechanical security alarm equipment.

Software are software specifically designed to perform information security functions. This group of tools includes: an encryption mechanism (cryptography is a special algorithm that is triggered by a unique number or bit sequence, usually called an encryption key; then encrypted text is transmitted over communication channels, and the recipient has his own key to decrypt the information), a mechanism digital signature, access control mechanisms, data integrity mechanisms, scheduling mechanisms, routing control mechanisms, arbitration mechanisms, anti-virus programs, archiving programs (for example, zip, rar, arj, etc.), protection for input and output of information, etc.

Organizational means protection are organizational, technical and organizational and legal measures carried out in the process of creation and operation computer technology, telecommunications equipment to ensure information security. Organizational measures cover all structural elements of equipment at all stages of their life cycle (construction of premises, design of a computer information system for banking, installation and commissioning of equipment, use, operation).

Moral and ethical means protections are implemented in the form of all kinds of norms that have developed traditionally or are being developed as computer technology and communications spread in society. These norms are mostly not mandatory as legislative measures, but failure to comply with them usually leads to a loss of authority and prestige of a person. The most significant example of such standards is the Code of Professional Conduct for Members of the US Computer Users Association.

Legislative means protections are determined by the legislative acts of the country, which regulate the rules for the use, processing and transmission of information limited access and sanctions are established for violating these rules.

All considered means of protection are divided into formal (performing protective functions strictly according to a predetermined procedure without direct human participation) and informal (determined by purposeful human activity or regulating this activity).

4. Examples of information security threats

According to a Kaspersky Lab study in 2015, 36% of Russian users suffered at least one account hacking, as a result of which their personal data was stolen, or their profile was used to send malware.

Most often, attackers are interested in accessing your account in social network And e-mail(14%) and online banking password (5%).

As a result of the hack, 53% of respondents received phishing messages or ended up on suspicious sites, the purpose of which was to extract credentials from them. The information stored in the profile was completely destroyed for every fifth victim, and in 14% of cases, personal data was used for criminal purposes, for example, to carry out unauthorized transactions.

Not only the users themselves whose credentials were stolen, but also their friends and relatives suffer from the actions of cybercriminals. Thus, more than half of the victims of account hacking discovered that someone was sending messages on their behalf, and almost one in four discovered that their friends clicked on a malicious link they received.

Despite this, only 28% of users create strong passwords for their accounts and only 25% choose secure ways to store them.

During the year from June 2014 to June 2015, cybercriminals stole 2.6 billion rubles through Internet banking systems in RuNet, according to a report by Group-IB at the conference “Trends in the Development of Crimes in the Field of High Technologies 2015.” For the same period last year, the amount was several times higher - 9.8 billion rubles. “We are recording a decrease in damage while the number of attacks is increasing,” said Dmitry Volkov, head of the cyber intelligence service Bot-Trek Intelligence.

The greatest damage was suffered by legal entities, who lost 1.9 billion rubles as a result of the actions of cybercriminals. Every day, 16 companies become victims of cyber attacks, losing an average of 480 thousand rubles. At the same time, hackers have learned to bypass traditional security measures: neither tokens nor additional SMS authentication can save you from “autozaliv” - Trojans that allow you to transfer money from accounts by substituting details. When confirming a payment, a client infected with such a Trojan sees the correct details of the recipient, although in reality the money goes to the attackers’ account.

Russian banks themselves lost 638 million rubles as a result of targeted attacks during the reporting period. Even single attacks on clients of large banks bring a lot of income. Attackers are becoming increasingly interested in both trading and brokerage systems. Thus, in February 2015, the first successful attack in Russia was carried out on a stock broker, which lasted only 14 minutes and resulted in damage of about 300 million rubles.

Almost 100 million rubles. stolen from individuals, and 61 million rubles - with the help of Trojans tailored for the Android platform. Android vulnerabilities are attracting more and more attackers, the report shows: ten new criminal groups have emerged working with Android Trojans, and the number of incidents has tripled. Every day, 70 mobile banking users on Android become victims of cybercriminals.

According to Group-IB, the development of the ecosystem that serves the commission of cybercrimes continues. Services for cashing out stolen money brought the criminals 1.92 billion rubles. The turnover of sites selling data about bank cards, logins and passwords of different systems: the revenue of seven such stores exceeded 155 million rubles.

According to the forecast, next year malware developers will completely focus on mobile platforms; the number of incidents and the amount of thefts from individuals will increase due to the interception of card data, logins and passwords for Internet banking on Android devices. In addition, companies will face an even greater number of incidents with programs that encrypt data for subsequent extortion of money for decryption (cryptolockers). The number of thefts of information about bank cards through POS terminals will also increase: more and more programs are appearing for these purposes, and some of them are in the public domain.

According to a study by the information security company Invincea, over the past few days, experts have discovered 60 cases of infection of systems by banking malware Dridex in France. The malware is distributed under the guise of emails with an attached file Microsoft Office, which looks like a bill from a popular hotel or store. The malicious attachment is in French and contains hexadecimal code.

In 2014, almost 18 million American citizens became victims of identity theft, with credit cards and bank accounts being the targets in most cases, The Networkworld reports, citing a report from the US Department of Justice.

According to the Bureau of Justice Statistics, over the past year the number of victims of cyber fraud has increased by 1 million compared to 2012. It is worth noting that the department’s report took into account not only cases of compromise of personal information, but also its use to obtain financial or other benefits. According to the data, two out of five incidents were related to illegal manipulation of credit cards, and about the same number - with fraud with bank accounts.

The 2015 Financial Impact of Cybercrime study by the Ponemon Institute (USA) provides data on the annual costs of cyberattack remediation for companies in the US, UK, Japan, Germany, Australia, Brazil and Russia.

The study found that the average cost of cybercrime at US companies is $15 million per year, an increase of 82% from when the study began six years ago. In other words, every year costs increased by almost 20%.

It now takes an average of 46 days to mitigate the consequences of cyber attacks (this period has increased by almost 30% over six years), and companies spend an average of $1.9 million to eliminate the consequences of each of them.

The US study also found that many businesses are investing in security analytics technology to avoid the costs associated with detecting and remediating cyberattacks. This tactic pays off: the cost of responding to attacks is reduced, and this allows for a significant increase in return on investment.

Personal data of 1.5 million users was published in cloud service Amazon

The victims of the leak were clients of health insurance organizations.

One and a half million Americans have become victims of personal information leaks. Full names, addresses, phone numbers, health and prescription data were mistakenly published in plain text on the Amazon cloud service by health insurance companies using Systema Software.

The incident affected the Kansas Self-Insurance Fund, CSAC Excess Insurance Authority and the Salt Lake County database in Utah. The cause of the leak and the exact number of victims are still unknown. In total, the Social Security numbers of 1 million users, 5 million financial transaction records, data on hundreds of thousands of injuries and 4.7 million notes, including those related to fraud investigations, were published.

Conclusion

Based on the results of the research conducted in this work, the following conclusions can be formulated:

the life of modern society is unthinkable without modern information technologies;
in turn, a high degree of automation creates a risk of reduced security (personal, information, state, etc.). The availability and widespread distribution of information technologies and computers makes them extremely vulnerable to destructive influences, and there are many examples of this;
information security threat is an action or event that may lead to the destruction, distortion or unauthorized use of information resources, including stored, transmitted and processed information, as well as software and hardware;
sources of threats to information security of the Russian Federation are divided into external and internal;
to ensure information security, there are a number of methods, as well as means for their implementation;
according to the online magazine Itsec in 2014 and 2015 there was a very high level various cybercrimes.

The given examples of violations of personal and state information security once again prove that existing threats should in no case be neglected either by Internet users themselves or by organizations and enterprises.

List of sources used

Domarev V.V. Security of information technologies. Systematic approach - K.: LLC TID Dia Soft, 2014. - 992 p.
Lapina M. A., Revin A. G., Lapin V. I. Information law. - M.: UNITY-DANA, 2014. - 548 p.
Bartender Scott. Development of information security rules. - M.: Williams, 2012. - 208 p.
Galatenko V. A. Information security standards. - M.: Internet University of Information Technologies, 2006. - 264 p.
Galitsky A.V., Ryabko S.D., Shangin V.F. Information protection on the network. - M.: DMK Press, 2014. - 616 p.
Gafner V.V. Information security: textbook. allowance. - Rostov-on-Don: Phoenix, 2010. - 324 p.
Information security (2nd book of the socio-political project " Actual problems social security"). // “Weapons and Technologies”, No. 11, 2014. - P. 15-21.
Lepekhin A. N. Investigation of crimes against information security. - M.: Theseus, 2008. - 176 p.
Lopatin V. N. Information security of Russia: Man, society, state. - M.: 2010. - 428 p.
Petrenko S. A., Kurbatov V. A. Information security policies. - M.: IT Company, 2014. - 400 p.
Petrenko S. A. Information risk management. - M.: IT Company; DMK Press, 2004. - 384 p. — ISBN 5-98453-001-5.
Shangin V.F. Protection of computer information. Effective methods and means. M.: DMK Press, 2013. - 544 p.
Shcherbakov A. Yu. Modern computer security. Theoretical basis. Prak let me know about this to us.

Sarychev N.V., Melnichenko D.V.

External and internal threats to Russia's information security

Information security is the protection of the information environment of the individual, society and state from intentional and unintentional threats and impacts. Ensuring the information security of the Russian Federation is closely interconnected with solving the country’s internal problems: problems of ensuring political, economic, military, social and other types of national security. To ensure the external aspect of information security, a large role should be given to interaction with information authorities of other countries.

Keywords: countering the ideology of terrorism, information sphere, information threats, information security, protection against information and psychological threats.

The information sphere of Russia is characterized by the active development of modern means of information exchange and various types computer systems. This creates conditions for providing information support for the activities of the management apparatus at all levels and in all branches of government.

At the same time, poor attention paid to the problems of ensuring information security creates objective conditions for illegal access to classified information, its theft or destruction. Of particular danger is the possibility of manipulating various types of information to negatively impact the political decision-making process.

In the list of types of threats to information security outlined in the Doctrine, it is worth paying special attention to: - ousting Russian news agencies and media from the domestic information market and increasing dependence of the spiritual, economic and political spheres of public life in Russia on foreign information structures; - manipulation of information (disinformation, concealment or distortion of information).

The main goals of protection against information and psychological threats for Russia are:

1) protection from the destructive information and psychological influences of the social environment, the psyche of the population, social groups citizens;

2) countering attempts to manipulate the processes of perception of information by the population on the part of political forces hostile to Russia, carried out with the aim of weakening the defense capability of the state;

3) defending the national interests, goals and values of Russia in the information space (global, national, regional, subregional, CIS countries);

4) constant monitoring of the relations of Russian society to the most important problems of national security (diagnosis of public opinion, psychological state of the nation). The leading countries of the world currently have a powerful potential for information warfare (primarily the USA, China, Israel, France, Great Britain, Germany), which can ensure they achieve political and economic goals, especially since there are no international legal norms for conducting information warfare.

The Information Security Doctrine of the Russian Federation identifies the following main sources of internal threats to information security.

Internal sources include: - the critical state of domestic industries; - an unfavorable crime situation, accompanied by trends in the merging of state and criminal structures in the information sphere, criminal structures gaining access to confidential information, increasing the influence of organized crime on the life of society, reducing the degree of protection of the legitimate interests of citizens, society and the state in the information sphere; - insufficient coordination of the activities of federal government bodies, government bodies of constituent entities of the Russian Federation in the formation and implementation of a unified state policy in the field of ensuring information security of the Russian Federation; - insufficient development of the regulatory legal framework regulating relations in the information sphere, as well as insufficient law enforcement practice;

Underdevelopment of civil society institutions and insufficient government control over the development of the Russian information market; - insufficient funding for measures to ensure information security of the Russian Federation; -insufficient economic power of the state;

Reduced efficiency of the education and training system, insufficient number of qualified personnel in the field of information security; - insufficient activity of federal government bodies, government bodies of the constituent entities of the Russian Federation in informing the public about their activities, in explaining the decisions made, in the formation of open government resources and the development of a system of access to them for citizens; -Russia lags behind the leading countries of the world in terms of the level of informatization of federal government bodies, government bodies of the constituent entities of the Russian Federation and local governments,

credit and financial sphere, industry, agriculture, education, healthcare, services and everyday life of citizens. The greatest danger in the sphere of domestic politics is posed by the following threats to the information security of the Russian Federation: -violation of the constitutional rights and freedoms of citizens realized in the information sphere;

Insufficient legal regulation relations in the field of the rights of various political forces to use the media to promote their ideas; - dissemination of misinformation about the policies of the Russian Federation, the activities of federal government bodies, events taking place in the country and abroad; -activities of public associations aimed at violently changing the foundations of the constitutional system and violating the integrity of the Russian Federation, inciting social, racial, national and religious hatred, and disseminating these ideas in the media. Of the internal threats to the information security of the Russian Federation in the sphere of foreign policy, the greatest danger is posed by: - information and propaganda activities of political forces, public associations, the media and individuals, distorting the strategy and tactics of the foreign policy activities of the Russian Federation; Of the external threats to the information security of the Russian Federation in the field of foreign policy, the greatest danger is posed by: - insufficient awareness of the population about the foreign policy activities of the Russian Federation. -information impact of foreign political, economic, military and information structures on the development and implementation of the foreign policy strategy of the Russian Federation; - dissemination of misinformation abroad about the foreign policy of the Russian Federation;

Violation of the rights of Russian citizens and legal entities in the information sphere abroad;

Attempts of unauthorized access to information and influence on information resources, information infrastructure of federal executive authorities implementing the foreign policy of the Russian Federation, Russian representative offices and organizations abroad, representative offices of the Russian Federation at international organizations. Based on the national interests of the Russian Federation in the information sphere, strategic and current tasks of the state’s domestic and foreign policy to ensure information security are formed.

Four main components of the national interests of the Russian Federation in the information sphere are identified.

The first component of the national interests of the Russian Federation in the information sphere includes compliance with the constitutional rights and freedoms of man and citizen in the field of obtaining information and using it, ensuring the spiritual renewal of Russia, preserving and strengthening the moral values of society, the traditions of patriotism and humanism, the cultural and scientific potential of the country.

The second component of the national interests of the Russian Federation in the information sphere includes information support for the state policy of the Russian Federation, associated with bringing to the Russian and international public reliable information about the state policy of the Russian Federation, its official position on socially significant events in Russian and international life, with ensuring citizens’ access to open state information resources.

The third component of the national interests of the Russian Federation in the information sphere includes the development of modern information technologies, the domestic information industry, including the industry of information technology, telecommunications and communications, meeting the needs of the domestic market with its products and the entry of these products into the world market, as well as ensuring the accumulation, safety and effective use of domestic information resources. In modern conditions, only on this basis can the problems of creating high-tech technologies, technological re-equipment of industry, and increasing the achievements of domestic science and technology be solved. Russia must take its rightful place among the world leaders in the microelectronic and computer industries.

The fourth component of the Russian Federation’s national interests in the information sphere includes protecting information resources from unauthorized access, ensuring the security of information and telecommunication systems, both already deployed and those being created in Russia.

According to A.Yu. Kiryanov, the main tasks for the implementation and protection of national interests at the present stage of Russia’s development in the information sphere are the following.

1. Development and adoption of a long-term program to ensure reaching the level of the leading countries of the world in the field of creating computer science and management systems based on the latest information technologies.

2. Ensuring freedom of receipt and dissemination of information by citizens and other entities public relations in the interests of the formation of civil society, a democratic legal state, the development of science and culture.

3. Ensuring reliable protection of Russia’s information potential (i.e., the totality of information that ensures the national interests of the country; systems for its receipt, storage, processing and distribution; its subjects) from its unlawful use to the detriment of protected property

law to the interests of the individual, society and the state. Exercising control over the export of intellectual products from the country, as well as information data banks. Organization of an effective system of training and retraining of personnel in the field of information security.

4. Development of interaction between state and non-state information support systems in order to more effectively use the country’s information resources.

5. Improving the system of regulatory legal acts regulating property relations and maintaining a balance of interests of the individual, society and the state in the field of formation, storage and use of information resources. Formation and development of federal and regional certification centers for information security systems and their elements.

6. Countering targeted actions to misinform authorities, the country’s population, and the use of information exchange channels to disrupt management systems in various spheres of the state’s life.

7. Creation of a common information space of the CIS countries in the interests of promoting integration processes, increasing the efficiency of interaction in the implementation of common interests. Inclusion of Russia in the international system of information exchange, taking into account ensuring Russian national interests and countering actions of information intervention.

8. Ensuring that decisions are made at the international level on an unconditional ban on the use of information weapons in peacetime.

Next, it is proposed to focus on the role of the state in the field of information protection. General provisions for the protection of information are established by the Federal Law “On Information” (Article 16). The law considers information protection as a set of “legal, organizational and technical measures aimed at:

1) ensuring the protection of information from unauthorized access, destruction, modification, blocking, copying, provision, distribution, as well as from other unlawful actions in relation to such information;

2) maintaining the confidentiality of restricted information;

3) implementation of the right to access information.”

The last goal, at first glance, has nothing to do with information security. This is not the case. It is necessary to protect not only restricted information, but also open information, access to which must be unlimited. It is also the task of the state with regard to the information provided for

public information by state authorities and local governments.

Public information should be protected from access blocking, destruction, modification (distortion). Information of limited access - from destruction, modification, illegal copying, disclosure, illegal access, illegal use.

Considering the global nature of informatization processes and the emergence of international cybercrime, the world community must have interstate organizational structures for coordinating work in the field of information security.

The main international body is the United Nations and the Security Council created by it. These bodies coordinate the efforts of states to implement measures in the field of ensuring information security and combating crimes in the field of information technology. Controversial issues at the interstate level are resolved by the International Court of Justice.

The information security system of the Russian Federation is built on the basis of the delimitation of powers of legislative, executive and judicial authorities at the federal level, the level of constituent entities of the Russian Federation, departmental structures, as well as services of enterprises and organizations.

So, in connection with the latest scientific and technical achievements in the field of computer science and information technology, modern rivalry between states and other objects of a social nature is characterized by the emergence of a new factor - information. Threats to national security in various spheres of human activity are realized through targeted influence on the information environment. In the political sphere, informational and psychological influence is becoming increasingly important in order to form relationships in society and its reaction to ongoing processes. In the economic sphere, the vulnerability of economic structures from unreliability, delays and illegal use of economic information is growing. In the military sphere, the outcome of armed struggle increasingly depends on the quality of information obtained and the level of development of information technologies on which systems of reconnaissance, electronic warfare, command and control and precision weapons are based. In the sphere of spiritual life, there is a danger of the development in society with the help of electronic media of an aggressive consumer ideology, the spread of ideas of violence and intolerance and other negative impacts on the consciousness and psyche of a person. The information environment, being a system-forming factor in all types of national security (political, economic, military, etc.), at the same time represents an independent object of protection.

Literature

1. Kiryanov A.Yu. The essence of the information aspect of national security of the Russian Federation // International public and private law. -2005. - No. 3. - P. 42.

2. The Doctrine of Information Security of the Russian Federation, approved by the President of the Russian Federation on September 09, 2000. No. Pr. 1895 // Russian newspaper. - 2000. - № 187.

3. Kovaleva N.N. Information law of Russia: tutorial. - M.: building and trading corporation "Dashkov and K", 2007. - 234 p.

4. Volchinskaya E.K. The role of the state in ensuring information security // Information law. - 2008. - No. 4. - P. 9-16.

5. Rodichev Yu.A. Information security: regulatory aspects: textbook. - St. Petersburg: Peter, 2008. - pp. 86-87.

Information Security. Course of lectures Artemov A.V.

Question 3. Modern threats to information security in Russia

According to the Law on Safety under security threat is understood a set of conditions and factors that create a danger to the vital interests of the individual, society and state. The Russian National Security Concept does not define threats, but names some of them in the information sphere. So, the danger is:

– the desire of a number of countries to dominate the global information space;

– ousting the state from the internal and external information market;

– development by a number of states of the concept of information wars;

– disruption of normal functioning information systems;

– violation of the security of information resources, gaining unauthorized access to them.

These are the so-called external threats , which are due competitive nature of the development of interstate and international relations. Accordingly, there are internal threats , largely related to insufficient implementation of economic, socio-political and other transformations in the sphere IB. The concept of national security names them as prerequisites for the emergence of threats. Taking these prerequisites into account, in our opinion, sources of internal threats include:

– Russia’s lag in the field of informatization of government bodies;

– imperfection of the system of organizing state power for the formation and implementation of a unified state policy for ensuring information security;

– criminalization of public relations, growth of organized crime;

– increase in the scale of terrorism;

– aggravation of interethnic and complication of external relations.

To neutralize information threats, there is a historically established system for maintaining state secrets, which includes the following subsystems:

– cryptographic network confidential communication;

– countering foreign technical intelligence;

– ensuring secrecy at closed government facilities.

Along with the traditional priorities of foreign technical intelligence services, their sphere of interests increasingly involves issues of technology, finance, trade, resources, access to which opens up in connection with conversion, the development of international integration processes, and widespread implementation computer technology. Of the existing information threats, the most relevant are threats to the economic security of enterprises and firms, determined by unfair competition, economic and industrial espionage. Industrial espionage has always existed.

Industrial espionage represents unauthorized transfer of confidential technology, materials, products, information about them.

Methods and the methods of espionage remain unchanged over many centuries of the development of society and the state. At the same time, only the means and forms of its implementation change. Such methods include: bribery, blackmail, the activities of spy ambassadors, interception of messages presented on various media ( magnetic media, letters, etc.).

Concerning analysis of the information received , then everything remains unchanged. It is carried out by a person or group of people who carry out analytical and synthetic processing of information, including using new information technologies.

Development of technology until the beginning of the twentieth century. did not affect the means of unauthorized obtaining information: they drilled holes in walls and ceilings, used secret passages and translucent mirrors, and positioned themselves near keyholes and under windows. The advent of the telegraph and telephone made it possible to use technical means of obtaining information. A huge number of messages began to be intercepted, affecting the conduct of wars and the position on the stock exchange. In 30–40 years. Dictaphones, miniature cameras, and various radio microphones appeared.

The development of new information technologies has made it possible to intercept a gigantic number of messages, influencing all spheres of socio-economic development of society, including the development of industry.

An analysis of the results of research into information threats allows us to assert that one of the main threats to the state security of the Russian Federation is attempts by Western intelligence agencies to obtain confidential information , constituting state, industrial, banking and other types of secrets. Leading Western countries continue to modernize and develop their intelligence services, improve technical intelligence, and increase its capabilities.

Taking into account the considered content of the concept of a threat to the state, society and the individual in a broad sense, we will consider threats that directly affect the confidential information being processed. A system of security threats represents real or potential actions or conditions leading to theft, distortion, unauthorized access, copying, modification, alteration, destruction of confidential information and information about the system itself and, accordingly, direct material losses.

At the same time, threats to the safety of information are determined by accidental and intentional destructive and distorting influences of the external environment, the reliability of the functioning of information processing tools, as well as the deliberate selfish influence of unauthorized users, whose goal is the theft, destruction, destruction, modification and use of processed information. Analysis of the content of threat properties allows us to propose the following options for their classification (Fig. 1).

The manifestation of threats is characterized by a number of patterns. Firstly, illegal acquisition of confidential information, its copying, modification, destruction in the interests of attackers, with the aim of causing damage. In addition, unintentional actions of maintenance personnel and users also lead to certain damage. Secondly, the main ways to implement threats to information and information security are:

– intelligence sources in information management and protection authorities;

– recruitment of officials of government bodies, organizations, enterprises, etc.;

– interception and unauthorized access to information using technical intelligence means;

– use of deliberate program and mathematical influence;

– eavesdropping on confidential conversations in office premises, transport and other places where they are conducted.

Rice. 1. Classification of security threats

The main factors influencing threats that cause information losses and lead to various types of damage and an increase in losses from illegal actions are:

– accidents causing failure of equipment and information resources (fires, explosions, accidents, impacts, collisions, falls, exposure to chemical or physical environments);

– breakdown of elements of information processing facilities;

– consequences of natural phenomena (floods, storms, lightning, earthquakes, etc.);

– theft, deliberate damage to material assets;

– accidents and failure of equipment, software, databases;

– errors in the accumulation, storage, transmission, and use of information;

– errors in perception, reading, interpretation of the content of information, compliance with rules, errors as a result of inability, oversights, the presence of interference, failures and distortions of individual elements and signs or messages;

– operating errors: security violations, file overflows, data management language errors, errors in preparing and entering information, operating system errors, programming errors, hardware errors, instructions interpretation errors, skipped operations, etc.;

– conceptual implementation errors;

– malicious actions in the material sphere;

– talkativeness, disclosure; – losses of a social nature (resignation, dismissal, strike, etc.).

Information damage in some cases can be assessed depending on the type of loss. It can be:

– losses associated with compensation or reimbursement of lost or stolen material assets which include:

The cost of compensation for the replacement of other indirectly lost property;

Cost of repair and restoration work;

Expenses for analysis and research of the causes and magnitude of damage;

Other expenses;

– additional expenses for personnel servicing technical means for processing confidential information, restoring information, resuming the operation of information systems for collecting, storing, processing, and monitoring data, including costs:

To support TSOI information resources;

Service personnel not involved in information processing;

Special bonuses, transportation costs, etc.;

– operational losses, associated with damage to banking interests or financial costs, loss of clients, customers, requiring additional costs to restore: banking trust; profit margins; lost clientele; income of the organization, etc.;

Loss of funds or damage to property that cannot be restored, which reduces financial capabilities (money, securities, Money transfers and etc.);

Costs and losses associated with compensation for moral damage, training, examination, etc.

Analyzing the quantitative data of losses, we can conclude that losses from malicious actions, and especially from economic espionage, are continuously increasing and are the most significant. The findings of Western experts show that the leak of 20% of commercial information in 60 cases out of 100 leads to bankruptcy of the company.

Summarizing a brief analysis of existing threats to confidential information, we can highlight two areas of impact of threats that reduce the security of information.

The first, traditionally established within the framework of the protection of confidential information, is impact facilitating unauthorized access to this information. The second, which has developed within the framework of a broad understanding of information security problems, is associated with using modern technical and organizational systems, as well as with the participation of people, groups of people and society as a whole and their exposure to external, negative information influences.

Thus, it has been theoretically proven and practice has repeatedly confirmed that the human psyche and thinking are subject to external information influences and, with their proper organization, the possibility of programming human behavior arises. Moreover, recently, methods and means of computer penetration into the subconscious have been developed in order to have a deep impact on it. Therefore, the urgent problem is not only the protection of information, but also protection from the destructive effects of information that is acquiring an international scale and strategic nature. Due to changes in the concept of the development of strategic weapons, which determines that an armed solution to world problems is becoming impossible, the concept information war . Now the effectiveness of offensive means of information warfare and information weapons exceeds the effectiveness of information security systems.

Of interest are the threats of loss of protected information during information processes, whose participants represent opposing interests. Analysis of these threats made it possible to identify a number of their characteristic features. In most cases, the active actions of the parties are quite conscious and purposeful. These actions include:

– disclosure of confidential information by its owner;

– information leakage through various, mainly technical, channels;

– unauthorized access to confidential information in various ways.

Disclosure of information- This intentional or careless actions of officials and citizens who are in in the prescribed manner relevant information on the work was entrusted, which led to the disclosure of protected information, as well as the transfer of such information through open technical channels. Disclosure is expressed in the communication, transfer, provision, forwarding, publication, during discussion, loss and disclosure by any other means of confidential information to persons and organizations that do not have the right to access protected secrets. Disclosure of information can occur through many channels, including through mail, radio, television, print, etc. Disclosure is possible during business meetings, conversations, when discussing joint work, in contracts, in letters and documents, business meetings and etc. During such events, partners conduct an intensive exchange of information. It is during communication between them that a “trusting” relationship is established, leading to the disclosure of trade secrets.

As a rule, factors contributing to the disclosure of confidential information are:

– poor knowledge (or ignorance) of the requirements for the protection of confidential information;

– erroneous actions of personnel due to low production qualifications;

– lack of a control system over the preparation of documents, preparation of speeches, advertising and publications;

– malicious, deliberate failure to comply with the requirements for the protection of trade secrets.

Disclosure of confidential information inevitably leads to material and moral damage.

Information leak V general view can be seen as uncontrolled and unlawful release of confidential information outside the organization or circle of persons to whom this information was entrusted. At the same time, the nature of the leak of protected information is characterized both by the circumstances of its origin and by the reasons and conditions for the occurrence of the leak.

Unlawful acquisition of confidential information due to poor personnel management on the part of officials, organizations and departments is facilitated by the presence of the following circumstances:

– tendency of the organization’s employees to be excessively talkative – 32%;

– the desire of employees to earn money by any means and at any cost – 24%;

– lack of a security service in the company – 14%; – employees’ habit of sharing information about their work activities with each other – 12%;

– uncontrolled use of information systems in the company – 10%;

– prerequisites for the emergence of conflict situations in the team due to the lack of psychological compatibility of employees, random selection of personnel, lack of work by the manager to unite the team, etc. – 8%.

Also, the leakage of protected information is due to the presence of appropriate conditions related to:

–c the emergence of a competitor (malicious person) who is interested in such information and spends certain efforts and means to acquire it;

– imperfection of standards for maintaining trade secrets, as well as violation of these standards , deviation from the rules for handling relevant documents, technical equipment, product samples and other materials containing confidential information;

– various factors and circumstances that develop in the process of scientific, production, advertising, publishing, information and other activities of the organization and create the prerequisites for leaks of information constituting various types of secrets .

Such factors and circumstances may include, for example:

– insufficient knowledge by employees of the rules for protecting the relevant type of secret and lack of understanding of the need for their careful compliance;

– loss of IDs, passes, keys to secure premises, storage rooms, safes (metal cabinets), personal seals – 12%;

– bringing film, sound, photo and video recording, radio transmitting, receiving and duplicating equipment for personal use into the territory of the organization without the permission of security service employees; failure to report facts of a possible leak of classified information to the leadership of the unit and the Security Service; removal of secret documents and products from the enterprise without the permission of the head of the organization or the head of the Security Service – 4%;

– incorrect identification of the security classification of a document (product) – 3%;

– untimely submission of documents for inclusion in the case with notes on execution and with the resolution of the head of the unit; leaving premises (special storage facilities) open and unsealed after work is completed – 3%;

– leaving secret documents on desktops when leaving the premises, violating the established procedure for familiarizing seconded persons with secret documents and products, transporting secret documents and products by personal and public transport and moving with them to places not related to the performance of tasks – 2%;

– incorrect preparation of secret documents for printing; failure to comply with the procedure for reporting to the Security Council for documents and products registered with the contractor upon dismissal, before going on vacation, or going on business trips; untimely notification to the personnel service about changes in personal and autobiographical data; conducting negotiations on sensitive issues over unsecured communication lines; performance secret work at home; making copies of secret documents or making extracts from them without the written permission of the head of the Security Service; transfer and taking of secret documents and products without a receipt – 1% for each case.

The reasons for unlawful acquisition of confidential information may be the following circumstances:

– use of uncertified technical means processing of confidential information

– weak control over compliance with information security rules legal organizational and engineering measures

– staff turnover , including those who possess information constituting a trade secret;

– violations that do not come to the attention of the administration and Security Council , - it can be:

Familiarization of persons with confidential documents, products, works not included in the scope of their official duties;

Sending confidential documents to recipients to which they have no relation;

Preparation of confidential documents on unregistered media;

Violation of the procedure for working with confidential documents and products, which does not allow them to be viewed by unauthorized persons;

Late reporting to the Security Service of data on extra-official relations with relatives living abroad, with relatives traveling abroad for permanent residence;

Visiting embassies, consulates, foreign private companies and firms without permission from the organization’s management;

Establishing radio communications with radio amateurs of foreign countries;

Use of confidential information in unclassified official correspondence, technical specifications, articles, reports and speeches;

Premature publication of scientific and other works that may be considered at the level of inventions or discoveries or the publication of which is prohibited in accordance with the established procedure;

Communication orally or in writing to anyone, including relatives, of confidential information, unless this is caused by official necessity;

Reporting any information about confidential work being carried out when addressing personal issues with complaints, requests and proposals to federal government authorities, authorities of constituent entities of the Russian Federation and local governments.

In addition, information leakage is facilitated by natural disasters, catastrophes, malfunctions, failures, and accidents of technical means and equipment.

Methods unauthorized access(NSD) as a problem of leakage of confidential information is proposed to be considered from the following positions. The issue of ensuring protection against unauthorized access is related to the problem of safety not only of information as a type of intellectual property, but of individuals and legal entities, their property and personal safety. It is known that such activities are closely related to the receipt, accumulation, storage, processing and use of various information flows. Once the information represents a certain price, the fact that the attacker obtains it brings him a certain income, thereby weakening the competitor's capabilities. Hence, the main goal of illegal actions is to obtain information about the composition, status and activities of an object of confidential information in order to satisfy one’s information needs for personal gain and to make changes to the composition of the information. Such an action can lead to misinformation in certain areas of activity and affect, in particular, accounting data and the results of solving management problems.

A more dangerous threat is the destruction of accumulated information arrays in documentary or magnetic form and software products in the environment of an automated data processing system. Destruction - This illegal action aimed at causing material and informational damage to a competitor by an attacker.

Thus, the considered threats to information, with the exception of the last one, are usually aimed at and lead to the attacker obtaining confidential information. Analysis of traditional techniques and methods for obtaining confidential information made it possible to identify the most typical sources and methods for obtaining it, which generally describe the actions of subjects of legal relations in the field of information security:

– collection of information contained in the media, including official documents;

– use of information disseminated by employees of competing organizations;

– documents, consultants’ reports, financial reports and documents, exhibition exhibits and prospectuses, etc.;

– studying the products of competing and other organizations that are of interest for the relevant types of intelligence, using data obtained during conversations with service personnel;

– disguised surveys and “extorting” information from organization employees at scientific and technical congresses;

– direct observation carried out covertly;

– conversations about hiring (without the intention of hiring them);

– hiring an employee of a competing company or organization to obtain the required information;

– bribery of an employee; – eavesdropping on conversations taking place in office and other premises, intercepting telegraph messages, eavesdropping telephone conversations;

– theft of drawings, documents, etc.

– blackmail and extortion, etc.

The considered sources and methods are not exhaustive, but they allow us to group all probable sources of information leakage in the following way:

– personnel with access to confidential information;

– documentation containing this information; – technical means and information processing systems, including the communication lines over which it is transmitted.

An analysis of foreign publications on sources of information leakage in commercial companies revealed that, despite the high percentage of channels associated with the use of technical intelligence means and various technological techniques to obtain information, personnel remains one of the main reasons and one of the sources of confidential information leakage, which is confirmed by the following approximate percentages for information leakage channels:

– bribery, blackmail, poaching employees, infiltrating agents – 43;

– eavesdropping on telephone conversations – 5;

– theft of documents – 10;

– penetration into a personal computer – 18;

– reading information from channels “in the dark” – 24.

To disclose the characteristics of offenses committed in the information sphere, the characteristics of probable channels of information leakage, which are determined by the availability of relevant sources of confidential information, are essential. It is advisable to consider such a classification taking into account the fact that the processing of confidential information is carried out in organizations that are complex systems of organizational and technical type, functioning under conditions of external influences and internal changes in state. At the same time, regardless of the considered impacts on confidential information and the system for processing it, emerging channels of information leakage manifest themselves through such offenses. These channels can be grouped within the considered three main groups of probable sources of information leakage. So, the first group - personnel with access to confidential information, - represents streams of people and is the most important group of possible channels for information leakage. In terms of prevalence, possible channels of information leakage in this group are characterized by the following approximate indicators:

– hiring and dismissal of enterprise employees – 32%;

– visits to the enterprise by business travelers – 28%;

– holding meetings on secret issues – 15%;

– conducting secret work in work premises – 15%;

– admission, access and handling of secret (confidential) information – 14%;

– travel of specialists abroad – 10%;

– organization of access control and intra-facility control – 8%;

– internships for students – 7%;

– visiting international exhibitions – 7%;

– training in advanced training courses – 5%;

– preparation of resolutions and decisions, orders and other documents – 4%.

Typical violations when hiring and dismissing personnel :

– hiring persons without obtaining a permit in the prescribed manner;

– access of personnel to confidential information in violation of established requirements;

– untimely and incomplete familiarization of personnel with the requirements of regulatory legal acts for ensuring information security;

– unsatisfactory knowledge of regulatory legal acts;

– dismissal of personnel who are carriers of confidential information.

Typical violations when business travelers visit enterprises :

– admission of business travelers, with the knowledge of department heads, to confidential work and documents without the appropriate permission;

– failure to comply with the requirements of instructions for internal facilities to accompany business travelers arriving at units;

– absence in the instructions of notes about the information actually issued to representatives of other enterprises;

– reception of business travelers with instructions that do not contain the grounds for business travel (number and date of business agreement, terms of reference for a joint R&D plan, etc.);

– the degree of confidentiality of materials to which a business traveler is allowed is not determined.

Violations related to official meetings :

– holding meetings without the appropriate permission of the head of the enterprise or his deputies;

– admission to the meeting of persons who are not related to the issues discussed and whose participation is not caused by official necessity;

– non-compliance with the order of consideration of confidential issues;

– failure to comply with the requirements of the internal facility regime during meetings;

– photographing, demonstration of confidential products, films without the consent of the Security Service;

– sound recording of the speeches of the meeting participants on a medium not included in the Security Council;

– sending notebooks (records) of a secret nature to institutions that are not directly affected by this information;

– insufficient knowledge by employees involved in the reception of business travelers of the requirements of the instructions on the procedure for the reception of business travelers (this was stated by about 45% of respondents).

Violations when conducting confidential work in work premises consist in the absence of collateral:

– special means of protecting confidential information, communications, sound recording, sound amplification, intercom and television devices;

– means of production and reproduction of documents;

– fire and security alarm systems;

– electronic clock systems, electrical equipment and other additional technical means of protection that prevent information leakage due to side electromagnetic radiation and interference.

Leak channels such as access and handling of confidential information , are formed by expanding the circle of persons who have access to documents, products, and technical specifications.

Violations in the organization of access control and intra-facility regime include:

– loss of IDs, passes, keys to secure premises, storage facilities, safes (cabinets), personal seals – 12%;

– bringing film and photographic equipment, radio transmitting and receiving equipment, as well as duplicating and copying equipment for personal use into the territory of the enterprise without the permission of the Security Service;

– removal of secret documents and products from the enterprise without permission;

– leaving premises (storages) uncovered and unsealed after work.

Channels for leaking confidential information through improper organization of technological and pre-diploma internships for students are manifested in the following: students and students of universities and secondary specialized educational institutions after completing an internship are not enrolled in permanent work, where they completed an internship and became acquainted with information constituting a state or commercial secret, and other reasons.

Typical violations when solving problems of an industrial and intersectoral nature :

– inclusion of confidential information in open documents in order to simplify the delivery and approval of documents;

– keeping secret notes in personal notebooks, notebooks;

– familiarization with confidential works and information of persons whose official duties do not include them;

– sending confidential documents to recipients to which they have no relation.

Thus, the analysis of threats to information allows us to clarify its properties that are subject to legal protection. In this case, the content of these properties will be considered taking into account the provisions of current regulations.

This text is an introductory fragment. From the author's book

Question 1. The place of information security in the national security system of Russia: concept, structure and content Informatization of the socio-political, economic and military activities of the country and, as a consequence, the rapid development of information systems

From the author's book

Question 2. Basic governing documents regulating information security issues Considering the Concept of National Security of Russia, approved by Decree of the President of the Russian Federation dated December 17, 1997 No. 1300 (as amended on January 10, 2000), which reflects the so-called “Okinawa Charter”

From the author's book

Question 2. Threats to confidential information of an organization All information resources of a company are constantly exposed to objective and subjective threats of loss of the media or value of information. The threat or danger of loss of information is understood as a single or

From the author's book

Question 1. Features of information security of banks Since their inception, banks have invariably aroused criminal interest. And this interest was associated not only with the storage of funds in credit institutions, but also with the fact that important

From the author's book

Question 1. Generalized model of information security processes General models of information security systems and processes are those that allow one to determine (evaluate) the general characteristics of these systems and processes, in contrast to models of local and private ones,

From the author's book

Question 1. State of information security issues Currently, information security issues in universities have become increasingly important. It should be remembered that the problem of computer crimes originated in universities (for example, the Morris virus). By

From the author's book

Question 2. Threats and vulnerabilities of the KSUS The KSUS is understood as a set of workstations and devices that use shared network resources and network services for the benefit of educational activities. It should be noted that modern KSUS are extremely heterogeneous in their

From the author's book

Chapter 2 PROBLEMS AND THREATS TO INFORMATION SECURITY The national security of the Russian Federation significantly depends on ensuring information security, and with technological progress this dependence will increase. Doctrine of information