Relevance of the problem of information security
The transfer of most information archives, funds and communications into electronic form created an independent type of asset - information. Like any value, it is attacked by various fraudsters. Significant risks also arise in the field of ensuring state security in the field of information, the main threats are named in the Doctrine of State Information Security. Ignoring emerging problems leads to a loss of competitiveness at both the state and corporate levels. Citizens also suffer from crimes committed in the information sphere.
The importance of information threats in the modern world
The relevance of threats to the integrity and confidentiality of information requires careful attention to the task of protecting it. 20 years ago, the problem of information security was solved with the help of cryptographic protection means, the establishment of firewalls, and access control. Now these technologies are not enough, any information that has financial, competitive, military or political value is threatened. An additional risk is the possibility of intercepting the management of critical objects of the information infrastructure.
In most cases, information about attempts to steal information resources belonging to the state is closed. An exception was the message about an attack on the FAS RF system in 2018. And data on the number of crimes in the credit and banking sector and against citizens are regularly disclosed by the Ministry of Internal Affairs, the General Prosecutor's Office and the Central Bank of the Russian Federation. So, in 2017, the number of crimes committed in the field of information technology increased from 65,949 to 90,587, now it is every 20th crime. From January to November 2018, 156 307 cases of a criminal violation of information security were already registered; it was possible to establish the identity of the criminals only in 38 773 situations.
The number of cases of infringement of information security is growing by 4-5% every six months. It is interesting that the largest number of crimes in the field of computer systems and technologies is recorded in the Udmurt Republic. The problem is that with an increase in the number of violations, their detection rate decreases, it does not exceed 41%.
Banks are far from always ready to disclose the true number of hacker attacks on their information systems; disclosing their number can become a problem and undermine the reputation of a credit institution. They are also not ready to inform the public about the number of illegal debiting of funds from cards. The statistics offered by the Central Bank of the Russian Federation are made up only of data that banks can safely disclose. So, in 2018, 1.4 billion rubles were stolen from the cards of citizens by hackers.
Interestingly, there are no authorities for hackers. For example, in November 2018, they sent letters with viruses on behalf of the Central Bank of the Russian Federation to 50 Russian banks. At the same time, the subdivision of the Central Bank of the Russian Federation for work with information, FinCERT, notes that in 2018 the number of attacks on companies whose information arrays are much less protected than bank or state ones increased significantly. All this speaks about the growing urgency of the problem of information security.
Russia's interests in the digital world
Protecting the interests of citizens and business is possible only in a situation of a strong state that does not suffer from problems associated with information technology. Ensuring information security is becoming the task of the state, which lies in the implementation of its main interests.
Among other interests of Russia in the field of information security, the Information Security Doctrine names the following:
- ensuring sovereignty and defense capability;
- achieving the highest possible level of internal stability;
- security of information and information infrastructure;
- protection of the rights and freedoms of citizens;
- stability of the process of socio-economic development;
- achievement of complete independence in the field of electronic technology production and development of national software.
Types of information crimes
Crimes committed in the field of information security are described in a separate section of the Criminal Code of the Russian Federation. In addition, a separate article has been introduced in the chapter dealing with crimes against property - Art. 159.3, which refers to fraud that is committed using electronic means of payment, and 159.6, which prosecutes fraud in the field of computer information.
In 2017-2018, the most frequently recorded crimes in Russia are:
- illegal access to computer information (Article 272 of the Criminal Code of the Russian Federation);
- creation, use and distribution of malicious computer programs (Article 273 of the Criminal Code of the Russian Federation).
But law enforcement agencies are investigating other cases as well. So, quite often situations began to arise associated with the use of unlicensed software.
The Internet. Threats and vulnerabilities
The level of information security depends primarily on the security of the channels through which information from the company's information base can get to the Internet. Specially developed software, such as DLP systems, can block these channels and reduce the risk of information leakage, theft or unauthorized access to information.
But if Russian companies already know how to deal with familiar threats - hackers and spammers - using, among other things, SIEM and DLP systems , then such a new topic as the Internet of Things creates a completely new level of threats to the information security of citizens and organizations.
The Internet of Things is understood as the ubiquitous connection to the Internet of household support systems - "Smart Home", refrigerators, washing machines. The ability of the on-board computer of the freezer to independently send an order for the purchase of products to the online store can become a target of interest to scammers. But the risks are not only in the financial losses of one citizen. Rogue IoT devices are already becoming the backbone of botnets, including DDoS attacks.
The Internet of Things is becoming the basis for "physical attacks" or attacks that cause significant material damage. The most famous attack of this type was Stuxnet, a cyberweapon virus that was created to attack uranium enrichment centrifuges and successfully completed this task. During an attack on a business, a virus can disable climate control in a laboratory, where it is necessary to maintain a certain temperature regime to preserve drugs, or an alarm before committing an armed robbery. At the BlackHat conference, held in 2013, on computer security issues, attacks on the control systems of oil companies and on the systems of a water station in the United States by the Chinese "cyberwar" have already been demonstrated.
The number of threats on the Internet is increasing, and no one can say for sure if control over critical infrastructure facilities has already been intercepted.
The growing level of threats leads to the need to look for their own methods of protection, allowing to systematically solve the problem of ensuring information security. Since the end of 2018, the government has been developing the Concept of the Sovereign Runet, the implementation of which can significantly increase the level of information protection. This topic attracts increased attention of the expert community.
Ensuring the security of information requires an investment of serious financial resources. If a company can afford to balance the potential costs associated with the introduction of modern information technology with the damage that can be caused by information leakage, the state is obliged to provide the highest possible degree of protection. Implementation of the concept of a national Runet, import substitution in the production of electronic equipment and software development should solve the problem of ensuring information security in the country.