The threats of information security of the Russian Federation applies. Threats of information security of Russia

DOCTRINE

information security Russian Federation

I. General provisions

1. This doctrine is a system of formal views on ensuring the national security of the Russian Federation in information sphere.
In this doctrine, under the information sphere, the combination of information, information systems, information systems, websites in the Internet information and telecommunications network (hereinafter referred to as the Internet network), communication networks, information technologies, subjects whose activities are related to the formation and processing of information , development and use of mentioned technologies, information security, as well as a set of regulatory mechanisms of the relevant public relations.

2. In this doctrine, the following basic concepts are used:
(a) The national interests of the Russian Federation in the information sphere (hereinafter referred to as national interests in the information sphere) are objectively significant personal needs, society and state in ensuring their security and sustainable development in terms of information sphere;
b) the threat of information security of the Russian Federation (hereinafter - the information threat) is a set of actions and factors that create the danger of damage to national interests in the information sphere;
c) Information security of the Russian Federation (hereinafter referred to as information security) - the state of personality security, society and states from internal and external information threats, in which the implementation of constitutional rights and freedoms of man and citizen is ensured, decent quality and the standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation, the defense and security of the state;
d) providing information security - the implementation of mutually related legal, organizational, operational, intelligence, intelligence, counterintelligence, scientific, information, analytical, personnel, economic and other measures to predict, detect, deterrence, prevent, reflect information threats and eliminating their consequences manifestations;
e) information security forces - government agencies, as well as units and officials of state bodies, local governments and organizations authorized to solve in accordance with the legislation of the Russian Federation to ensure information security;
e) information security tools - legal, organizational, technical and other means used by providing information security;
g) information security system - a set of information security forces carrying out coordinated and planned activities, and the means of providing information security;
h) information infrastructure Of the Russian Federation (hereinafter referred to as information infrastructure) - a set of informatization, information systems, sites on the Internet "Internet" and communication networks located in the Russian Federation, as well as in the territories under the jurisdiction of the Russian Federation or used on the basis of international treaties of the Russian Federation .

3. In this Doctrine, based on the analysis of basic information threats and assessing the state of information security, the strategic goals and main areas of providing information security are identified taking into account the strategic national priorities of the Russian Federation.

4. The legal basis of this doctrine is constituted by the Constitution of the Russian Federation, generally accepted principles and norms of international law, international treaties of the Russian Federation, federal constitutional laws, federal laws, as well as regulatory legal acts of the President of the Russian Federation and the Government of the Russian Federation.

5. This doctrine is a document of strategic planning in the field of ensuring the national security of the Russian Federation, which develops the provisions of the National Security Strategy of the Russian Federation, approved by the Decree of the President of the Russian Federation of December 31, 2015 No. 683, as well as other strategic planning documents in the specified area.

6. This Doctrine is the basis for the formation of public policy and the development of public relations in the field of information security, as well as to develop measures to improve the system for providing information security.

II. National Interests in the Information Sphere

7. Information Technology They acquired a global transboundary character and became an integral part of all areas of the personality, society and the state. Their effective application is a factor to accelerate the economic development of the state and the formation of the information society.
The information sphere plays an important role in ensuring the implementation of the Strategic National Priorities of the Russian Federation.

8. National interests in the information sphere are:
a) ensuring and protecting the constitutional rights and freedoms of a person and a citizen in terms of obtaining and using information, inviolability of privacy when using information technology, ensuring information support for democratic institutions, mechanisms for the interaction of the state and civil society, as well as the use of information technologies in the interests of saving cultural, historical and spiritual and moral values \u200b\u200bof the multinational people of the Russian Federation;
b) ensuring the sustainable and uninterrupted functioning of the information infrastructure, primarily the critical information infrastructure of the Russian Federation (hereinafter referred to as the critical information infrastructure) and the unified telecommunication network of the Russian Federation, in peacetime, during the immediate threat of aggression and in wartime;
c) the development of information technology and electronic industry in the Russian Federation, as well as the improvement of the activities of industrial, scientific and scientific and technical organizations in the development, production and operation of information security tools, the provision of information security services;
d) bringing to the Russian and international community of reliable information on state policy of the Russian Federation and its official position on socially significant events in the country and the world, the use of information technologies in order to ensure the national security of the Russian Federation in the field of culture;
e) promoting the formation of a system of international information security aimed at countering threats to the use of information technologies in order to violate strategic stability, to strengthen the equal strategic partnership in the field of information security, as well as to protect the sovereignty of the Russian Federation in information space.

9. The implementation of national interests in the information field is aimed at creating a safe environment of reliable information and sustainable on various types of infrastructure in order to ensure the constitutional rights and freedoms of a person and a citizen, the stable socio-economic development of the country, as well as the national security of the Russian Federation.

III. Main information threats and status of information security

10. Expanding the applications of information technology, being a factor in the development of the economy and improving the functioning of public and state institutions, simultaneously generates new information threats.
The possibilities of cross-border turnover of information are increasingly used to achieve geopolitical, contrary to international law of military-political, as well as terrorist, extremist, criminal and other illegal goals to the detriment of international security and strategic stability.
At the same time, the practice of introducing information technologies without linking with the provision of information security significantly increases the likelihood of information threats.

11. One of the main negative factors affecting the state of information security is to build up a number of foreign countries of the capabilities of the information and technical impact on the information infrastructure for military purposes.
At the same time, the activities of organizations carrying out technical exploration against Russian state bodies, scientific organizations and enterprises of the defense and industrial complex increase.

12. The scale of the use of special services of individual states of the means of providing information and psychological exposure aimed at destabilizing the domestic political and social situation in various regions of the world and leading to the undermining sovereignty and violation of the territorial integrity of other states. Religious, ethnic, human rights and other organizations, as well as individual groups of citizens, are involved in this activity, while the possibilities of information technologies are widely used.
There is a tendency to increase the volume of materials containing biased assessment of the state policy of the Russian Federation in foreign media.
Russian media is often exposed abroad of frank discrimination, the Russian journalists create obstacles to the implementation of their professional activities.
An informational impact on the population of Russia is increasing, primarily the youth, in order to blur the traditional Russian spiritual and moral values.

13. Various terrorist and extremist organizations are widely used by the mechanisms of information impact on the individual, group and public consciousness for the injection of interethnic and social tensions, inciting ethnic and religious hatred or hostility, promotion of extremist ideology, as well as attracting new supporters to the terrorist activities. Such organizations in illegal purposes are actively created by means of destructive impact on objects of critical information infrastructure.

14. The scope of computer crime is increasing, primarily in the credit and financial sector, the number of crimes related to the violation of the constitutional rights and freedoms of a person and a citizen, including in terms of the inviolability of privacy, personal and family secrets, in the processing of personal data using information technologies. At the same time, the methods, methods and means of committing such crimes are becoming more sophisticated.

15. The state of information security in the field of defense of the country is characterized by an increase in the use of individual states and organizations of information technologies for military and political purposes, including for the implementation of actions contrary to international law aimed at undermining sovereignty, political and social stability, territorial integrity of the Russian Federation and its allies and pose a threat international Mire., global and regional security.

16. The state of information security in the field of state and public safety is characterized by a constant increase in complexity, increasing the scale and growth of coordination of computer attacks on critical information infrastructure facilities, strengthening the intelligence activities of foreign countries against the Russian Federation, as well as increasing the threats to the application of information technologies in order to damage sovereignty, territorial integrity, political and social stability of the Russian Federation.

17. The state of information security in the economic sphere is characterized by an insufficient level of development of competitive information technologies and their use for the production of products and the provision of services. It remains a high level of dependence of the domestic industry from foreign information technologies in terms of electronic component base, software, computers and communications, which causes the dependence of the socio-economic development of the Russian Federation on the geopolitical interests of foreign countries.

18. The state of information security in the field of science, technology and education is characterized by insufficient effectiveness of scientific research aimed at creating promising information technologies, a low level of introduction of domestic developments and insufficient personnel security in the field of information security, as well as low awareness of citizens in providing personal information security. . At the same time, measures to ensure the safety of information infrastructure, including its integrity, availability and sustainable functioning, using domestic information technologies and domestic products often do not have a comprehensive basis.

19. The state of information security in the field of strategic stability and an equal strategic partnership is characterized by the desire of individual states to use technological superiority for dominance in the information space.
The current distribution between the resources countries necessary to ensure the safe and sustainable operation of the Internet network does not allow to implement a joint fair, based on the principles of confidence in the management of them.
The lack of international legal norms regulating interstate relations in the information space, as well as mechanisms and procedures for their application that take into account the specifics of information technologies make it difficult to form a system of international information security aimed at achieving strategic stability and equal strategic partnership.

IV. Strategic objectives and main directions for providing information security

20. The strategic goal of providing information security in the field of defense of the country is to protect the vital interests of the individual, society and states from domestic and external threats related to the application of information technologies in the military-political purposes contrary to international law, including in order to implement hostile actions and acts of aggression aimed at undermining sovereignty, violation of the territorial integrity of states and pursuing the threat to international peace, security and strategic stability.

21. In accordance with the Military Policy of the Russian Federation, the main directions for providing information security in the field of defense of the country are:
a) strategic containment and preventing military conflicts that may arise as a result of the use of information technologies;
b) improving the information security system of the Armed Forces of the Russian Federation, other troops, military formations and bodies, including the forces and means of information confrontation;
c) forecasting, detection and evaluation of information threats, including the threats to the Armed Forces of the Russian Federation in the information sphere;
d) facilitating the protection of the interests of the allies of the Russian Federation in the information sphere;
e) neutralization of information and psychological impact, including aimed at undermining the historical foundations and patriotic traditions associated with the defense of the Fatherland.

22. The strategic objectives of ensuring information security in the field of state and public security are the protection of sovereignty, maintaining the political and social stability, territorial integrity of the Russian Federation, ensuring the fundamental rights and freedoms of a person and a citizen, as well as the protection of critical information infrastructure.

23. The main directions for providing information security in the field of state and public security are:
a) opposition to the use of information technologies to promote the extremist ideology, the spread of xenophobia, ideas of national exclusivity in order to undermine the sovereignty, political and social stability, a violent change in the constitutional system, violations of the territorial integrity of the Russian Federation;
b) suppression of activities that cause damage to the national security of the Russian Federation carried out using technical means and information technologies with special services and organizations of foreign countries, as well as individuals;
c) improving the protection of the critical information infrastructure and the sustainability of its functioning, the development of mechanisms for the detection and prevention of information threats and the elimination of the consequences of their manifestation, an increase in the protection of citizens and territories from the effects of emergency situations caused by the information and technical impact on objects of critical information infrastructure;
d) improving the safety of the functioning of information infrastructure facilities, including in order to ensure sustainable interaction of state bodies, preventing foreign control over the functioning of such facilities, ensuring the integrity, sustainability of the functioning and safety of the unified telecommunication network of the Russian Federation, as well as ensuring the safety of information transmitted by it and processed in information systems in the Russian Federation;
e) improving the safety of the functioning of samples of weapons, military and special equipment and automated control systems;
(e) Improving the effectiveness of the prevention of offenses committed using information technology and counteracting such offenses;
g) ensuring the protection of information containing information that make up state secrets, other information of limited access and distribution, including by increasing the security of relevant information technologies;
h) improvement of methods and methods of production and safe application of products, providing services based on information technologies using domestic developments that meet the requirements of information security;
i) improve efficiency information support implementation of state policy of the Russian Federation;
K) Neutralization of informational influence aimed at the erosion of traditional Russian spiritual and moral values.

24. The strategic objectives of ensuring information security in the economic sphere are the minimum possible level of influence of negative factors caused by the insufficient level of development of the domestic information technology and electronics and electronic industry, the development and production of competitive means of ensuring information security, as well as increasing the volume and quality of service provision in Information security areas.

25. The main directions for providing information security in the economic sphere are:
a) innovative development of the information technology and electronics industry, an increase in the share of products of this industry in the gross domestic product, b in the structure of the country's export;
b) eliminating the dependence of the domestic industry from foreign information technologies and information security tools through the creation, development and widespread introduction of domestic developments, as well as the production of products and the provision of services based on them;
c) improving the competitiveness of Russian companies operating in the information technology and electronics and electronics, development, production and operation of information security tools that provide services to information security services, including by creating favorable conditions for the activities of the Russian Federation ;
d) the development of a domestic competitive electronic component base and production technologies electronic components, ensuring the needs of the domestic market in such products and the release of this product to the global market.

26. The strategic goal of providing information security B of science, technology and education is to support the innovative and accelerated development of the information security system, the information technology and electronics industry.

27. The main directions for providing information security in the field of science, technology and education are:
a) achieving the competitiveness of Russian information technologies and the development of scientific and technical capacity in the field of information security;
b) the creation and implementation of information technologies originally resistant to different types of impact;
c) conducting scientific research and implementation of experienced developments in order to create promising information technologies and information security tools;
d) the development of personnel potential in the field of information security and the application of information technologies;
e) ensuring the security of citizens from information threats, including through the formation of a personal information security culture.

28. The strategic goal of providing information security B of strategic stability and an equal strategic partnership is to form a sustainable system of non-conflict interstate relations in the information space.

29. The main directions for providing information security in the field of strategic stability and equal strategic partnership are:
a) the protection of the sovereignty of the Russian Federation in the information space through independent and independent policies aimed at implementing national interests in the information sphere;
b) participation in the formation of a system of international information security, which ensures effective opposition to the use of information technologies in military-political purposes, contrary to international law, as well as in terrorist, extremist, criminal and other illegal purposes;
c) the creation of international legal mechanisms that take into account the specifics of information technologies in order to prevent and resolve interstate conflicts in the information space;
d) Promotion as part of the activities of international organizations of the Russian Federation, providing for ensuring equal and mutually beneficial cooperation of all stakeholders in the information sphere;
e) Development of the National Management System of the Russian Segment of the Internet.

V. Organizational basics of information security

30. Information security system is part of the national security system of the Russian Federation.
Ensuring information security is carried out on the basis of a combination of legislative, law enforcement, law enforcement, judicial, control and other forms of state bodies in cooperation with local self-government bodies, organizations and citizens.

31. Information security system is based on the delimitation of powers of legislative, executive and judicial authorities in this field, taking into account the subjects of the federal state authorities, the state authorities of the constituent entities of the Russian Federation, as well as local authorities determined by the legislation of the Russian Federation in the field of ensuring security.

32. The composition of the information security system is determined by the President of the Russian Federation.

33. The organizational basis of the information security system is: the Council of Federation of the Federal Assembly of the Russian Federation, the State Duma of the Federal Assembly of the Russian Federation, the Government of the Russian Federation, the Security Council of the Russian Federation, the federal executive authorities, the Central Bank of the Russian Federation, the Military Industrial Commission of the Russian Federation, Interdepartmental bodies created by the President of the Russian Federation and the Government of the Russian Federation, the executive authorities of the constituent entities of the Russian Federation, local governments, the bodies of the judiciary taking into account in accordance with the legislation of the Russian Federation participation in solving information security tasks.
Participants in the information security system are: the owners of objects of critical information infrastructure and organization operating such objects, media and mass communications, the organization of monetary, currency, banking and other fields of the financial market, telecom operators, information systems operators, organizations carrying out Activities for the creation and operation of information systems and communication networks, the development, production and operation of information security tools, to provide information security services, organizations engaged in educational activities in this field, public associations, other organizations and citizens who are According to the legislation of the Russian Federation, participate in solving information security tasks.

34. The activities of state security authorities are based on the following principles:
(a) The legality of public relations in the information sphere and the legal equality of all participants in such relations based on the constitutional law of citizens to freely look for, to receive, transmit, produce and disseminate information by any legitimate way;
b) the constructive interaction of state bodies, organizations and citizens in solving information security tasks;
c) compliance with the balance between the needs of citizens in the free exchange of information and restrictions related to the need to ensure national security, including in the information sphere;
d) the adequacy of forces and means of providing information security, as determined by the continuous monitoring of information threats;
e) compliance with generally accepted principles and norms of international law, international treaties of the Russian Federation, as well as the legislation of the Russian Federation.

35. The objectives of state bodies within the framework of information security activities are:
a) ensuring the protection of the rights and legitimate interests of citizens and organizations in the information sphere;
b) assessment of the state of information security, forecasting and detecting information threats, the definition of priority directions to prevent and eliminate the consequences of their manifestation;
c) planning, implementation and evaluation of the effectiveness of a complex of information security measures;
d) organization of activity and coordination of the interaction of information security forces, the improvement of their legal, organizational, operational, intelligence, intelligence, counterintelligence, scientific and technical, information and analytical, personnel and economic support;
e) developing and implementing measures for state support of organizations engaged in the development, production and operation of information security tools to provide information security services, as well as organizations carrying out educational activities in this field.

36. The objectives of state bodies in the framework of the development and improvement of the information security system are:
a) strengthening the control vertical and centralization of information security forces at the federal, interregional, regional, municipal levels, as well as at the level of informatization objects, information systems and communication network operators;
b) improving forms and methods for the interaction of information security forces in order to increase their readiness for countering information threats, including by regular training (exercises);
c) improving the information and analytical and scientific and technical aspects of the operation of the information security system;
d) improving the efficiency of interaction between state bodies, local governments, organizations and citizens in solving information security tasks.

37. The implementation of this doctrine is carried out on the basis of sectoral documents of strategic planning of the Russian Federation. In order to actualize such documents, the Security Council of the Russian Federation determines the list of priority areas for providing information security for the medium term, taking into account the provisions of the strategic forecast of the Russian Federation.

38. The results of monitoring the implementation of this doctrine are reflected in the annual report of the Secretary of the Security Council of the Russian Federation to the President of the Russian Federation on the state of national security and measures to strengthen it.

Doctrine IB RF.Represents a set of official views on the goals, objectives, principles and main areas of providing information security "of Russia, serves as the basis for the" formation of state policy "in the field of information (September 9, 2000. Russian President Vladimir Putin approved the" Doctrine of Information Security of the Russian Federation ".)

The doctrine includes a list of major species. possible threats for information securitywhich, among other things, are associated with telecommunication systems. Through such threats are:

Displacement from the domestic market of Russian manufacturers of informatization, telecommunications and communications;

The inability of enterprises of national electronics industries to produce on the basis of the latest achievements of microelectronics, advanced information technologies Competitive high-tech products, allowing to ensure a sufficient level of technological independence of Russia from foreign countries, which leads to the forced widespread use of imported software and hardware when creating and developing information infrastructure in Russia ;

The increase in outflow abroad of specialists and copyright holders of intellectual property;

Violation of the established regulation of the collection, processing and transmission of information, deliberate actions and errors of personnel of information and telecommunication systems, refusal of technical means and software malfunctions in information and telecommunication systems;

Use not certified in accordance with the safety requirements of the funds and systems of informatization and communication, as well as the means of protecting information and control their effectiveness;

Under information security The Russian Federation is understood as the state of the protection of its national interests in the information sphere. National interests are a combination of balanced interests of the individual, society and the state. Potential threat Information security always exists.

Doctrine IB RF. It represents a collection of official views on the goals, objectives, principles and main areas of providing information security "of Russia, serves as the basis for the" formation of state policy "in the field of information (September 9, 2000, Russian President Vladimir Putin approved the Doctrine of Information Security of the Russian Federation. )

In its direction the threats of information security of the Russian Federation are divided into the following types:

1. Threats to constitutional rights and human freedoms and citizen in the field of spiritual life and information activities:

Creation of monopolies on the formation, obtaining and disseminating information;

Restriction of access to information;

Destruction of the accumulation and preservation of cultural property, including archives;

Displacement of Russian news agencies, media from the internal information market and strengthening the dependence of the spiritual, economic and political spheres of Russia's social life from foreign information structures;

Manipulating information (disinformation, concealment or distortion of information), etc.

2. Threats to the information support of public policy of the Russian Federation:

Monopolization of the information market of Russia;

Low efficiency of information support of the state policy of the Russian Federation due to the shortage of qualified personnel, the lack of a system for the formation and implementation of state information policy;

Violation of the established regulation of the collection, processing and transmission of information, deliberate actions and errors of personnel information and telecommunication systems, refusal of technical means and software malfunctions in information and telecommunication systems, etc.

3. Threats to the development of the domestic information industry:

Countering access of the Russian Federation to the latest information technologies;

Purchase by state authorities of imported means of informatization, telecommunications and communication in the presence of domestic analogues, not inferior in their characteristics by foreign samples;

The increase in outflow abroad of specialists and copyright holders of intellectual property and others.

4. Threats to the safety of information and telecommunications and systems:

Unlawful collection and use of information;

Violations of information processing technology;

Impact on passing-key system protection systems;

Leakage and interception of information on technical channels;

Unauthorized access to information in banks and databases;

Attracting work on the creation, development and protection of information and telecommunication systems of organizations and firms that do not have public licenses for these activities.

It should be noted that, although information security problems generated by informatization are global, for Russia they acquire special significance in connection with its geopolitical and economic regulations.

In the Doctrine of Information Security of the Russian Federation, approved by the President of the Russian Federation on September 9, 2000, the threat of information security of the country in their general orientation is divided into threats:

* constitutional rights and freedoms of a person and citizen in the field of information activities;

* spiritual life of society;

Information Security

* information infrastructure;

* Information resources.

Threats to constitutional rights and freedoms of man and citizenin the field of information security may be:

* adoption by state authorities regulatory legal acts that infer the constitutional rights and freedom of citizens in the field of information activities;

* creation of monopolies on the formation, obtaining and disseminating information in the Russian Federation, including using telecommunication systems;

* opposition, including from criminal structures, implemented by citizens of its constitutional rights to personal and family secrets, the secret of correspondence, telephone conversations and other communications, as well as the ineffective application of the regulatory framework existing in this area;

* irrational, excessive restriction of access to socially necessary information;

* violation of the constitutional rights and freedoms of man and civilian citizen;

* Failure to comply with state authorities, organizations and citizens of the requirements of the legislation of the Russian Federation regulating relations in the information sphere.

Threats of the spiritual life of societymay be:

* The use of means of impact on the mass consciousness of citizens;

* Disorganization and destruction of the accumulation and preservation of cultural property, including archives;

* restriction of citizens' access to open state information resources of state authorities, other socially significant information;

* reduction of the spiritual, moral and creative potential of Russia;

* Manipulating information (disinformation, concealment or distortion of information).

Threats of information infrastructuremay be:

* Violation of targeting and timeliness of information exchange, illegal collection and use of information;

* violation of information processing technology;

* Introduction to hardware and software components that implement the functions not provided for in the documentation for these products;

* development and dissemination of programs that violate the normal functioning of informational and information and telecommunication systems, including information protection systems;

* Destruction, damage, radio electronic suppression or destruction of means and information processing systems, telecommunications and communications;

* Theft of software or hardware keys and means cryptographic protection information;

* interception of information in technical channels, its leakage that occurs when the technical means of processing and storage, as well as during the transfer of information on communication channels;

* Implementation electronic devices intercepting information into technical means of processing, storing and transmitting information on communication channels, as well as in office space of state authorities and organizations;

* destruction, damage, destruction or theft of machine and other media;

* intercept, decryption and imposing false information in data networks, communication lines and mass media;

* Impact on pair-key systems for the protection of automated processing and information processing systems;

* Purchase abroad information technology, informatization, telecommunications and communications, having domestic analogs, not inferior in their characteristics to foreign samples.

Threats of informational resourcesmay be:

* activities of space, air, marine and terrestrial technical means of exploration of foreign states;

* Imagine unauthorized access to information resources and their illegal use;

* Theft information resources from libraries, archives, banks and databases;

* Violation of legitimate restrictions on the dissemination of information resources.

In his Message on National Security (June 13, 1996), the President of the Russian Federation has determined major threats for Russia in the information sphere in the following way:

* internal -the country's backlog from leading countries in terms of level and pace of informatization, lack of a clearly formulated information policy;

* external -attempts to prevent Russia to participate in equitable conditions in international information exchange, intervention and targeted penetration into the activities and development of the information infrastructure of the Russian Federation, the desire to reduce the use of Russian as an international means of communication and through this narrowing of the Russian information space.

These and other internal and external threats by ways of exposure (implementations) are divided into actual information, software-mathematical, physical and organizational.

Information threatsimplemented through unauthorized access to information resources and their embezzlement for the purpose of illegal use, negative manipulation of information (disinformation, distortion of information, its concealment), violations of information processing technology, etc.

Software-mathematical threatsimplemented by introducing components to hardware and software systems that perform functions that are not described in the documentation for these systems and reduce the effectiveness of their functioning, developing and disseminating programs (viruses, "Trojan horses", etc.) that violate the normal functioning of systems, including Information protection systems.

Physical threatsassociated with physical impact (destruction, damage, embarrassment) on information Systems and their elements, signal interception of information in the transmission channels or in office spaces, etc.

TO organizational threatsfirst of all, a weak legal framework for providing information security should be attributed. There is practically no legal support for information security at the regional level. The requirements of existing legislative acts (the Constitution of the Russian Federation, the laws of the Russian Federation "On Security", "On State Secret", "On Information, Informatization and Information Protection", etc.) are not always performed. The shortcomings of the legal system lead to the fact that a significant amount of information from limited access In the financial and stock exchange, tax, customs, foreign economic, housing and other areas in the form of specific databases is distributed by various commercial firms.

IN information spacefrom the standpoint of information security most typical there are two dangers:

1) control (extraction) of the state's information resourcesi.e. actually information intelligence (espionage). The information space was and remains the sphere of activity of numerous intelligence services. Today, information intelligence can be implemented in two ways: unauthorized entry into information and control systems; Legally, due to the active participation of foreign firms in creating the information structure of Russia. At the same time, in addition to the negative consequences related to the fact that the country's information resources are under the control of the relevant foreign structures, direct damage to the economy is applied - domestic science and production remain without their own orders;

2) the threat of destruction or disorganization of information resources of elements of state structures.With the current level of information technology development, such impacts can be carried out even in peacetime. They are fraught with the destruction of the state-valuable information, its distortion or implementation of negative information in order to disorganize or making incorrect solutions at the corresponding level of government.

Special place occupies safety of computer networks,which allow you to combine and share the large amount of local and global information resources. Computer networks become one of the basic means of informational communication. At the same time, their huge opportunities are confirmed to ensure the problem of providing information. This circumstance must be taken into account when creating and developing both local and global computer networks. Thus, in the process of creating the Internet in the United States in January 1981, the Center for Computer Security of the Ministry of Defense was created, in 1985 it was transformed into the National Center for Computer Security and transferred to the National Security Agency.

The analysis of the threatened threats, forms and methods of their impact on security objects in the information sphere, as well as methods and means of combating these threats, it allows you to assert that in the theory and practice of information security, two directions can be crystallized, which can be defined (albeit Enough conditionally) as information and psychological safety and protection of information.

Informational and Psychological Security -the state of the protection of citizens, individual groups and social sections of society, the mass associations of people, the population as a whole from the negative information and psychological impacts carried out in the information space (more about this will be discussed further).

Protection of information -ensuring the safety of information (parishing of threats of information infrastructure and information resources).

Currently, information protection issues are most actively developed: organizational, legal, technical and technological measures to prevent and reflect threats to information resources and systems, eliminating their consequences. The theory of information protection is formed, methods and means of information protection are created and actively used in practice, specialists are being prepared for a number of specialties and specializations, such as information protection technology, integrated support for automated systems, safety and information protection, and so on.

Along with the political, economic, military, social and environmental safety, an integral part of the national security of the Russian Federation is information security.

The information security of the Russian Federation means the state of the protection of the national interests of the Russian Federation in the information sphere, which are determined by the combinedness of the balanced interests of the individual, society and the state.

The information sphere is a combination of information resources and information infrastructure of the protection object.

The combination of stored, processed and transmitted information used to ensure management processes is called the information resource.

Information resources include:

· Information resources of the defense complex enterprises containing information about the main directions of the development of weapons, on scientific and technical and industrial potential, on the volume of supply and stocks of strategic species of raw materials and materials;

· Informational support of management and communication systems;

· Information on fundamental and applied NIRs that have state importance and others.

Information infrastructure is a combination of information subsystems, management centers, hardware software and technologies to ensure the collection, storage, processing and transmission of information.

Information infrastructure includes:

· Information infrastructure of the central, local government bodies, research institutions;

· Information infrastructure of the enterprises of the defense complex and research institutions that fulfill state defense orders or dealing with defense issues;

· Program and technical means of automated and automatic control and communication systems.

Under the threat of information, the information is understood as the combination of conditions and factors creating a potential or actually existing danger associated with the leakage of information and (or) unauthorized and (or) unintentional effects on it. The threats of information security of the Russian Federation are divided into external and internal.

External threats representing the greatest danger to security facilities are:

· All types of reconnaissance activities of foreign countries;

· Information and technical impacts (including radio electronic struggle, penetration into computer networks);

· Diverse and subversive activities of special services of foreign states, carried out by methods of information and psychological impact;

· Activities of foreign political, economic and military structures, aimed at the interests of the Russian Federation in the Defense.

To the inner threats that will be a special danger in the exacerbation of the military-political situation include:

· Violation of the established regulation of the collection, processing, storage and transmission of information in the headquarters and institutions of the power structures of the Russian Federation, at the enterprises of the defense complex;

· Intentional actions, as well as errors of personnel of information and telecommunication systems of special purpose;

· Unreliable functioning of information and telecommunication systems of special purpose;

· Possible outreach activities that undermining the prestige of the power structures of the Russian Federation and their combat readiness;

· Outstanding issues of the protection of intellectual property of enterprises of the defense complex, leading to leakage abroad of the most valuable state information resources.

The security threats have already been deployed and created information and telecommunications and systems include:

· Unlawful collection and use of information;

· Violation of information processing technology;

· Introduction to hardware and software components that implement the functions that are not provided for by the documentation for these products;

· Development and dissemination of programs that violate the normal functioning of information and information and telecommunication systems, including information protection systems;

· Destruction, damage, radio electronic suppression or destruction of information and information processing systems, telecommunications and communications;

· Impact on pair-key systems for the protection of automated processing and information processing systems;

· Compromise the keys and means of cryptographic information protection;

· Leak of information on technical channels;

· The introduction of electronic devices intended to intercept information into technical means of processing, storing and transmitting information on communication channels, as well as on officials of state authorities, enterprises, institutions and organizations, regardless of the form of ownership;

· Destruction, damage, destruction or theft of machine and other media;

· Interception of information in data transmission networks and on lines of communication, decryption of this information and imposing false information;

· Use of unattended domestic and foreign information technologies, information protection tools, informatization, telecommunications and communication in the creation and development of Russian information infrastructure;

· Unauthorized access to information in banks and databases;

· Violation of legitimate restrictions on the dissemination of information.

The main directions of improving the information security system of the Russian Federation are:

· Systematic detection of threats and their sources, structuring the objectives of ensuring information security and the definition of relevant practical tasks;

· Certification of general and special software packages applied software and information security tools in existing and created automated systems management and communication that have elements of computing equipment in their composition;

· Constant improvement of information protection tools, the development of protected communication and management systems, improving the reliability of special software;

· Improving the structure of system functional organs, coordination of their interaction.

An assessment of the status of information security is based on the analysis of sources of threats (the potential ability to violate protection).

Activities aimed at preventing leakage of the protected information, unauthorized and unintended impacts on it, refer to the protection of information. The object of protection is information or information carrier, or the information process to be protected.

Protection of information is organized in three directions: from leakage, from unauthorized impact and from unintentional impact (see Fig. 4.1).

The first direction is the protection of information from leakage - activities aimed at preventing uncontrolled dissemination of the protected information as a result of its disclosure, unauthorized access to information and receiving intelligence protected information.

Protection of information from disclosure is aimed at preventing unauthorized bringing it to the consumer who has no right to access this information.

Protection of information from unauthorized access is aimed at preventing information to the stakeholder in violation. established rightsservices or owner, the owner of the rights or information rules for protected information. A stakeholder that unauthorized access to the protected information may be: a state; entity; Group of individuals, including a public organization; Separate individual.

Protection of information from technical intelligence aims to prevent information from obtaining information with technical means.

The second direction is the protection of information from unauthorized impact - activities aimed at preventing the impact on protected information with a violation of the established rights and (or) rules for changing information leading to its distortion, destruction, blocking access to information, as well as to loss, destruction or Failure to function media information.

Third direction - Protection of information from unintentional impact - Activities aimed at preventing the impact on the protected information of its user errors, the failure of technical and software information systems, natural phenomena or other events leading to distortion, destruction, copying, blocking access to information, and Also to the loss of destruction or failure of the information carrier.

To organize information protection - it means to create a system for the protection of information, as well as develop measures to protect and control the efficiency of protection (see Fig. 4.2).

Fig. 4.2. Basic information security scheme

The sources of threats of the IB RF are divided into external and internal. TO external sources relate:

• - the activities of foreign political, economic, military, intelligence and information structures, aimed against the interests of the Russian Federation in the information sphere;
• - the desire of a number of countries to dominate and infringement of Russia's interests in the global information space, to oust it from external and internal information markets;
• - exacerbation of international competition for the possession of information technologies and resources;
• - activities of international terrorist organizations;
• - an increase in the technological separation of leading powers of the world and increasing their possibilities to counteract the Creating Competitive Russian Information Technologies;
• - the activities of space, air, marine and terrestrial technical and other means (species) of exploration of foreign states;
• - Development by a number of states of information wars and relevant weapons, providing for the creation of funds of hazardous impact on information spheres of other countries of the world, violation of the normal functioning of information and telecommunication systems, the safety of information resources, obtaining unauthorized access to them.

Internal sources include:

• - critical condition of domestic industries;
• - unfavorable criminogenic situation accompanied by trends in the splicing of state and criminal structures in the information sphere, obtaining criminal structures of access to confidential information, strengthening the impact of organized crime on the life of society, to reduce the degree of security of legitimate interests of citizens, society and state in the information sphere;
• - insufficient coordination of the activities of federal government bodies, state authorities of the constituent entities of the Russian Federation on the formation and implementation of a unified state policy in the field of providing IB RF;
• - insufficient design of the regulatory framework regulating the relationship in the information sphere, as well as insufficient law enforcement;
• - the underdevelopment of civil society institutions and insufficient state control over the development of the information market in Russia;
• - insufficient financing of measures to ensure

• - insufficient economic power of the state;
• - reducing the effectiveness of the education system and education, the insufficient number of qualified personnel in the field of IB;
• - the insufficient activity of federal state authorities, state authorities of the constituent entities of the Russian Federation in informing the Company about their activities, in explaining the decisions made, in the formation of open state resources and the development of a system of access to citizens;
• - Russian lag from leading countries in the level of informatization of federal state authorities, state authorities of the constituent entities of the Russian Federation and local governments, credit and financial sphere, industry, agriculture, education, health care services and life of citizens.

With the transition from industrial society to the information and relevant development of information technologies, considerable attention is paid to newest species The so-called "humane weapons" ("non-mercy of weapons and technologies of wars"), they include informational, psychotronnos, economic, conscientation weapons and Il. A special place among them is the information weapon and information warning technologies. According to their significance, it is evidenced by the fact that the United States has created information troops and the Cybervoines divisions have been produced for the third year. Today, the US Department of Defense Directives details the procedure for preparing for information wars. According to its effectiveness, information weapons are comparable to weapons of mass lesion. The spectrum of the action of information weapons can extend from harming the mental health of people before making viruses in computer networks and destruction of information. Pentagon on supercomputers models options for possible wars in the 21st century using the methods and technology of "non-mercy".

In the Armed Forces of NATO, especially the United States, considerable attention is paid to the role of "non-mercy" and technologies, primarily information weapons and psychological and propaganda operations in the 20th century wars, which significantly change the nature of the use of land, air-air and naval forces on TVD and the geopolitical and civilization confrontation of the main centers of the emerging multipolar world.

The difference between the species and technologies of "Nsssmer Weapons" from ordinary military weapons is that it focuses on the use of algorithms and technologies that concentrate basic knowledge aimed at defeating the enemy. The information war in essence personifies the war of civilizations for survival in conditions of constantly declining resources. The information weapon is striking a person's consciousness, destroys ways and identification forms of identification in relation to fixed communities, it transforms an individual memory matrix, creating a person with in advance specified parameters (The type of consciousness, artificial needs, forms of self-determination, etc.), satisfying the requirements of the aggressor, displays the control system of the enemy state and its armed forces.

Practice has shown that the greatest losses of the armed forces carry from the use of "non-sillecom" information weapons against them and, first of all, from the effects of affecting elements acting on the human management and psyche. Information and conscientation weapons affect the "ideal" objects (iconic systems) or their material carriers.

Currently, the global information reference and information and ideological expansion of the West, carried out by world telecommunication networks (for example, the Internet) and through the media. Many countries are forced to take special measures to protect their fellow citizens, their culture, traditions and spiritual values \u200b\u200bfrom alien informational influence. There is a need to protect national information resources and preserve the confidentiality of information exchange but the world open networksSince the political and economic confrontation of states can arise on this basis, new crises in international relations. Therefore, information security, information war and informational weapons are currently in the center of universal attention.

Information weapons are funds:

• - destruction, distortion or theft of information arrays;
• - overcoming protection systems;
• - restrictions on the admission of legal users;
• - Disorganization of technical equipment, computer

Attacking information weapons today can be called:

• - computer virusescapable of multiplying, implementing programs, transmitted over lines of communication, data networks, disable control systems, etc.;
• - Logic bombs - program mortgage devices that are in advance in the information and managers of military or civil infrastructure centers in order to signal or in set time lead them into action;
• - means of suppressing information exchange in telecommunication networks, falsification of information in the channels of state and military management;
• - Test programs neutralization;
• - various kinds of mistakes deliberately introduced by the enemy in software object.

Universality, secrecy, multivariate of the forms of software and hardware implementation, the radicality of the impact, sufficient selection of time and place of use, finally, the cost-effectiveness makes the informational weapons are extremely dangerous: it is easily masked for means of protection, such as intellectual property; It makes it even to conduct offensive actions anonymously, without declaring war.

The normal vital activity of the public organism is entirely determined by the level of development, the quality of functioning and safety of the information medium. Production and management, defense and communications, transport and energy, finance, science and education, media - it all depends on the intensity of information exchange, completeness, timeliness, reliability of information. It is the information infrastructure of society that is the target of informational weapons. But first of all, new weapons are aimed at the armed forces, the enterprises of the defense complex, the structures responsible for the external and internal security of the country. The high degree of centralization of the structures of the Russian economy can lead to disastrous consequences as a result of information aggression. The rate of improving information weapons (as well as any type of attacking weapons) exceed the rate of development of protection technologies. Therefore, the task of neutralizing information weapons, reflections of the threat of its application should be considered as one of the priorities in ensuring the national security of the country.

In the report of the Joint Commission, the security created by order of the Minister of Defense and the Director of the CIA in the United States in June 1993 and completed its work in February 1994, it says: "... It is already recognized that the data networks are transformed into an Iol of the Battle of the Future. Information weapons, the strategy and tactics of the application of which have to be carefully developed, will be used with "electronic speeds" during defense and attack. Information technologies will allow the resolution of geopolitical crises, ns producing a single shot. Our policy of ensuring national security and its implementation procedures should be aimed at protecting our opportunities. But the knowledge of information wars and to create all the necessary conditions for the reversion of the opposing US states to such wars ... ".

The destruction of certain types of consciousness involves the destruction and reorganization of communities, which constitute this type of consciousness.

It is possible to distinguish five basic ways to defeat and destroy consciousness in the conscientation war:

• 1. The defeat of the neuro-cerebral substrate, which reduces the level of functioning of consciousness, can occur on the basis of the effect of chemicals, long-term poisoning of air, food, directional radiation influences;
• 2. A decrease in the organization of an information and communicative environment based on its disintegration and the primitivization in which consciousness is functions and "lives";
• 3. occult impact on the organization of consciousness on the basis of a directional transfer of thought to the subject of the defeat;
• 4. Special organization and distribution over the channels of communication of images and texts that destroy the work of consciousness (it can be conditionally designated as psychotropic weapons);
• 5. The destruction of the methods and forms of identification of the personality in relation to fixed communities, leading to the change of the forms of self-determination and to depersonalization.

First of all, this type of influences on changing and transformation of types of image (deep identification with a goy or other position represented by concrete manner) and authentications (sense of personal authenticity) are carried out by the media, and above all, television. It is in this area that all the main actions to destroy the Russian-Russian post-Soviet consciousness occur.

The ultimate goal of the use of conscientious weapons of the EGO isymanis of people from the established forms of MSGabs. The destruction of the people and the transformation of it into the population occurs due to the fact that no one else wants to bind and relate themselves to those polytennic, to which before it belonged. The destruction of the prevailing image of the image is aimed at the destruction of the mechanisms for the inclusion of a person in the naturally established and existing communion and replacement of these evolutionary and naturally established communities of one completely artificial - the community of viewers around the TV. It doesn't matter how a person at the same time believes that he sees and hears from the TV screen, it is important that he is a permanent viewer, since in this case it can be sentiently and resistant to it. But in the conditions of the formal world and the gak called local wars, the conscientation war is very effective.