Directions information security - these are regulatory categories aimed at ensuring comprehensive protection of information from internal and external threats at the state level, at the enterprise or organization level, at the level of an individual.

Given the practice that has developed at present, the following areas of information protection are distinguished:

legal protection - these are special laws, others regulations, rules, procedures and measures that ensure the protection of information on a legal basis;

organizational protection - this is the regulation of production activities and relationships of performers on a regulatory basis, which eliminates or weakens the infliction of any losses to performers;

engineering protection is the use of various technical means that prevent loss.

In addition, protection measures aimed at ensuring information security can be characterized by a number of parameters that reflect, in addition to directions, orientation to objects of protection, nature of threats, methods of action, their distribution, scope and scale.

So, by the nature of threats, protection measures are focused on protecting information from disclosure, leakage and unauthorized access. According to the method of action, they can be divided into warning, identification, termination and resumption of losses or other losses. In terms of coverage, protection measures may extend to the territory, building, premises, equipment or individual elements of equipment. The scale of protection measures is characterized as objective, group or individual protection.

1.2. Legal defense

The concept rightsdefined as a set of generally binding rules and norms of behavior that are established or authorized by the state, in relation to certain areas of life and activities of state bodies, enterprises (organizations) and the population (individual).

Legal protection of information as a resource is recognized at the interstate, state level and is determined by interstate treaties, conventions, declarations and is implemented by patents, copyright and licenses to protect them. At the state level, legal protection is regulated by state and departmental acts (Fig. 6.1).

Fig. 1.1. Legal protection of information

IN in our state, such rules (acts, norms) are the Constitution of Ukraine, the laws of Ukraine, civil, administrative, criminal law, set forth in the relevant codes. As for departmental normative acts, they are determined by orders, guidelines, regulations and instructions issued by departments, organizations and enterprises that operate within certain structures.

Modern conditions require and determine the need for an integrated approach to the formation of legislation to protect information, its composition and content, its correlation with the whole system of laws and legal acts of Ukraine.

Information security requirements should organically be included in all levels of legislation, including constitutional legislation, the main general laws, laws on the organization of the state management system, special laws, departmental legal acts  etc. Usually the following structure of legal acts is used, which are focused on the legal protection of information.

Constitutionallegislation - norms that relate to issues of informatization and information protection are included in it as components.

General lawscodes (on property, on subsurface, on the rights of citizens, on citizenship, on taxes, on antitrust activities, etc.), which include standards on issues of informatization and information security.

Management Organization Lawsregarding individual structures of the economy, economy, system of government bodies and determining their status. Such laws include separate rules on the protection of information. Along with the general issues of information support and protection of information of a particular body, these standards should establish its responsibilities for the formation, updating and security of information that is of national interest.

Special lawswhich relate to specific areas of relations, industries, processes. These include the Laws of Ukraine "On Information", "On the Protection of Information in Automated Systems", etc. Actually, the composition and content of this block of laws creates special legislation as the basis for the legal provision of information security.

By-Lawsto protect information.

Law-enforcement legislation of Ukraine,which contains the rules on liability for an offense in the field of informatization.

Special legislationin the information security industry, it can be represented by a collection of laws. The Laws “On Information” and “On Information Protection in Automated Systems”, which lay the foundation for the legal definition of all the most important components, occupy a special place in their composition. information activities:

information and information systems;

subjects - participants in information processes;

legal relations between producers and consumers of information products;

owners (sources) of information - processors and consumers based on property relations while ensuring guarantees of the interests of citizens and the state.

These laws also determine the basics of protecting information in processing systems and when using it, taking into account the categories of access to open information and information with limited access. These laws contain, in addition, general rules for the organization and maintenance of information systems, including state-owned data banks, the procedure for state registration, licensing, certification, examination, as well as general principles for protecting and guaranteeing the rights of participants in the information process.

The issues of the legal regime of information with limited access are implemented in two separate laws on state and commercial (draft) secrets.

Thus, the legal protection of information is ensured by regulatory acts, the totality of which represents a hierarchical system from the Constitution of Ukraine to the functional duties and contracts of a particular contractor, which determine the list of information that is subject to protection, and measures of responsibility for their disclosure.

One of the new directions legal protection there is insurance coverage. It is intended to protect its own information and its processing tools both from traditional threats (theft, natural disasters), and from threats that arise in the course of working with information. These include disclosures, diversion, and unauthorized access to confidential information.

The purpose of insurance is to provide insurance protection for individuals and legal entities from insurance risks in the form of full or partial compensation for damage and losses caused by natural disasters, extraordinary events in various industries, illegal actions by competitors and intruders by paying cash compensation or providing services (repair, renewal) upon the occurrence of an insurance event.

Based on state legal acts and taking into account departmental interests at the level of a particular enterprise (company, organization), they develop their own regulatory documents aimed at ensuring information security. These documents include:

provision for the preservation of confidential information;

a list of information that constitutes confidential information;

instructions on the procedure for admitting employees to information that constitutes confidential information;

regulations on special paperwork, document management;

regulations on work with foreign companies and their representatives;

employee commitment to maintain confidential information;

memo to the employee about maintaining trade secrets.

The above regulations aimed at preventing cases of unlawful disclosure of secrets on a legal basis - in case of violation, appropriate measures should be taken.

Depending on the nature of the information, its availability to interested consumers, as well as the economic feasibility of specific protective measures, the following forms of information protection can be selected:

recognition of information as confidential;

trademarks;

application of norms of binding law.

There are certain differences between copyright and trade secrets. Copyright protects only the expression of an idea. Trade secrets relate directly to the content. Copyright protects against copying regardless of confidential relations with the owner. Copyright is resorted to when publishing its information widely, while trade secrets are kept secret. Obviously, in comparison with a patent and copyright, trade secrets and production secrets are the most convenient, reliable and flexible forms of information protection.

In addition to the above forms of legal protection and ownership of information, official transfer of the right to use it in the form of a license is widespread.

A license is a permit issued by the state to conduct certain types of economic activity, including foreign trade operations and the right to use inventions, technologies, and methods protected by patents. Licensing permits are granted for a specific time and for certain types of goods.

Trade secrets are information that is not state secrets related to production, technology, management, finance and other activities, disclosure, leakage and unauthorized access to which may result in losses to their owners.

Trade secrets do not include:

information that is protected by the state;

information that is generally known legally;

information about negative aspects of activity;

constituent documents and information on economic activity.

Creating an information security system, it is necessary to clearly understand that without legal support  To protect the information, any of the following claims against an unscrupulous employee, client, competitor and official will be simply unfounded.

If the list of information of a confidential nature is not timely communicated to each employee in writing, then the employee who stole important information in violation of the established procedure for working with it will most likely not be punished.

Legal standards for ensuring security and protection of information at a particular enterprise (company, organization) are displayed in the aggregate of constituent, organizational and functional documents.

The requirements for ensuring security and information protection are displayed in the Charter (memorandum of association) in the form of the following provisions:

the enterprise has the right to determine the composition, scope and procedure for protecting confidential information, to require its employees to ensure their preservation and protection against internal and external threats;

the company is required to ensure the preservation of confidential information.

Such requirements give the enterprise administration the following rights:

create organizational structures for the protection of confidential information;

issue regulatory and prescriptive documents that determine the procedure for the allocation of confidential information and mechanisms for their protection;

include information protection requirements in agreements for all types of economic activity;

demand protection of the interests of the enterprise by state and judicial instances;

to dispose of information that is the property of the enterprise, with the aim of gaining and avoiding economic losses of the collective of the enterprise and the owner of the means of production;

develop a "List of Confidential Information Details"

The obligations of a particular employee, worker or employee regarding the protection of information must be specified in an employment contract (contract). In accordance with the Labor Code, when concluding an employment contract, an employee is obligated to fulfill certain requirements that apply to this enterprise. Regardless of the form of conclusion of the contract (whether written or verbal), the signature of the employee on the job order confirms his agreement with the terms of the contract.

Requirements for the protection of confidential information may be stipulated in the text of the contract, if the contract is concluded in writing. If the contract is concluded orally, then the requirements for the protection of information that come out of the regulatory documents of the enterprise apply. At the conclusion of the employment contract and execution of the order on the hiring of a new employee, a note is made on his awareness of the procedure for protecting the information of the enterprise. This creates the necessary element of involving this person in the information security mechanism.

Legal regulation is necessary to improve the mechanism for preventing illegal actions in relation to information resources, to clarify and consolidate the tasks of individual entities in the field of preventive activities, protecting the rights and legitimate interests of citizens and organizations.

Legal measures to ensure security and protection of information are the basis of the order of activity and behavior of employees of the enterprise and determine the measure of their responsibility for violation of established standards.

INFORMATION SECURITY MAIN DIRECTIONS

The information sphere, as a system-forming factor in the life of society, actively influences the state of the political, economic, defense and other components of the security of the Russian Federation.

(Doctrine of Information Security of the Russian Federation)

Among the most important areas of life of society and the state, the information security of which ensures national interests, the Doctrine of Information Security of the Russian Federation includes:

scope of the economy;

domestic and foreign policy;

science and technology;

law enforcement and emergency response;

functioning of information and telecommunication systems;

the sphere of the spiritual life of man and society.

New to the business concept is its dependence on information wars going on around the world.

(E. Toffler)

Exposure to Information Security Threats in economicsmost susceptible to:

state statistics system; credit and financial system;

information and accounting automated systems of subdivisions of federal executive bodies that support the activities of society and the state in the economic sphere;

accounting systems of enterprises, institutions and organizations, regardless of ownership;

systems for the collection, processing, storage and transmission of financial, exchange, tax, customs information and information on foreign economic activity of the state, as well as enterprises, institutions and organizations, regardless of ownership.

The transition to market relations in the economy has led to the appearance on the domestic Russian market of goods and services of many domestic and foreign commercial structures, including producers and consumers of information, means of informatization and information protection. The uncontrolled activities of these structures to create and protect systems for the collection, processing, storage and transmission of statistical, financial, exchange, tax, customs information pose a real threat to Russia's security in the economic sphere. Similar threats arise with the uncontrolled involvement of foreign firms in the creation of such systems, since this creates favorable conditions for unauthorized access to confidential economic information and for monitoring the processes of its transmission and processing by foreign intelligence services.

The widespread use of imported means of informatization, telecommunications, communications and information protection poses a threat to the emergence of technological dependence of Russia in this area from foreign countries.

The insufficiency of the regulatory legal framework that determines the responsibility of business entities for the inaccuracy or concealment of information about their commercial activities, about the consumer properties of the goods and services they produce, about the results of their business, about investments, etc. hinders the normal functioning of the country's economy as a whole.

On the other hand, significant economic damage to business entities can be caused due to the disclosure of information containing trade secrets. In systems for collecting, processing, storing and transmitting financial, tax, customs information, the most dangerous are illegal copying of information or its distortion due to intentional violations of the technology of working with information and unauthorized access to it. This also applies to federal executive bodies involved in the formation and dissemination of information on the foreign economic activity of the Russian Federation.

Main measuresto ensure information security of the Russian Federation in the field of economics are:

organization and implementation of state control over the creation, development and protection of systems and means of collecting, processing, storage and transmission of statistical, financial, exchange, tax, customs information;

radical restructuring of the system of state statistical reporting in order to ensure the reliability, completeness and security of information, carried out by introducing strict legal responsibility of officials for the preparation of primary information, organization of control over the activities of these individuals and statistical information processing and analysis services, as well as by restricting the commercialization of such information ;

development of national certified information security tools and their implementation in systems and tools for the collection, processing, storage and transmission of statistical, financial, exchange, tax, customs information;

development and implementation of national secure electronic payment systems based on smart cards, electronic money systems and electronic commerce, standardization of these systems, as well as the development of a regulatory framework governing their use;

improving the regulatory framework informational relationship  in the field of economics;

improving methods for selecting and training personnel for work in the systems for collecting, processing, storing and transmitting economic information.

To the most important information security facilities in domestic policyThe information security doctrine includes:

constitutional rights and freedoms of man and citizen;

constitutional order, national consensus, stability state power, sovereignty and territorial integrity of the Russian Federation;

open information resources of federal executive bodies and funds mass media.

Greatest dangerin the field of domestic politics, the following threats are presented:

violation of constitutional rights and freedoms of citizens exercised in the information sphere;

insufficient legal regulation  relations in the field of the rights of various political forces to use the media to propagate their ideas;

the spread of misinformation about the policy of the Russian Federation, the activities of federal government bodies, events taking place in the country and abroad;

the activities of public associations aimed at forcibly changing the foundations of the constitutional system and violating the integrity of the Russian Federation, inciting social, racial, national and religious hatred, and disseminating these ideas in the media.

Main activitiesto ensure information security in the field of domestic policy are:

the creation of a system to counter the monopolization of domestic and foreign structures of the components of the information infrastructure, including the market for information services and the media;

intensification of counter-propaganda activities aimed at preventing the negative consequences of the spread of misinformation about Russia's domestic policy.

To protect the political security of the country, you need to learn how to wage an information war using various media.

(Shen Weiguang)

In the field of foreign policythe doctrine relates to the most important objects of ensuring information security:

information resources of federal executive bodies that implement the foreign policy of the Russian Federation, Russian missions and organizations abroad, and missions of the Russian Federation to international organizations;

information resources of representative offices of federal executive bodies implementing the foreign policy of the Russian Federation on the territories of constituent entities of the Russian Federation;

information resources of Russian enterprises, institutions and organizations subordinate to federal executive bodies implementing the foreign policy of the Russian Federation.

Of external threatsinformation security in the field of foreign policy, according to the Doctrine, the greatest danger are:

information impact of foreign political, economic, military and information structures on the development and implementation of the foreign policy strategy of the Russian Federation;

the spread abroad of misinformation about the foreign policy of the Russian Federation;

blocking the activities of the Russian media in explaining to a foreign audience the goals and main directions public policy  Russia, its opinions on socially significant events in Russian and international life;

violation of the rights of Russian citizens and legal entities in the information sphere abroad;

attempts of unauthorized access to information and impact on information resources, information infrastructure of federal executive bodies implementing the foreign policy of the Russian Federation, Russian missions and organizations abroad, and missions of the Russian Federation to international organizations.

Among internal threatsinformation Security in Foreign Policy Doctrine includes:

violation of the established procedure for the collection, processing, storage and transmission of information in federal executive bodies that implement the foreign policy of the Russian Federation, and in their subordinate enterprises, institutions and organizations;

information and propaganda activities of political forces, public associations, the media and individuals, distorting the strategy and tactics of foreign policy of the Russian Federation;

insufficient public awareness of the foreign policy of the Russian Federation.

Main activitiesto ensure information security in the field of foreign policy are:

development of the main directions of state policy in the field of information support  foreign policy of the Russian Federation;

development and implementation of a set of measures to strengthen the information security of the information infrastructure of federal executive bodies implementing the foreign policy of the Russian Federation, Russian missions and organizations abroad, and missions of the Russian Federation to international organizations;

creation of conditions for Russian representative offices and organizations abroad to work to neutralize the misinformation spread there about the foreign policy of the Russian Federation;

improving the information support of work to counter violations of the rights and freedoms of Russian citizens and legal entities abroad;

improving the information support of the constituent entities of the Russian Federation on foreign policy issues that fall within their competence.

Among the most important information security facilities in the field of science and technologyThe doctrine relates:

the results of fundamental, exploratory and applied scientific research that are potentially important for the scientific, technical, technological and socio-economic development of the country, including information whose loss may harm national interests and the prestige of the Russian Federation;

discoveries, non-patented technologies, industrial designs, utility models and experimental equipment;

scientific and technical personnel and their training system;

control systems for complex research complexes (nuclear reactors, particle accelerators, plasma generators, etc.).

The main external threatsinformation security in the field of science and technology are:

the desire of developed foreign countries to gain unlawful access to the scientific and technical resources of Russia for using the results obtained by Russian scientists in their own interests;

the creation of preferential conditions on the Russian market for foreign scientific and technical products and the desire of developed countries to at the same time limit the development of the scientific and technical potential of Russia (buying up shares of advanced enterprises with their subsequent re-profiling, maintaining export-import restrictions, etc.);

the policy of Western countries aimed at further destroying the unified scientific and technical space of the member states of the Commonwealth of Independent States inherited from the USSR by reorienting their scientific and technical ties to Western countries, as well as some of the most promising research teams;

intensification of activities of foreign state and commercial enterprises, institutions and organizations in the field of industrial espionage with the involvement of intelligence and special services.

To the main internal threatsinformation Security in Science and Technology The doctrine includes:

insufficient financing of scientific and technical activities, a temporary drop in the prestige of the scientific and technical sphere, leakage of ideas and advanced developments abroad;

the insufficient ability of enterprises of national electronic industries to produce competitive high-tech products based on the latest microelectronics and advanced information technologies, which ensures a sufficient level of technological independence of Russia from foreign countries, which leads to the forced widespread use of imported software and hardware in the creation and development of information technology in Russia infrastructure;

problems in the field of patent protection of the results of scientific and technical activities of Russian scientists;

the difficulties of implementing measures to protect information, especially at joint-stock enterprises, in scientific and technical institutions and organizations.

The real way to counter threats to information security in the field of science and technology is improvement of the legislation of the Russian Federation,regulatory relations in this area. The state should contribute to the creation of a system for assessing the possible damage to the most important objects of science and technology, including through public scientific councils and independent expertise. Such an analysis should end with the development of recommendations for authorities to prevent the illegal or ineffective use of Russia's intellectual potential.

According to the Doctrine, to information security facilities in defenserelate:

information infrastructure of the central military command and control bodies of the types of the Armed Forces of the Russian Federation and combat arms, associations, formations, military units and organizations that are part of the Armed Forces of the Russian Federation, research institutions of the Ministry of Defense of the Russian Federation;

information resources of defense industry enterprises and research institutions that fulfill state defense orders or deal with defense issues;

software and hardware of automated and automatic control systems for troops and weapons, weapons and military equipment equipped with informatization tools;

information resources, communication systems and information infrastructure of military branches, military units and bodies.

Among external threatsinformation Security in the Defense Doctrine includes:

all types of intelligence activities of foreign countries;

information and technical impacts (including electronic warfare, penetration into computer networks) from likely adversaries;

sabotage and subversive activities of special services of foreign states, carried out by methods of information-psychological impact;

the activity of foreign political, economic and military structures against the interests of the Russian Federation in the field of defense.

Internal threatsrepresenting the greatest danger in this area are:

violation of the established rules for the collection, processing, storage and transmission of information located in the headquarters and institutions of the Ministry of Defense of the Russian Federation at defense enterprises;

deliberate actions, as well as errors of personnel of information and telecommunication systems for special purposes;

unreliable functioning of information and telecommunication systems for special purposes;

possible outreach activities that undermine the prestige of the Russian Armed Forces and their combat readiness;

unresolved issues of protecting the intellectual property of defense enterprises, leading to the leakage of valuable state information resources abroad;

unresolved issues social protection  military personnel and members of their families.

The listed internal threats will present special danger in the conditions of aggravation of a military-political situation.

Main directionsimprovements to the information security system in the defense are considered:

the systematic identification of threats and their sources, the structuring of the goals of ensuring information security in the defense sphere and the identification of relevant practical tasks;

certification of general and special software, application software packages and information protection tools in existing and emerging automated military control systems and communication systems incorporating elements of computer technology;

continuous improvement of information protection tools against unauthorized access, development of secure communication systems and control of troops and weapons, increasing the reliability of special software;

improving the structure of the functional bodies for ensuring information security in the field of defense and coordinating their interaction;

improving techniques and methods for strategic and operational camouflage, reconnaissance and electronic warfare, methods and means of actively countering the informational, propaganda and psychological operations of a potential enemy;

training of specialists in ensuring information security in the field of defense.

Given the current geopolitical situation in Russia, when the Armed Forces of the Russian Federation face the problem of ensuring the country's military security in the face of a sharp limitation of the composition and capabilities of our forces, the use of principles of the strategy of "indirect" actions,including its information component, it becomes especially relevant.

The basis of achieving victory in hostilities in the XXI century. more and more will be determined not by technical means, but by information. These changes stem from the content of the ongoing transition from a post-industrial society to an information society. Already today, when the emphasis is shifting more and more from traditional approaches to conducting armed struggle to the information and intellectual field, the theory and practice of Russian military art are faced with the need to develop and practically implement countermeasures systemwestern concept of "information war" and create their own system of offensive and defensive actions of a new type.

Information superiority will be the main component of the military strategy of the present century, just as in the 20th century air dominance and the massive use of armored vehicles were such components.

Among the factors determining the success of the armed struggle, the most important has always been and remains human factor.Along with fire damage to personnel, it is increasingly planned to use information-psychological impact. The general tendency is to move from the extermination of the enemy by means of conventional wars to attempts to demoralize him, paralyze his activity without physically destroying it. Impact information weapon  per person is connected, first of all, with the disorganization of his consciousness and behavior, the suppression of the will to resist, a change in attitude towards the enemy and attitudes towards the conduct of hostilities.

To solve this problem can be used:

so called Soft methodsinformation damage affecting the human consciousness, in particular, propaganda, misinformation, suggestion, etc .;

so called Hard methodsinformation defeat, capable of disorganizing the behavior of a warrior at a deep, subconscious level. The facts of the creation of generators of frequency coding for the brain, dowsing installations, high-frequency and low-frequency generators, chemical and biological agents are already known.

In both cases, an attempt is made to realize the ancient ideal of the warring parties: to win without entering into battle. At the same time, the need to transfer to the forceful achievement of the objectives of the operation is considered a strategic failure and its use is allowed only as a last resort.

The commander is the main linkin the training and warfare system. Therefore, attempts to influence his emotional sphere, disorganize thinking and behavior will always be the most important task of information-psychological impact.

According to experts, such operations will begin ahead of time, even at the stage of developing plans for an armed conflict, and at its initial stages. Conventional military operations may not even be planned. The achievement of the goals of confrontation in the ideal case should be provided only by means of information warfare.

All the forces and means of information warfare can be involved in the course of military operations themselves. In this case, the task of destroying combat control systems, information systems for receiving, storing and processing information of military and state significance, as well as moral and psychological suppression of the enemy, will be solved.

The information war is a complex multi-tiered structure of actions and operations aimed at simultaneously solving offensive and defensive tasks. An approximate list of multidirectional efforts during the information confrontation is presented in table. 3.1.

Table 3.1.

Information support for offensive and defensive actions

“We are approaching such a stage of development when no one is already a soldier, but everyone is a participant in the hostilities. The task now is not to destroy manpower, but to undermine the goals, views and worldview of the population, to destroy society ”(from a speech by a representative of the Pentagon’s leadership).

According to military experts, in the defense most vulnerableare considered:

information resources of the apparatus of the Ministry of Defense, the General Staff, the main headquarters of the branches of the Armed Forces and military branches, research institutions containing information on plans for the preparation and conduct of operations, on the composition and deployment of troops;

information resources of defense enterprises containing information on the volumes of military equipment being created and its combat capabilities;

communication and command and control systems for troops and weapons, their information support;

morally- psychological condition  troops and population.

The informational and psychological impact of the enemy on the personnel of the army and navy will become much less effective if the informational support for the task related to a real increase in the status of a person in uniform, creation of an image that is favorable in public perception is carried out in advance (and constantly) military service  and the Armed Forces. The insufficiency of such collateral in modern Russia  greatly facilitates the work of our rivals in the information war.

With modern capabilities to bring information to the target information wars know no boundaries- neither spatial nor temporal. Achievements in the technical equipment of the media and communication, as well as in the methods of their use, today make it possible to influence almost every person and almost anywhere on the Earth. The modern information war is a direct product of the globalization of the world. And it will be truly global. The spheres of warfare will include not only physical space (land, sea, air, space), but also information sphereincluding in particular virtual space of the Internet, as well as social, psychological, ideological and spiritual spaces,in the framework of which the main defeat will be inflicted on the enemy. Unlike past wars, the concept of "theater of operations" is very arbitrary.

The battlefield of the 21st century is an informational sphere in which offensive and defensive operations are unfolding.

TO salient features global information warwhich is often defined as the next "world war", military experts include the following:

war will be based, first of all, on the ability to control and manipulate public consciousness, subordinate the will of man. The main target will be people;

the main losses are expected not in the traditional, physical sense, but in the spiritual, psychological, political, social. It is believed that such losses are capable, more than physical, of becoming decisive for the outcome of the war;

manipulation of mood and attitudes will play an important role the country's populationas well as the use of training technologies internal oppositionin countries that are victims of aggression. What such processes can be, the so-called “color” revolutions that swept through the countries of Eastern Europe and parts of Asia — with the support of the USA — have shown well;

at the same time, active work will be carried out to undermine the authority of the state, its cooperation with other countries. This could also be seen in recent US actions (for example, in Yugoslavia, Iraq, Somalia, Belarus);

the role of “non-military” means of struggle and “indirect actions”, that is, actions in a non-contact manner, will increase;

the effectiveness of information weapons will be determined by how it affects the essential basis of man, his will, morality, mentality. And this defeat in its consequences will be more destructive for man and humanity than fire;

unlike all previous wars, the information war will be permanent, continuously expanding in time and space, and, therefore, longer, extended for many years and even decades.

As you know, information weapons have already successfully passed through in the Cold War of 1945–1991. And the world was convinced that non-military, non-traditional means, methods and methods of struggle are many times more effective than traditional military men. The scale of the demographic, territorial, political, economic, psychological losses of the Soviet Union after the defeat in this war turned out to be immeasurably greater and more difficult to repair than the damage to Germany and Japan, who lost the Second World War.

It is currently impossible to predict who will be the victor in the war, where the main object of influence is the human psyche.And, most importantly, it is impossible to determine what the post-war psychological look of both winners and losers will be. It is likely that the strategic outcome of such a war will be a fundamentally deformed psyche of people. Therefore, today it is more important to think not about how to win the information war, but about how to stop it, how to impose a universal ban on information weapon as a weapon of mass destruction.

However, while there is no such ban, it is necessary to at least take care of protection against information weapons, and ensuring the information security of a person, society, and the state. During the Cold War of 1945–1991 (in its essence even then mainly informational) the Soviet leadership - civilian and military - was not ready for new forms of confrontation that were different from the 1941–1945 war. As a result, the most powerful Soviet army in the world, without entering the battle, lost the war. History may repeat itself again in another war, which, apparently, is already being waged by "non-obvious", "non-hot" means. Are we preparing for the integrated use of modern forces and means (among which the main ones are information) or do we still rely only on the power of strategic missiles, tank armades and mass armies? According to military experts, the concept of “war” is still considered in the strategy of the Russian state, mainly through the prism of armed struggle between states. Therefore, the traditional ideas about war and peace that are preserved in the army, society, and government institutions can most likely play the same fateful role in the fate of post-Soviet Russia as in the fate of the USSR.

Russian Information Security Doctrine law enforcement (and judicial) spherethe most important objects of ensuring information security include:

information resources of law enforcement authorities, judicial authorities, their information and computing centers, research institutions and educational institutions, containing special information and operational data of an official nature;

information and computer centers, their information, technical, software and regulatory support;

information infrastructure (information and computer networks, control points, nodes and communication lines).

The following may affect information security in law enforcement (and judicial) spheres external threats:

intelligence activities of special services of foreign states, international criminal communities, organizations and groups, collecting information disclosing tasks, activity plans, technical equipment, working methods and locations of special units and internal affairs bodies of the Russian Federation;

the activities of foreign state and private commercial structures seeking to gain unauthorized access to information resources of law enforcement and judicial authorities.

Internal threatsposing a danger to this area are:

violation of the established rules for the collection, processing, storage and transmission of information contained in file cabinets and automated data banks and used to investigate crimes;

deficiencies in the legislative and regulatory regulation of information exchange in law enforcement and judicial spheres;

lack of a unified methodology for collecting, processing and storing information of operational investigative, reference, forensic and statistical nature;

hardware failures and software failures in information and telecommunication systems;

deliberate actions, as well as errors of personnel directly involved in the formation and maintenance of file cabinets and automated data banks.

In the law enforcement (and judicial) sphere, along with the general methods of protecting information, a number of specific methods and toolsinformation security:

creation of a secure multi-level system of integrated data banks of operational investigative, reference, forensic and statistical nature based on specialized information and telecommunication systems;

raising the level of professional and special training of users of information systems.

In modern conditions, the implementation of effective information policy  at emergency situationstechnogenic, social and natural nature.

Most vulnerable objectsinformation Security in Emergencies The Information Security Doctrine calls:

a system for collecting and processing information about possible emergencies;

decision-making system for operational actions (reactions) related to the development of such situations and the course of elimination of their consequences.

Of particular importance for the normal functioning of these objects is:

ensuring the security of the country's information infrastructure in case of accidents, catastrophes and natural disasters;

lack of concealment, delay in receipt, distortion and destruction of operational information;

exclusion of unauthorized access to it by individuals or groups of individuals.

Failure to comply with these conditions can lead to both loss of life and various kinds of difficulties in responding to emergency situations related to the peculiarities of information exposure in extreme conditions:

to set in motion large masses of people experiencing mental stress;

to the rapid onset and spread of panic and disorder based on rumors, false or false information.

To specific conditions areas of information securityrelate:

development effective system  monitoring of hazardous facilities, the malfunctioning of which can lead to emergency situations, and forecasting emergency situations;

improving the system of informing the population about the threats of emergencies, about the conditions of their occurrence and development;

improving the reliability of information processing and transmission systems supporting the activities of federal executive bodies;

forecasting the behavior of the population under the influence of false or inaccurate information about possible emergency situations and the development of measures to assist large masses of people in these situations;

development of special measures to protect information systems that ensure the management of environmentally hazardous and economically important industries.

Studies conducted by the EMERCOM of Russia employees show that in the initial period of emergency situations, the public mood is usually more negative than constructive. There are many reasons for this. But its dominant is unpreparedness of the population for an adequate perception of what is happening.The roots of this unpreparedness lie in the system of information support for the population. This unavailability is predetermined by:

lack of prognostic information and warning people about the time of the possible onset of an emergency (for example, tremors and seismic waves, their strength, nature and duration). Hence the unexpectedness and uniqueness of most emergency situations for the population;

the lack of information on how to act in a particular critical situation for most people, leading to confusion in the event of an emergency;

lack of awareness of the population about the features of actions at different stages of an emergency and with different scenarios of its development;

increased everyday stress state of mass consciousnessas a background characteristic of our time and a hidden premise of a quick and sharp emotional and psychological breakdown of people in critical situations;

poor development of population management algorithms in emergency situations and, as a result, lack of available information about the actions of local authorities, the Ministry of Emergencies, the procedure for emergency rescue operations and evacuation of the population;

the lack of knowledge among most people about the features of the development of various types of technogenic and natural emergencies.

The formation of adequate opinions and moods, especially in extreme conditions is a complex and difficult process. Specialists note that it is all the more effective, the better this process is organized, the clearer the leaders present its elements, structure, direct and feedback with the population at its various stages.

Only well-established, including proactive, informing and quick, clear and competent actions of both local leaders and the Ministry of Emergencies can reduce the negative impact of emergencies on public opinion. Very important avoid the vacuum in the information field,take the information initiative in your own hands. Otherwise, and this is characteristic of both the regional and the federal level, speculation begins to work, fantasies burning emotions and the process of managing the information environment is much more complicated. Emergency information support must be prepared in advance and on a regular basis.

According to experts, it is advisable to improve training the population in dealing with industrial and natural disasters.An invaluable contribution to the preparation of citizens for action in emergency situations can and should be made by local and regional media. In mass print, on radio and television, it is useful to simulate various emergencies and right actions people caught in disastrous natural or social elements. All expert comments should be clear, concise and unambiguous. We should not forget about such a form as colorful leaflets issued by the mass circulation for the population on behavior in emergency situations.

Rumors, gossip, panic

Emergency countermeasures are often gossipas a special form of mass exchange of false or distorted information orally.Rumors usually arise in the absence of complete and reliable information on a problem that is relevant to people at the moment. Information transmitted in the form of rumors arises, as a rule, spontaneously and has an unauthorized, uncontrolled and uncontrollable character. A necessary and sufficient condition for the occurrence of rumors is most often the presence of an unmet urgent need of people or a threat to the safety of their life. In these situations, even the most incredible messages transmitted informally, as if “in secret”, can be of interest and become widespread in the form of rumors. Therefore, the main reason for the appearance and spread of rumors is the unmet informational need of people, a kind of "information hunger", especially in emergency life situations. However, “information hunger” is always fraught with rumors.

The role of such “hunger” was figuratively noted by N. V. Gogol in “Dead Souls”: “At other times and under other circumstances, such rumors might not have attracted any attention; but the city N has not received any news for a long time ... which, as you know, is the same for the city as the timely delivery of food supplies. "

The appearance of rumors is also affected by the lack of efficiency and objectivity of information, its bias, excessive secrecy (secrecy), and the desire to smooth out the severity of what is happening in the course of informing the population. Just in response to such actions, rumors begin to present the situation in an exaggeratedly dramatic version. They are always an emotionally compensating consequence of insufficiently complete or biased information provided by official services.

A typical example of the action of rumors is the massive purchase in early 2006 by the population of Moscow and other Russian cities of ordinary table salt. Rumors unknown by their source about the impending shortage of this product in a matter of days led to empty shelves and a tenfold increase in salt prices. None of the arguments of trade leaders about the lack of objective prerequisites for a lack of salt on the people did not work. It was possible to normalize the situation only after a few weeks.

The task of preventing rumors and stopping them in case of occurrence becomes an integral part of the entire program of action in dangerous conditions for people, in particular, during various natural and social disasters, technological disasters, in all places of large crowds. In such conditions (as, indeed, in everyday life), people, first of all, need clear and understandable information, not only explaining the reason for the rumors, but, most importantly, giving an objective analysis of the current situation and thereby reducing the measure of emotional tension in its perception. It is important not only to refute this or that rumor, but to fill the formed information vacuum with the most detailed and convincing information. In addition, in emergency situations, it is also necessary to identify rumors and seek to reduce their impact on the crowd.

One kind of rumor is gossip.In the dictionary of S.I. Ozhegov, gossip is defined as a rumor about someone or something based on inaccurate or knowingly incorrect information.Usually gossip is false or distorted and incomplete, but always biased information about the personal life and deeds of people known and interesting to a significant part of the population.

Gossip, like rumors, also satisfies a certain informational need of the masses, which is not always socially sound and decent. Often they exaggerate the intimate aspects of the life of their “heroes” and even are openly indecent. As a result, gossip can not only fulfill a certain informational and cognitive function, but can also be a means of struggle for the achievement of certain goals and, as such, pose a considerable social danger. It can be used to dishonestly discredit your opponent, arousing negative emotions against him in society. Therefore, in the process of educating schoolchildren, a purposeful disclosure of the essence and role of gossip is required, the formation of adolescents' internal readiness to refuse to transmit gossip and to condemn gossip.

One of the tasks of providing information in emergency situations is to prevent rumors from developing into a panic. Panic- highly dangerous psychological state of the crowd,requiring decisive, including informational, actions to prevent its injection and distribution.

According to psychologists, there are two main circumstances that determine the occurrence of panic.

Firstdue to the sudden appearance of a threat to life, health, safety (for example, in case of fire, explosion, accident, etc.).

Secondcan be explained by the accumulation of the so-called "psychological fuel" and, then, the actuation, as a "relay", of one or another mental catalyst. Long experiences, fears, the accumulation of anxiety, the uncertainty of the situation, the perceived dangers and adversities - all this creates a favorable background for panic, and in this case, any event can become a catalyst. A panic can cause not only strong fear, fear, but also individual words, someone’s behavior, some signals that are not even related to the expected dangers.

The result of the panicthere may be a significant deformation of the assessments of what is happening, a decrease in readiness for adequate actions, an increase in fear, and increased exposure to external influences. And in more pronounced form  this condition can lead to complete insanity and loss of control over their behavior. A person can run away anywhere (sometimes right into the focus of danger), rush about senselessly, commit the most ridiculous, chaotic actions and deeds. There are many examples of this behavior during earthquakes, hurricanes, fires, etc.

The main causes of panicin most cases, again, information factors turn out to be:

informational and psychological unpreparedness of people for an adequate perception of what happened, a lack of specific information and, as a result, the existence of a kind of “informational anarchy”;

the uniqueness of each extreme situation, creating extreme stress in a collision with it;

poor preparation of most people for rational action in case of danger;

the presence in the crowd of people emotionally unstable, who are in a critical situation catalysts for negative rumors and panic.

By definition of the Doctrine, the main objects of ensuring information security in national information and telecommunication systemsare:

information resources containing information classified as state secrets and confidential information;

computerization tools and systems (computer technology, information and computer systems, networks and systems), software (operating systems, database management systems, other system-wide and applied software), automated control systems, communication and data transmission systems that receive , processing, storage and transmission of information of limited access, their informative physical fields;

technical means and systems that process open information, but located in rooms in which information of limited access is processed, as well as the premises themselves, designed to process such information.

TO major threatsinformation security in national information and telecommunication systems The doctrine includes:

the activities of special services of foreign states, criminal communities, the illegal activities of individuals (organizations and groups) aimed at gaining unauthorized access to information and exercising control over the functioning of information telecommunication systems;

the use of imported software and hardware in the creation and development of information and telecommunication systems, forced by the objective lag of the domestic industry;

violation of the established rules for the collection, processing and transmission of information, deliberate actions and errors of personnel of information and telecommunication systems, failure of hardware and software failures in information and telecommunication systems;

the use of means and systems of informatization and communication that are not certified in accordance with safety requirements, as well as means of protecting information and monitoring their effectiveness;

involvement in work on the creation, development and protection of information and telecommunication systems of organizations and firms that do not have state licenses for these types of activities.

Used in this field means of information exposurecan be aimed at solving the following tasks:

destruction, distortion or theft of information arrays;

obtaining from them the necessary information after overcoming protection systems;

disorganization of the work of technical means;

failure of telecommunication systems and networks, computer systems, energy systems, systems government controlled, that is, all the high-tech support for society and the functioning of the state.

Attacking media

The ideas and material foundations of information weapons were formed simultaneously with the development of the information environment. Computerization of various spheres of public life, the latest information TechnologyThe transformation of programming into a prestigious and massive specialty created the basic prerequisites for the emergence of new types of information weapons and at the same time made the objects of control and communications, energy and transport, and the banking system highly vulnerable to information impact.

1. Computer viruses - software that can multiply, attach to programs, transmitted over communication lines to data networks, penetrate electronic telephone exchanges and control systems and disable them.

The spread of a computer virus is based on its ability to use any medium of transmitted data as a "vehicle". As a result, any floppy disk or other magnetic drive transferred to other computers can infect them. Conversely, when a “healthy” medium is connected to an infected computer, it can become a virus carrier. Telecommunication networks are convenient for spreading vast epidemics. One contact is enough for the personal computer to be infected or infect the one with which it was in contact. However, the most common method of infection is to copy programs and data, which is a common practice among users of personal computers: the copied objects may be infected.

The press often draws a parallel between computer viruses and the AIDS virus (AIDS). Only an ordered sexual life is able to protect against this virus. The messy connections of a personal computer with many others are very likely to lead to infection.

Therefore, experts caution against copying "stolen" programs. However, the desire to limit the use of unverified software is still virtually impossible. Branded programs on "sterile" media cost a lot of money, so it is almost impossible to avoid their uncontrolled copying and distribution.

According to experts, hundreds of types of viruses are currently in circulation. Apparently, fundamentally new species will appear in the future. So far it is only about infecting computers, but in the future, according to experts, it will be possible to infect microchips, the information power of which is rapidly developing.

2. Logic Bombs- got that name software embedded devices, previously implemented in the information and control centers of the military and civilian infrastructure,which are triggered by a signal or at a set time, destroying or distorting information and disorganizing the operation of software and hardware.

One of the varieties of such a bomb is the Trojan horse, a program that allows covert unauthorized access to the enemy’s information resources for obtaining intelligence information.

3. Suppressants(or falsification) of information exchange in telecommunication networks, transmission through the channels of state and military control, as well as through the mass media channels of the necessary information (from the standpoint of the opposing side).

4. Implementation Toolscomputer viruses and "logical bombs" in state and corporate information networks and systems and their management from a distance.

The use of information weapons in information and telecommunication systems is hidden and impersonal in nature, easily disguised as measures to protect copyright and commercial rights to software products and is not associated with the declaration of war or the introduction of a period of special actions in local conflicts. The most vulnerable to attack are those systems that must maintain continuous real-time performance.

Specialists distinguish three main forms of impact on cyberspace:

information crime;

information terrorism;

operations conducted as part of large-scale information wars.

According to the foreign press, the motives for currently committed computer crimes are distributed as follows: selfish motives - 66%, espionage and sabotage - 17%, research interest - 7%, hooliganism - 5%, revenge - 5%. Consider criminal and terrorist options for action.

Information crime

This term refers to the actions of individuals or groups of individuals, aimed at breaking into security systems and stealing or destroying information for personal or hooligan purposes.They are, as a rule, one-off crimes against a specific object of cyberspace. This type of crime was also called "computer crime." The rapid development of computer technologies and networks, including international ones, as an integral part of various types of social activities has created wide scope for committing criminal acts of this type. At the same time, crimes related to the use of modern information weapons go beyond the scope of ordinary crimes and often pose difficult tasks for law enforcement agencies.

Computer crimes may be related to the following actions:

unauthorized entry into computer networks or information arrays;

theft of application and system software;

unauthorized copying, modification or destruction of information;

transfer of computer information to persons who do not have access to it;

falsification, modification or falsification of computer information. The falsification of information also includes the manipulation of election results, voting, referenda carried out using electronic technologies;

the development and spread of computer viruses;

unauthorized viewing or theft of infobases;

mechanical, electrical, electromagnetic and other types of impact on computer networks, causing their damage.

The most dangerous in the field of computer crime hackers- “obsessed programmers,” “electronic corsairs,” “computer pirates.” This is the name of people who carry out unauthorized access to other people's information networks. They, as a rule, are well trained technically and professionally, are well versed in computer engineering and programming. Their activities are aimed at unauthorized entry into computer systems and theft, modification or destruction of the data available there. The results of foreign studies show that 62% of hackers operate as part of criminal groups.

However, those involved are even more trained. computer espionage.Their goal is to obtain strategically important military, technical and other content from computer networks of the adversary.

According to forecasts of domestic and foreign experts, the main area of \u200b\u200bcomputer crime is becoming area of \u200b\u200bfinancial and banking activities.Currently, the damage caused by only one computer crime is on average $ 340 thousand, while the average damage from "traditional" crimes against banking structures - robberies - is about $ 9 thousand. According to experts

The United States, the losses from the penetration of hackers into the automated systems serving these institutions are estimated at tens of millions of dollars. Moreover, the number of recorded computer crimes tends to annual doubling.The geography of computer crimes is expanding every year, spreading to more and more new countries.

With the advent of the global Internet in our country, hacking has become more frequent information security  foreign banks and thefts with the help of computers of large cash. The case of Vladimir Levin, a hacker from St. Petersburg who has stolen about $ 4 million from the American City Bank, is widely known. In the southern district of the capital on March 11, 1998, citizen Sheiko P.V. was detained, who, using international credit card numbers obtained by fraudulent means, stolen 18 thousand US dollars over four months via the Internet. In the same year, Vnesheconombank was removed from computer accounting and prepared to steal about 300 thousand dollars (of which 125 thousand dollars were stolen). Using unauthorized access methods, an attempt was made to steal 68 billion 309 million rubles from the Central Bank of the Russian Federation.

As seen from listed examples  (and this is only a small part of all such acts), the range of criminal interests in the credit and financial sphere is very diverse. In addition, there has been an increase in crimes related to monetary theft in transport during the sale of rail and air tickets, the sale of fake foreign vouchers, etc.

With the development of paperless workflow technologies, including electronic payments, a serious failure of local networks can paralyze the work of banks and entire corporations, which will lead to tangible material losses. It is no coincidence that data protection in computer networks is becoming one of the most acute problems in modern computer science.

Information terrorism

The processes of global informatization have led to the fact that modern society is gradually becoming almost completely dependent on the state of the information infrastructure, which includes integration various systems communications, telecommunications, databases and information systems owned by the state, non-state sector of the economy, organizations, citizens.

In these conditions information terrorism - terrorism using information weapons- represents the most real threat to both individual developed countries and the entire world community.

In the tactics of information terrorism, like any other, the main thing is that the terrorist act has dangerous consequences and receives a great public outcry. As a rule, the actions of information terrorists are accompanied by the threat of a repeat of a terrorist act without specifying a specific object.

In cyberspace, various techniques for achieving terrorist goals:

damage to certain physical elements of cyberspace, the destruction of power networks, interference, the use of special programs that stimulate the destruction of hardware, the destruction of the elemental base using biological and chemical means, etc .;

theft or destruction of software and technical resources of cyberspace of public importance, the introduction of viruses, software bookmarks, etc .;

the threat of publishing or publishing information of national importance on the functioning of various elements of the state’s information infrastructure, the principles of encryption systems, confidential information of a personal and public nature, etc .;

the seizure of media channels in order to disseminate misinformation, rumors, demonstrate the power of a terrorist organization and declare their demands;

destruction or suppression of communication channels, addressing distortion, artificial overload of switching nodes, etc .;

impact on operators of information and telecommunication systems through violence, blackmail, bribery, drug administration, use of neurolinguistic programming, hypnosis and other methods of information exposure.

Today, even the US administration is forced to admit that America’s information space is poorly protected from unauthorized entry. So, even the situation room of the White House can be exposed to information impact via the Internet.

Protective actions

Main directionsinformation security in the national information and telecommunication systems, according to the Doctrine, are:

prevention of interception of information from rooms and from facilities, as well as information transmitted through communication channels using technical means;

exclusion of unauthorized access to information processed or stored in technical means;

prevention of information leakage through technical channels arising from the operation of technical means for its processing, storage and transmission;

prevention of special software and hardware impacts that cause the destruction, destruction, distortion of information or malfunctions of the means of informatization;

ensuring information security when connecting national information and telecommunication systems to external, including international, information networks;

ensuring the security of confidential information in the interaction of information and telecommunication systems of various security classes;

identification of electronic information interception devices embedded in objects and in technical means.

The main organizational and technical measures to protectt e  information in the national information and telecommunication systems are considered:

licensing of organizations in the field of information security;

certification of objects of informatization to fulfill the requirements of ensuring information protection during work related to the use of information constituting a state secret;

certification of information security tools and monitoring the effectiveness of their use, as well as information security against leakage through the technical channels of systems and means of informatization and communication;

the introduction of territorial, frequency, energy, spatial and temporal restrictions in the modes of use of technical equipment to be protected;

creation and application of information and automated control systems in a secure execution.

Currently, in the field of combating computer crime there are many unresolved problems.

Firstly, in our country, special legislation is underdeveloped that affects various aspects of computer crime, the danger of such crimes is still poorly recognized by lawmakers, while this type of crime is progressing rapidly.

Secondly, in view of the special complexity of computer systems, creating error-free programs for them is almost impossible.

Thirdly, the practice of acquiring information, including unlicensed software, by unauthorized copying is widespread. The software is distributed almost everywhere through theft and exchange of stolen goods.

Fourth, the unsatisfactory financial situation of the scientific and technical intelligentsia associated with the creation of information systems, which creates the prerequisites for a “brain drain” and the implementation of various kinds of “information sabotage”.

Fifthly, ensuring information security is an expensive business, and not so much because of the cost of installing the necessary tools for this, but because it is very difficult to determine the boundaries of reasonable security and maintain systems in working condition.

Currently used computer crime prevention measures can be grouped into three groups:

technical;

organizational;

legal.

Technical protection measuresfrom unauthorized access to computer systems suggest:

the use of physical protection equipment, including cable system protection, power supply systems, means of archiving and copying information to external media, etc.

organization of computer networks with the possibility of redistributing resources in case of disruption of individual links;

development of protection software, including anti-virus programs, systems of differentiation of powers, access control software;

adoption of constructive measures of protection against theft and sabotage;

installation of backup power systems; equipping premises with locks, installing an alarm system and much more.

TO organizational measuresinclude: the organization of security of the computer center; careful staff selection;

the exception of cases of especially important work by only one person;

data encryption to ensure confidentiality of information;

protection measures, including access control to the premises, development of a firm’s security strategy, emergency plans, etc.

organization of a reliable and efficient system of archiving and duplication of the most valuable data;

protection of information from unauthorized access, including the use of various devices for identification by biometric information- the iris of the eye, fingerprints, voice, size of the hand, etc .;

assigning personal responsibility to specific individuals who are called upon to ensure the security of the center, introducing specialists in the field of information security into the staff;

universality of protection against all users (including top management);

availability of a plan for restoring the center’s health after its failure, etc.

TO legal measuresrelate:

toughening the rules establishing responsibility for computer crimes;

improvement of criminal and civil legislation in this area.

Legal measures also include issues of public control over the developers of computer systems and the adoption of international treaties on restrictions on their activities.

Among the main measures counter terrorismcan include:

creation of a unified strategy to combat information terrorism, in accordance with which the functions of law enforcement agencies are clearly distributed and coordinated by the state;

the creation of a common center for monitoring the threats of information terrorism and developing rapid response measures;

organization of quality protection of material and technical facilities that make up the physical basis of the information infrastructure;

development of technologies for detecting impacts on information and its protection against unauthorized access, distortion or destruction;

continuous training of information systems personnel for effective opposition to various options for terrorist actions;

development of interstate cooperation in the fight against information terrorism.

Russia has embarked on the path of forming an information society and entering the global information space. We must be aware of the inevitability of the emergence of new threats along this path that require the creation of adequate programs and projects to protect national information resources.

It should be recognized that any measures to combat information terrorism can significantly limit the freedom of all types of information activities in society and the state, the rights of citizens and organizations to freely produce, receive, disseminate and use information. Therefore, the state strategy to combat information terrorism should be based on the search for a compromise acceptable to society - to be protected, but open, not allowing the monopoly of individual departments.

There is no doubt that at the beginning of the new century, when the scale of application of ever more advanced computer technologies is rapidly expanding, the task of protecting computer systems from criminal attacks is not only becoming the task of state policy, but it is everyone’s business.

Information aggression in any sphere of public life - in the economy, domestic and foreign policy, science and technology, in the course of military operations or in the organization of actions of law enforcement agencies and units of the Ministry of Emergencies - is, first of all, aggression psychological.Its main object is a person in various situations of modern life and conflicts of social relations.

The current information space is filled to the brim with discussions about politics, economics, and social reforms. The debate is very tough, opinions about the state of society and its prospects are directly opposite. Only the idea of \u200b\u200bthe need for economic prosperity is beyond doubt and criticism. She is a kind of “sacred cow” modern world. The result of progress in the economy is seen as the possibility of creating a highly educated, cultural society, and the internal, psychological well-being of each individual. But is everything so simple?

The economic situation of the population in the country improves from year to year, but the feeling of crisis in the minds of people and in society does not disappear. Apparently, the roots of the problems of modern civilization are deeper than the plane on which we are looking for them, sorting through the scenarios of socio-economic development. Maybe they are inside a personand in relation to the world around him?

Is the state of mind of people determined by the effectiveness of the economy? And is there a spiritual and moral development of people in parallel with their material achievements? Neither politicians nor educators have clear answers to these questions. However, life itself makes us increasingly connect the problems of information (and national) security with what is happening today in the spiritual sphere of man and society.

According to the Doctrine of Information Security of the Russian Federation, ensuring security in the field of spiritual lifeaims to protect the constitutional rights and freedoms of man and citizen and is associated with a wide range of actions in various areas of society:

development, formation and improvement of personality behavior;

freedom of mass information;

the use of cultural, spiritual and moral heritage, historical traditions and norms of public life;

preservation of the cultural heritage of all peoples of Russia;

the implementation of constitutional restrictions on the rights and freedoms of man and citizen in the interests of preserving and strengthening the moral values \u200b\u200bof society;

strengthening the traditions of patriotism and humanism, the health of citizens, expanding the cultural and scientific potential of the Russian Federation;

ensuring the defense capability and security of the state.

Among main objectsensuring information security in the field of spiritual life The doctrine includes: the dignity of the individual;

freedom of conscience, including the right to freely choose, have and disseminate religious and other beliefs and act in accordance with them;

freedom of thought and speech (with the exception of propaganda or agitation, inciting social, racial, national or religious hatred and enmity);

freedom of literary, artistic, scientific, technical and other types of creativity, teaching;

freedom of the media;

privacy, personal and family secrets;

russian as a factor in the spiritual unity of the peoples of multinational Russia, the language of interstate communication among the peoples of the CIS;

languages, moral values \u200b\u200band cultural heritage of the peoples and nationalities of the Russian Federation;

intellectual property objects.

Greatest dangerpose the following threats to information security in the field of spiritual life:

the deformation of the mass information system both due to the monopolization of the media, and due to the uncontrolled expansion of the foreign media sector in the domestic information space;

deterioration and gradual decline of objects of Russian cultural heritage, including archives, museum funds, libraries, architectural monuments, due to insufficient funding for relevant programs and events;

the possibility of violating social stability, harming the health and life of citizens as a result of the activities of religious associations that preach religious fundamentalism, as well as totalitarian religious sects;

use by foreign special media services to damage the defense and security of the Russian Federation, the spread of misinformation;

the insufficient ability of Russian civil society to ensure the formation of socially necessary moral values, patriotism and responsibility for the fate of the country among the younger generation.

Main directionsinformation security in the field of spiritual life, according to the Doctrine, are:

development of the foundations of civil society in Russia;

creation of socio-economic conditions for the implementation of creative activities and the functioning of cultural institutions;

the development of civilized forms and methods of public control over the formation in society of spiritual values \u200b\u200bthat meet the national interests of the country, the education of patriotism and civic responsibility for its fate;

improvement of the legislation of the Russian Federation regulating relations in the field of constitutional restrictions on the rights and freedoms of man and citizen;

state support for measures to preserve and revive the cultural heritage of the peoples and nationalities of the Russian Federation;

the formation of legal and organizational mechanisms to ensure constitutional rights and freedoms of citizens, to enhance their legal culture in the interests of countering the deliberate or unintentional violation of these constitutional rights and freedoms in the sphere of spiritual life;

development of effective organizational and legal mechanisms for access of the media and citizens to open information about the activities of government bodies and public associations, ensuring the reliability of information on socially significant events in public life, disseminated through the media;

development of special legal and organizational mechanisms to prevent unlawful information-psychological influences on the mass consciousness of society, uncontrolled commercialization of culture and science, as well as ensuring the preservation of cultural and historical values \u200b\u200bof the peoples and nationalities of the Russian Federation, rational use of the information resources accumulated by society that make up the national heritage in the field of spiritual life ;

the introduction of a ban on the use of airtime in electronic media for the rental of programs promoting violence and cruelty, antisocial behavior;

countering the negative influence of foreign religious organizations and missionaries.

Moscow government on psychological threats to the city’s security and protection from them

By the Decree of the Government of Moscow of August 22, 2000 No. 654 was adopted Moscow security concept.It indicates that significant stresses on the psyche and consciousness of people caused by social, political, economic, informational, criminal dangers, as well as the peculiarities of life and life in a metropolis, require that psychological threats be identified as an independent danger factor for the individual, social groups and the city generally.

To threats of a psychological natureThe concept includes:

increase in psychological tension in the population due to increased feelings of social insecurity:

in children - from the impossibility of understanding what is happening in the world;

among older veterans of war and labor - from a sense of the meaninglessness of the past years and the struggle for violated ideals;

generational contrast based on differences in living conditions and motivation;

information imposition and financial reinforcement of “western” stereotypes of perception, thinking, behavior, introduced into the consciousness of city residents without taking into account the peculiarities of the Russian mentality;

the consumer attitude to Moscow as a “space” where financial independence and other material benefits can be gained, especially among visitors and some non-indigenous residents of Moscow;

change in life values \u200b\u200btowards consumer and individualistic (egocentric) psychology;

the formation of a cult of wealth (through the acquisition of material well-being by any means), aggression and violence as life values \u200b\u200band, as a result of this, the loss of orientation to moral, spiritual and cultural values.

Main prerequisitesthreats of a psychological nature The concept calls:

the instability of the economic and financial situation in the city, the deterioration of the criminal situation, the increase in stress and psychogenic factors in the family, in educational institutions, at work, on the street, etc .;

the destruction of the ways of forming the spiritual, moral, cultural, economic foundations for uniting the inhabitants of Moscow into a single social community with the respectable mentality of the “Muscovite - resident of the capital”;

the lack of psychological culture among representatives of government bodies and among the population as a whole;

social and psychological isolation of children and adolescents from adults;

violation of the continuity of sociocultural, national traditions and, as a result, assimilation of standards and patterns foreign to the Russian mentality (Russian mentality - collegiality, western - individualism);

lack of spatial (landscape), housing, cultural, sports and other conditions for the psychological relief and comfort of residents (parks, interest clubs, free sports grounds, inexpensive cafes, etc.);

reduction of opportunities for the implementation of the activity of adolescents in accordance with moral standards, because of which it is realized in illegal and immoral forms (from vandalism to crime);

aggressiveness of the information video medium.

The implementation of psychological threats can lead to:

to the violation of mental health of a certain part of the inhabitants of Moscow;

to increase the number of mental illnesses, suicides and crimes.

Information Threatsin the Moscow Security Concept, they comply with the All-Russian Doctrine. Additionally as information threats  are named:

provocation of social, interethnic, religious tension;

distortion of historical experience and national traditions of the people;

low information culture  city \u200b\u200bresidents; manipulation of mass consciousness. The implementation of these threats can lead to: undermining the authority of the city; creating an atmosphere of instability;

discredit of governing bodies and provocation of conflicts;

causing significant economic damage.

1. Why did the USSR, having the most powerful army, lose the Cold War?

2. What is a "theater of operations" in the context of an information war?

3. How can information operations affect the human psyche? Should information weapons be banned?

4. The information war and the "color revolutions" of recent years - what signs make it possible to talk about the existence of a connection between these phenomena?

5. What is the state of “information anarchy” in emergency situations? Do you know this condition? How to avoid it?

6. Why is it difficult to guarantee the absolute safety and security of data in computer networks?

7. Does enhancing opportunities information tools  and systems for the spiritual and moral development of youth?

8. The hero of the story V. Shukshin complains: “I know who to contact when a tooth or back hurts, but what to do when a soul hurts?” - What would you recommend to this hero?

Introduction

A characteristic feature of modern society is its informatization - the active development and implementation of information technologies and tools in all spheres of human activity.

Information and information resources are becoming one of the decisive factors in the development of the individual, society and the state. The vast capabilities of computers and information technologies allow us to automate the monitoring and control processes of state, economic, social, defense and other objects and systems, to receive, accumulate, process and transmit information about these processes at almost any required speed, in any quantity. All this gives reason to assert that informatization today plays a crucial positive role in the development of mankind, which information society  objectively inevitable.

But history teaches us that many of the achievements of scientific and technological thought were used not only for the benefit of people. It is enough to recall the achievements of nuclear physics - atomic weapons; optoelectronics - laser weapons; chemistry - poisonous gases; biology - biological weapons, etc. There have always been forces that sought to take advantage of discoveries in the scientific and technical field.

Therefore, today certain entities (coalitions, states, organizations, individuals) have the desire to individually possess information resources, means and technologies and use them to satisfy their interests and counter the interests of potential competitors in economic, commercial and even military confrontation. Information and information technologies at the same time begin to act as objects of threats, which creates the problem of information security.

Objective: to study the areas of information security of an individual, society, and the state.

The work consists of introduction, two chapters, conclusion and list of references.

> Information Security  individuals, societies, states: concept and problems

In modern society, in connection with rapid informatization, the problem of information protection is becoming increasingly important. Security is one of the most important goals and an integral component of the activities of people, society, the state, and the world community.

Information security is a state of protection of national interests in the information sphere, determined by a combination of balanced interests of the individual, society and the state. Social informatics: lecture notes / Comp. N.M. Voronin. - Tomsk: TPU, 2013 .-- S. 51.

The Law "On Information, Information Technologies and the Protection of Information" defines information security as the state of security of the information environment of a society, ensuring its formation, use and development in the interests of citizens, organizations, and the state. About information, information technology and information protection: the federal law  No. 149-ФЗ dated 07/27/2006 (as amended on 12/28/2013) / Collection of legislation of the Russian Federation dated 07/31/2006. - No. 31 (1 hour). - Art. 3448.

Moreover, information security is: Security: theory, paradigm, concept, culture. Dictionary / Author-comp. V.F. Pilipenko. - M .: PER SE-Press, 2005 .-- 160 p.

The state of the object when it is by acting on it information sphere  substantial damage or harm cannot be caused;

The property of an object that characterizes its ability not to cause significant damage to any object by influencing the information sphere of this object.

Problems of violation of information security are relevant for individual citizens, and for society and the state as a whole.

The goals of information protection are also listed in detail in the Federal Law “On Information, Informatization and Information Protection”: On Information, Information Technologies and Information Protection: Federal Law No. 149-FZ of July 27, 2006 (as amended on December 28, 2013) / Collection of Legislation RF from 07/31/2006. - No. 31 (1 hour). - Art. 3448.

Prevention of leakage, theft, loss, distortion, falsification of information;

Prevention of threats to the security of the individual, society, state;

Prevention of unauthorized actions to destroy, modify, distort, copy, block information; prevention of other forms of unlawful interference in information resources and information systems, ensuring the legal regime of documented information as an object of ownership;

Protection of constitutional rights of citizens to maintain personal secrets and confidentiality of personal data available in information systems;

Preservation of state secrets, confidentiality of documented information in accordance with the law;

Ensuring the rights of subjects in information processes and in the development, production and application of information systems, technologies and means to ensure them.

Thus, the objects of information security are: Krat Yu.G. Fundamentals of information security: textbook. allowance / Yu.G. Krat, I.G. Shramkova. - Khabarovsk: DVGUPS, 2008 .-- S. 51.

Personality (its rights and freedoms);

Society (its material and spiritual values);

The state (its constitutional system, sovereignty, territorial integrity, economy, military affairs, etc.).

The personality is the basic element, the cell of society. Without a personality there is no society, but also a personality cannot exist outside of society. The state provides the living conditions of both the individual and society. States that are neither needed by individuals nor society cannot exist for long and disappear from the historical arena. The balance of relations between the individual, society and the state is the main condition for their sustainable development.

Ensuring the information security of an individual means its right to receive objective information and assumes that the information received by a person from various sources does not impede the free formation and development of his personality. In the process of informatization, a person has become informationally “transparent”. If there is a desire and means, any available information about a particular person can become available and be used for their own purposes by another person, a group of people, a public group and the state. Only a small fraction of the population is able to prevent unwanted access to their information. Most people do not have such an opportunity and remain defenseless in this regard. Therefore, the information security of a person is a state of a person in which his personality cannot be substantially damaged by exerting influence on the surrounding information space.

Information security of a society is a state of society in which it cannot be inflicted significant damage by affecting its information sphere. It is based on the security of individual, group and mass consciousness of citizens in the presence of information threats, which in the first place should include the information-psychological impact. The action of these threats can cause psycho-emotional and socio-psychological tension, distortion of moral criteria and norms, moral and political disorientation and, as a result, inappropriate behavior of individuals, groups and masses of people. As a result of such influences, deep transformations of individual, group and mass consciousness, negative changes in the moral, political and socio-psychological climate in society are possible.

Information security of the state is a state of the state in which it cannot be inflicted significant damage by exerting influence on its information sphere. Ensuring the information security of the state is inextricably linked with ensuring national security. In recent years, we have been able to see how severe the consequences of information security breaches associated with the use of modern technologies can be.

One of the most important was and remains the problem of social security. It is associated with the protection of the interests of the country and the people in the social sphere, development social structure  and public relations, the life support system and socialization of people, a lifestyle that meets the needs of the progress of present and future generations. In modern Russia, information security is determined by the presence of negative processes in society. On the one hand, these are complex, contradictory and negative processes in the political, socio-economic and spiritual spheres, which reduces the stability of the individual, her psyche to various information influences. On the other hand, this is a tremendous increase in the effectiveness of means of informational impact on the psyche of people and public consciousness. Modern and promising information technologies and tools allow you to manage information interaction  people, public consciousness and control them. In particular, there are potential opportunities to eavesdrop on all telephone conversations, monitor correspondence, create and illegally use computer databases of confidential personal data, carry out a hidden information impact on the psyche of people, etc.

Thus, information technology is a great blessing for humanity, they determine the future of society. But at the same time in the hands of attackers it is a terrible weapon; the main danger lies in unauthorized access (active or passive) to its source or consumer (individual). The latter is the informational impact on the personality. In modern society, information security is a system-forming factor in all areas of his life. It has a certain impact on the state of economic, defense, social, political and other components of national security. At the same time, information security itself is an integral part of national security, a special role of which is explained by the global processes that are characteristic today for the socio-economic development of the world. Therefore, we can confidently assert that information security can be considered as the most important component of national security, “permeating” all other types of security.

The prevention and elimination of threats to information security to the interests and rights of individuals, society and the state is based on the development and implementation of a set of protection tools and mechanisms, the main directions of which will be discussed in the next chapter.