Information security threats to the Russian Federation. III. Main information threats and state. Methods and means of information protection

It should be noted that, although the information security problems generated by informatization are global, for Russia they acquire special significance in connection with its geopolitical and economic position.

In the Doctrine of Information Security of the Russian Federation, approved by the President of the Russian Federation on September 9, 2000, threats to the information security of the country, according to their general orientation, are divided into threats:

constitutional rights and freedoms of man and citizen in the field of information activities;

the spiritual life of society;

Information Security

information infrastructure;

information resources.

Threats to constitutional human and civil rights and freedoms in the field of information security can be:

the adoption by public authorities of regulatory legal acts that infringe on the constitutional rights and freedoms of citizens in the field of information activities;

creation of monopolies on the formation, receipt and distribution of information in the Russian Federation, including using telecommunication systems;

opposition, including from criminal structures, to the exercise by citizens of their constitutional rights to personal and family secrets, secrecy of correspondence, telephone conversations and other messages, as well as ineffective application of the existing regulatory and legal framework in this area;

irrational, excessive restriction of access to socially necessary information;

violation of constitutional human and civil rights and freedoms in the field of mass media;

non-compliance by state authorities, organizations and citizens with the requirements of the legislation of the Russian Federation regulating relations in the information sphere.

Threats to the spiritual life of society can be:

the use of means of influencing the mass consciousness of citizens;

disorganization and destruction of the system of accumulation and preservation of cultural property, including archives;

restriction of citizens' access to open state information resources of state authorities and other socially significant information;

decline in the spiritual, moral and creative potential of Russia;

manipulation of information (disinformation, concealment or distortion of information).

Threats to information infrastructure can be:

violation of targeting and timeliness of information exchange, illegal collection and use of information;

violation of information processing technology;

introduction into hardware and software products of components that implement functions not provided for in the documentation for these products;

development and distribution of programs that disrupt the normal functioning of information and information - telecommunication systems, including information security systems;

destruction, damage, electronic suppression or destruction of information processing facilities and systems, telecommunications and communications;

theft of software or hardware keys and means of cryptographic protection of information;

interception of information in technical channels, its leakage arising from the operation of technical means of processing and storage, as well as during the transfer of information through communication channels;

the introduction of electronic devices for intercepting information in technical means of processing, storing and transmitting information on

communication channels, as well as in the office premises of state authorities and organizations;

destruction, damage, destruction or theft of machine and other storage media;

interception, decryption and imposition of false information in data transmission networks, communication lines and mass information systems;

impact on password-key systems of protection of automated systems for processing and transmitting information;

purchase abroad of information technologies, informatization means, telecommunications and communications, which have domestic counterparts that are not inferior in their characteristics to foreign models.

Threats to information resources can be:

activities of space, air, sea and ground technical means of reconnaissance of foreign states;

unauthorized access to information resources and their illegal use;

theft of information resources from libraries, archives, banks and databases;

violation of legal restrictions on the distribution of information resources.

In his Address on National Security (June 13, 1996), the President of the Russian Federation identified the main threats to Russia in the information sphere as follows:

internal - the country's lag behind the leading countries in terms of the level and pace of informatization, the absence of a clearly formulated information policy;

external - attempts to prevent Russia from participating on equal terms in international information exchange, interference and targeted penetration into the activities and development of the information infrastructure of the Russian Federation, the desire to reduce the use of the Russian language as an international means of communication and, through this, the narrowing of the Russian information space.

These and other internal and external threats, according to the methods of influence (implementation), are divided into informational, software and mathematical, physical and organizational threats.

Information threats are implemented through

unauthorized access to information resources and their theft for the purpose of illegal use, negative manipulation of information (disinformation, distortion of information, its concealment), violation of information processing technology, etc.

Software and mathematical threats are implemented by introducing components into hardware and software systems that perform functions that are not described in the documentation for these systems and reduce the efficiency of their functioning, the development and distribution of programs (viruses, Trojan horses, etc.) that disrupt normal functioning systems, including information security systems.

Physical threats are associated with physical impact (destruction, damage, theft) on information systems and their elements, signal interception of information in transmission channels or in office premises, etc.

Organizational threats include, first of all, a weak legal framework for ensuring information security. There is practically no legal support for information security at the regional level. The requirements of existing legislative acts (the Constitution of the Russian Federation, the laws of the Russian Federation "On Security", "On State Secrets", "On Information, Informatization and Protection of Information", etc.) are not always met. The shortcomings of the legal system lead to the fact that a significant amount of information with limited access in the financial - exchange, tax, customs, foreign economic, housing and other spheres in the form of specific databases is distributed by various commercial firms.

In the information space, from the point of view of information security, the most typical are two dangers: 1)

control (extraction) of information resources of the state, that is, in fact, information intelligence (espionage). The information space has been and remains the domain of numerous intelligence services. Today, information intelligence can be implemented in two ways: unauthorized entry into information and control systems; legally, due to the active participation of foreign firms in the creation of the information structure of Russia. At the same time, in addition to the negative consequences associated with the fact that the country's information resources are under the control of the relevant foreign structures, direct damage is inflicted on the economy - domestic science and production are left without their own orders; 2)

threat of destruction or disorganization of information resources of elements of state structures. With the current level of development of information technology, such impacts can be carried out even in peacetime. They are fraught with the destruction of valuable information for the state, its distortion or the introduction of negative information in order to disorganize or make wrong decisions at the appropriate level of government.

A special place is occupied by the security of computer networks, which make it possible to combine and share a large amount of information resources on a local and global scale. Computer networks are becoming one of the main means of information communication. At the same time, their enormous capabilities come into conflict with the problem of ensuring the protection of information. This circumstance must be taken into account when creating and developing both local and global computer networks. For example, in the process of creating the Internet in the United States in January 1981, the Department of Defense's Computer Security Center was created, in 1985 it was transformed into the National Computer Security Center and transferred to the National Security Agency.

Analysis of the above threats, forms and methods of their impact on security objects in the information sphere, as well as methods and means of combating these threats allows us to assert that at present in the theory and practice of information security, two directions are already beginning to crystallize, which can be determined (although rather tentatively) as information and psychological security and information protection.

Information and psychological security is the state of protection of citizens, individual groups and social strata of society, mass associations of people, the population as a whole from negative information and psychological influences carried out in the information space (more on this later).

Information protection - ensuring information security (countering threats to information infrastructure and information resources).

Currently, the most actively developed problems of information protection: organizational, legal, technical and technological measures to prevent and reflect threats to information resources and systems, eliminate their consequences. The theory of information security is being formed, methods and means of information security are being created and actively used in practice, specialists are being trained in a number of specialties and specializations, such as information security technology, comprehensive information security of automated systems, information security and protection, etc. 11.3.

Sarychev N.V., Melnichenko D.V.

External and internal threats to the information security of Russia

Information security is the protection of the information environment of an individual, society and the state from intentional and unintentional threats and impacts. Ensuring the information security of the Russian Federation is closely interconnected with the solution of the country's internal problems: the problems of ensuring political, economic, military, social and other types of national security. To ensure the external aspect of information security, a large role should be assigned to interaction with information authorities of other countries.

Key words: countering the ideology of terrorism, information sphere, information threats, information security, protection from information and psychological threats.

The information sphere of Russia is characterized by the active development of modern means of information exchange and various types of computer systems. This creates conditions for providing information support to the activities of the management apparatus at all levels and in all branches of government.

At the same time, little attention paid to the problems of ensuring information security creates objective conditions for illegal access to classified information, its theft or destruction. A particular danger is the possibility of manipulating various kinds of information to negatively influence the political decision-making process.

In the list of types of threats to information security outlined in the Doctrine, it is worth paying special attention to: - ousting Russian news agencies and mass media from the internal information market and increasing dependence of the spiritual, economic and political spheres of Russian public life on foreign information structures; -manipulation of information (disinformation, concealment or distortion of information).

The main goals of protection against information and psychological threats for Russia are:

1) protection from destructive information and psychological influences of the environment of society, the psyche of the population, social groups of citizens;

2) counteraction to attempts to manipulate the processes of perception of information by the population on the part of political forces hostile to Russia, carried out with the aim of weakening the defense capability of the state;

3) defending the national interests, goals and values ​​of Russia in the information space (global, national, regional, sub-regional, CIS countries);

4) constant monitoring of the attitude of Russian society to the most important problems of national security (diagnostics of public opinion, the psychological state of the nation). The leading countries of the world currently have a powerful potential for information warfare (first of all, the United States, China, Israel, France, Great Britain, Germany), which can ensure their achievement of political and economic goals, especially since there are no international legal norms for conducting information warfare.

The Doctrine of Information Security of the Russian Federation identifies the following main sources of internal threats to information security.

Internal sources include: -critical state of domestic industries; - an unfavorable crime situation, accompanied by tendencies for the merging of state and criminal structures in the information sphere, for criminal structures to gain access to confidential information, increase the influence of organized crime on the life of society, reduce the degree of protection of the legitimate interests of citizens, society and the state in the information sphere; -insufficient coordination of the activities of federal bodies of state power, bodies of state power of the constituent entities of the Russian Federation in the formation and implementation of a unified state policy in the field of ensuring information security of the Russian Federation; -insufficient elaboration of the regulatory legal framework governing relations in the information sphere, as well as insufficient law enforcement practice;

Underdevelopment of civil society institutions and insufficient state control over the development of the information market in Russia; -insufficient funding of measures to ensure the information security of the Russian Federation; -insufficient economic power of the state;

Decrease in the efficiency of the education and training system, insufficient number of qualified personnel in the field of information security; -insufficient activity of federal bodies of state power, bodies of state power of the constituent entities of the Russian Federation in informing society about their activities, in explaining decisions made, in the formation of open state resources and the development of a system of citizens' access to them; - Russia's lag behind the leading countries of the world in terms of the level of informatization of federal government bodies, government bodies of the constituent entities of the Russian Federation and local government bodies,

credit and financial sphere, industry, agriculture, education, health care, services and everyday life of citizens. The following threats to the information security of the Russian Federation pose the greatest danger in the sphere of domestic policy: - violation of the constitutional rights and freedoms of citizens, exercised in the information sphere;

Insufficient legal regulation of relations in the field of the rights of various political forces to use the media to promote their ideas; -dissemination of misinformation about the policy of the Russian Federation, the activities of federal bodies of state power, events taking place in the country and abroad; - the activities of public associations aimed at forcibly changing the foundations of the constitutional system and violating the integrity of the Russian Federation, inciting social, racial, national and religious enmity, at spreading these ideas in the media. Of the internal threats to the information security of the Russian Federation in the field of foreign policy, the most dangerous are: -information and propaganda activities of political forces, public associations, the media and individuals, distorting the strategy and tactics of the foreign policy of the Russian Federation; Of the external threats to the information security of the Russian Federation in the sphere of foreign policy, the greatest danger is represented by: -insufficient awareness of the population about the foreign policy of the Russian Federation. -informational impact of foreign political, economic, military and information structures on the development and implementation of the foreign policy strategy of the Russian Federation; -the spread of misinformation abroad about the foreign policy of the Russian Federation;

Violation of the rights of Russian citizens and legal entities in the information sphere abroad;

Attempts of unauthorized access to information and influence on information resources, information infrastructure of federal executive bodies implementing the foreign policy of the Russian Federation, Russian missions and organizations abroad, representative offices of the Russian Federation at international organizations. On the basis of the national interests of the Russian Federation in the information sphere, strategic and current tasks of the internal and foreign policy of the state are formed to ensure information security.

There are four main components of the national interests of the Russian Federation in the information sphere.

The first component of the national interests of the Russian Federation in the information sphere includes the observance of constitutional rights and freedoms of man and citizen in the field of obtaining information and using it, ensuring the spiritual renewal of Russia, preserving and strengthening the moral values ​​of society, the traditions of patriotism and humanism, the cultural and scientific potential of the country.

The second component of the national interests of the Russian Federation in the information sphere includes information support of the state policy of the Russian Federation, associated with bringing to the Russian and international community reliable information about the state policy of the Russian Federation, its official position on socially significant events in Russian and international life, with ensuring citizens' access to open state information resources.

The third component of the national interests of the Russian Federation in the information sphere includes the development of modern information technologies, the domestic information industry, including the industry of informatization, telecommunications and communications, ensuring the needs of the domestic market with its products and the entry of these products into the world market, as well as ensuring accumulation, safety and effective use of domestic information resources. In modern conditions, it is only on this basis that it is possible to solve the problems of creating science-intensive technologies, technological re-equipment of industry, and augmenting the achievements of domestic science and technology. Russia should take its rightful place among the world leaders in the microelectronic and computer industries.

The fourth component of the national interests of the Russian Federation in the information sphere includes protecting information resources from unauthorized access, ensuring the security of information and telecommunication systems, both already deployed and created on the territory of Russia.

According to A.Yu. Kiryanov, the main tasks for the implementation and protection of national interests at the present stage of Russia's development in the information sphere are as follows.

1. Development and adoption of a long-term program to ensure access to the level of the world's leading countries in the field of creating informatics and management systems based on the latest information technologies.

2. Ensuring freedom of receipt and dissemination of information by citizens, other subjects of public relations in the interests of the formation of civil society, a democratic rule of law, the development of science and culture.

3. Ensuring reliable protection of the information potential of Russia (that is, the totality of information that ensures the national interests of the country; systems for its receipt, storage, processing and distribution; its subjects) from its illegal use to the detriment of protected

the law to the interests of the individual, society and the state. Control over the export of intellectual products from the country, as well as information data banks. Organization of an effective system of training and retraining of personnel in the field of information security.

4. Development of interaction between state and non-state information support systems in order to more efficiently use the country's information resources.

5. Improvement of the system of normative legal acts regulating property relations and maintaining the balance of interests of the individual, society and the state in the field of formation, storage and use of information resources. Formation and development of federal and regional certification centers for information security systems and their elements.

6. Counteracting purposeful actions to misinform the authorities, the population of the country, the use of information exchange channels to disrupt management systems in various spheres of the state's life.

7. Creation of a common information space of the CIS countries in the interests of promoting integration processes, increasing the efficiency of interaction in the implementation of common interests. The inclusion of Russia in the international system of information exchange, taking into account the provision of Russian national interests and counteraction by actions of information intervention.

8. Ensuring at the international level decision-making on an unconditional ban on the use of information weapons in peacetime.

Further, it is proposed to focus on the role of the state in the field of information protection. General provisions on the protection of information are established by the Federal Law "On Information" (Art. 16). The law considers the protection of information as a set of “legal, organizational and technical measures aimed at:

1) ensuring the protection of information from unauthorized access, destruction, modification, blocking, copying, provision, distribution, as well as from other illegal actions in relation to such information;

2) observance of confidentiality of information of limited access;

3) the exercise of the right to access information ”.

The last goal, at first glance, has nothing to do with information security. This is not the case. It is necessary to protect not only information with limited access, but also open information, access to which should be unrestricted. It is also the task of the state in relation to the information provided for

general information by state authorities and local self-government bodies.

Publicly available information should be protected from blocking access, destruction, modification (distortion). Restricted information - from destruction, modification, illegal copying, disclosure, illegal access, illegal use.

Considering the global nature of informatization processes and the emergence of international cybercrime, the world community should have interstate organizational structures but coordinate work in the field of information security.

The main international body is the United Nations and the Security Council it created. These bodies coordinate the efforts of states to implement measures in the field of ensuring information security and combating crimes in the field of information technology. Controversial issues at the interstate level are decided by the International Court of Justice.

The information security system of the Russian Federation is built on the basis of the delineation of powers of the legislative, executive and judicial authorities of the federal level, the level of the constituent entities of the Russian Federation, departmental structures, as well as services of enterprises and organizations.

So, in connection with the latest scientific and technical achievements in the field of informatics and information technology, the modern rivalry between states and other objects of social nature is characterized by the emergence of a new factor - information. Threats to national security in various spheres of human activity are realized through targeted impact on the information environment. In the political sphere, information and psychological influence is becoming increasingly important in order to form relations in society, its reaction to the ongoing processes. In the economic sphere, the vulnerability of economic structures to unreliability, delay and illegal use of economic information is growing. In the military sphere, the outcome of an armed struggle increasingly depends on the quality of the information obtained and the level of development of information technologies on which the intelligence, electronic warfare, command and control systems and precision weapons are based. In the sphere of spiritual life, there is a danger of the development of aggressive consumer ideology in society with the help of electronic media, the spread of ideas of violence and intolerance and other negative influences on the consciousness and psyche of a person. The information environment, being a backbone factor in all types of national security (political, economic, military, etc.), at the same time is an independent object of protection.

Literature

1. Kiryanov A.Yu. The essence of the information aspect of the national security of the Russian Federation // International public and private law. -2005. - No. 3. - P. 42.

2. The doctrine of information security of the Russian Federation, approved by the President of the Russian Federation 09.09.2000. No. Pr. 1895 // Russian newspaper. - 2000. - No. 187.

3. Kovaleva N.N. Information law of Russia: a tutorial. - M .: building and trade corporation "Dashkov and K", 2007. - 234 p.

4. Volchinskaya E.K. The role of the state in ensuring information security // Information law. - 2008. - No. 4. - S. 9-16.

5. Rodichev Yu.A. Information Security: Regulatory Aspects: A Study Guide. - SPb .: Peter, 2008 .-- S. 86-87.

Along with political, economic, military, social and environmental security, information security is an integral part of the national security of the Russian Federation.

The information security of the Russian Federation is understood as the state of protection of the national interests of the Russian Federation in the information sphere, which are determined by the totality of balanced interests of the individual, society and the state.

The information sphere is a set of information resources and information infrastructure of the protected object.

The collection of stored, processed and transmitted information used to support management processes is called an information resource.

Information resources include:

· Information resources of enterprises of the defense complex, containing information on the main directions of the development of weapons, on the scientific, technical and production potential, on the volumes of supplies and stocks of strategic types of raw materials and materials;

· Information support of control and communication systems;

· Information on fundamental and applied research projects of national importance, etc.

Information infrastructure is a set of information subsystems, control centers, hardware and software tools and technologies for collecting, storing, processing and transmitting information.

Information infrastructure includes:

· Information infrastructure of central, local government bodies, research institutions;

· Information infrastructure of defense enterprises and research institutions that carry out state defense orders or are involved in defense issues;

· Software and hardware for automated and automatic control and communication systems.

A threat to information security is understood as a set of conditions and factors that create a potential or real danger associated with information leakage and (or) unauthorized and (or) unintended impacts on it. Threats to the information security of the Russian Federation are divided into external and internal.

External threats that pose the greatest danger to support facilities are:

· All types of intelligence activities of foreign states;

· Information and technical impact (including electronic warfare, penetration into computer networks);

· Sabotage and subversive activities of special services of foreign states, carried out by methods of information and psychological influence;

· Activities of foreign political, economic and military structures directed against the interests of the Russian Federation in the field of defense.

Internal threats that will pose a particular danger in the context of an aggravated military-political situation include:

· Violation of the established regulations for the collection, processing, storage and transmission of information located in the headquarters and institutions of the power structures of the Russian Federation, at the enterprises of the defense complex;

· Deliberate actions, as well as errors of personnel of information and telecommunication systems of special purpose;

· Unreliable functioning of information and telecommunication systems for special purposes;

· Possible information and propaganda activities that undermine the prestige of the power structures of the Russian Federation and their combat readiness;

· Unresolved issues of protecting the intellectual property of defense enterprises, leading to the leakage of valuable state information resources abroad.

The threats to the security of already deployed and created information and telecommunication facilities and systems include:

· Illegal collection and use of information;

· Violation of information processing technology;

· Introduction into hardware and software products of components that implement functions that are not provided for by the documentation for these products;

· Development and distribution of programs that disrupt the normal functioning of information and information and telecommunication systems, including information security systems;

· Destruction, damage, electronic suppression or destruction of means and systems of information processing, telecommunications and communications;

· Impact on the password-key protection systems of automated systems for processing and transmitting information;

· Compromise of keys and means of cryptographic protection of information;

· Information leakage through technical channels;

· Introduction of electronic devices designed to intercept information in technical means of processing, storing and transmitting information through communication channels, as well as in the office premises of government bodies, enterprises, institutions and organizations, regardless of the form of ownership;

· Destruction, damage, destruction or theft of machine and other storage media;

· Interception of information in data transmission networks and on communication lines, decryption of this information and imposition of false information;

· Use of non-certified domestic and foreign information technologies, information security means, informatization means, telecommunications and communications in the creation and development of the Russian information infrastructure;

· Unauthorized access to information in banks and databases;

· Violation of legal restrictions on the dissemination of information.

The main directions for improving the information security system of the Russian Federation are:

· Systematic identification of threats and their sources, structuring of information security objectives and definition of relevant practical tasks;

· Carrying out certification of general and special software, applied software packages and information security tools in existing and created automated control and communication systems, which include elements of computer technology;

· Continuous improvement of information protection means, development of secure communication and control systems, increasing the reliability of special software;

· Improvement of the structure of functional organs of the system, coordination of their interaction.

Information security assessment is based on an analysis of threat sources (potential security breaches).

Activities aimed at preventing leakage of protected information, unauthorized and unintentional influences on it are called information protection. The object of protection is information or a storage medium, or an information process that needs to be protected.

Information protection is organized in three areas: from leakage, from unauthorized exposure and from unintended exposure (see Fig. 4.1).

The first area - protection of information from leakage - activities aimed at preventing the uncontrolled distribution of protected information as a result of its disclosure, unauthorized access to information and receipt of protected information by intelligence.

Protection of information from disclosure is aimed at preventing unauthorized bringing it to the consumer who does not have the right to access this information.

Protection of information from unauthorized access is aimed at preventing an interested subject from obtaining information in violation of the rights or rules of access to protected information established by legal documents or the owner, owner of information. An interested subject exercising unauthorized access to protected information may be: the state; entity; a group of individuals, including a public organization; a separate individual.

Protection of information from technical intelligence is aimed at preventing intelligence from obtaining information using technical means.

The second direction is the protection of information from unauthorized influence - activities aimed at preventing impact on the protected information in violation of the established rights and (or) rules for changing information, leading to its distortion, destruction, blocking access to information, as well as loss, destruction or malfunction of the media.

The third direction - protection of information from unintentional impact - activities aimed at preventing the impact on the protected information of errors of its user, failure of hardware and software of information systems, natural phenomena or other activities leading to distortion, destruction, copying, blocking access to information, and also to the loss, destruction or malfunction of the information carrier.

Organizing information protection means creating a system for protecting information, as well as developing measures to protect and control the effectiveness of information protection (see Fig. 4.2).

Rice. 4.2. Basic information protection scheme

DOCTRINE

information security of the Russian Federation

I. General Provisions

1. This Doctrine is a system of official views on ensuring the national security of the Russian Federation in the information sphere.
In this Doctrine, the information sphere is understood as a set of information, objects of informatization, information systems, sites in the information and telecommunication network "Internet" (hereinafter referred to as the "Internet" network), communication networks, information technologies, subjects whose activities are related to the formation and processing of information , the development and use of these technologies, information security, as well as a set of mechanisms for regulating the relevant public relations.

2. This Doctrine uses the following basic concepts:
a) the national interests of the Russian Federation in the information sphere (hereinafter referred to as the national interests in the information sphere) - the objectively significant needs of the individual, society and the state in ensuring their security and sustainable development in terms of the information sphere;
b) threat to the information security of the Russian Federation (hereinafter - information threat) - a set of actions and factors that create the danger of causing damage to national interests in the information sphere;
c) information security of the Russian Federation (hereinafter - information security) - the state of protection of the individual, society and the state from internal and external information threats, which ensures the implementation of constitutional rights and freedoms of man and citizen, a decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation, defense and security of the state;
d) ensuring information security - the implementation of interrelated legal, organizational, operational-search, intelligence, counterintelligence, scientific and technical, information-analytical, personnel, economic and other measures to predict, detect, contain, prevent, reflect information threats and eliminate their consequences manifestations;
e) information security forces - state bodies, as well as subdivisions and officials of state bodies, local self-government bodies and organizations authorized to solve information security tasks in accordance with the legislation of the Russian Federation;
f) information security means - legal, organizational, technical and other means used by information security forces;
g) information security system - a set of information security forces carrying out coordinated and planned activities, and the means of ensuring information security used by them;
h) information infrastructure of the Russian Federation (hereinafter - information infrastructure) - a set of informatization objects, information systems, sites on the Internet and communication networks located on the territory of the Russian Federation, as well as on territories under the jurisdiction of the Russian Federation or used on the basis of international treaties of the Russian Federation.

3. This Doctrine, on the basis of an analysis of the main information threats and an assessment of the state of information security, defines the strategic goals and main directions of ensuring information security, taking into account the strategic national priorities of the Russian Federation.

4. The legal basis of this Doctrine is the Constitution of the Russian Federation, generally recognized principles and norms of international law, international treaties of the Russian Federation, federal constitutional laws, federal laws, as well as regulatory legal acts of the President of the Russian Federation and the Government of the Russian Federation.

5. This Doctrine is a document of strategic planning in the field of ensuring the national security of the Russian Federation, which develops the provisions of the National Security Strategy of the Russian Federation, approved by the Decree of the President of the Russian Federation of December 31, 2015 No. 683, as well as other strategic planning documents in this area.

6. This Doctrine is the basis for the formation of state policy and the development of public relations in the field of information security, as well as for the development of measures to improve the information security system.

II. National interests in the information sphere

7. Information technologies have acquired a global cross-border character and have become an integral part of all spheres of activity of an individual, society and state. Their effective application is a factor in accelerating the economic development of the state and the formation of an information society.
The information sphere plays an important role in ensuring the implementation of the strategic national priorities of the Russian Federation.

8. National interests in the information sphere are:
a) ensuring and protecting constitutional human and civil rights and freedoms in terms of obtaining and using information, inviolability of private life when using information technologies, providing information support for democratic institutions, mechanisms of interaction between the state and civil society, as well as the use of information technologies in the interests of preserving cultural, historical, spiritual and moral values ​​of the multinational people of the Russian Federation;
b) ensuring the stable and uninterrupted functioning of the information infrastructure, primarily the critical information infrastructure of the Russian Federation (hereinafter referred to as the critical information infrastructure) and the unified telecommunication network of the Russian Federation, in peacetime, in a period of imminent threat of aggression and in wartime;
c) the development of the information technology and electronic industry in the Russian Federation, as well as the improvement of the activities of industrial, scientific and scientific-technical organizations for the development, production and operation of information security means, the provision of services in the field of information security;
d) bringing to the Russian and international community reliable information about the state policy of the Russian Federation and its official position on socially significant events in the country and the world, the use of information technologies in order to ensure the national security of the Russian Federation in the field of culture;
e) assistance in the formation of an international information security system aimed at countering the threats of the use of information technologies in order to violate strategic stability, at strengthening an equal strategic partnership in the field of information security, as well as at protecting the sovereignty of the Russian Federation in the information space.

9. Realization of national interests in the information sphere is aimed at creating a safe environment for the circulation of reliable information and information infrastructure resistant to various types of impact in order to ensure constitutional human and civil rights and freedoms, stable socio-economic development of the country, as well as the national security of the Russian Federation.

III. The main information threats and the state of information security

10. The expansion of the fields of application of information technologies, being a factor in the development of the economy and improvement of the functioning of public and state institutions, at the same time generates new information threats.
The possibilities of cross-border circulation of information are increasingly being used to achieve geopolitical, military-political, as well as terrorist, extremist, criminal and other illegal goals contrary to international law, at the expense of international security and strategic stability.
At the same time, the practice of introducing information technologies without linking with ensuring information security significantly increases the likelihood of information threats.

11. One of the main negative factors affecting the state of information security is the building up by a number of foreign countries of the capabilities of information and technical impact on the information infrastructure for military purposes.
At the same time, the activities of organizations carrying out technical intelligence in relation to Russian state bodies, scientific organizations and enterprises of the military-industrial complex are intensifying.

12. The scale of the use by the special services of individual states of means of providing information and psychological influence aimed at destabilizing the internal political and social situation in various regions of the world and leading to the undermining of sovereignty and violation of the territorial integrity of other states is expanding. Religious, ethnic, human rights and other organizations, as well as individual groups of citizens are involved in this activity, while the possibilities of information technologies are widely used.
There is a tendency towards an increase in the volume of materials in foreign mass media containing a biased assessment of the state policy of the Russian Federation.
Russian mass media are often subjected to open discrimination abroad, and obstacles are created for Russian journalists to carry out their professional activities.
The informational impact on the population of Russia, primarily on young people, is increasing in order to erode traditional Russian spiritual and moral values.

13. Various terrorist and extremist organizations widely use mechanisms of informational influence on individual, group and public consciousness in order to whip up interethnic and social tension, incite ethnic and religious hatred or enmity, propagate extremist ideology, as well as attract new supporters to terrorist activities. For illegal purposes, such organizations are actively creating means of destructive influence on objects of critical information infrastructure.

14. The scale of computer crime is increasing, primarily in the credit and financial sphere, the number of crimes related to the violation of constitutional human and civil rights and freedoms, including those related to the inviolability of private life, personal and family secrets, in the processing of personal data is increasing. using information technology. At the same time, the methods, methods and means of committing such crimes are becoming more sophisticated.

15. The state of information security in the field of defense of the country is characterized by an increase in the use by individual states and organizations of information technologies for military-political purposes, including for the implementation of actions contrary to international law, aimed at undermining the sovereignty, political and social stability, territorial integrity of the Russian Federation and its allies and posing a threat to international peace, global and regional security.

16. The state of information security in the field of state and public security is characterized by a constant increase in complexity, an increase in the scale and an increase in the coordination of computer attacks on critical information infrastructure facilities, an increase in the intelligence activities of foreign states in relation to the Russian Federation, as well as an increase in threats of the use of information technologies in order to inflict damage sovereignty, territorial integrity, political and social stability of the Russian Federation.

17. The state of information security in the economic sphere is characterized by an insufficient level of development of competitive information technologies and their use for the production of goods and the provision of services. The level of dependence of the domestic industry on foreign information technologies remains high in terms of the electronic component base, software, computers and communications, which determines the dependence of the socio-economic development of the Russian Federation on the geopolitical interests of foreign countries.

18. The state of information security in the field of science, technology and education is characterized by insufficient efficiency of scientific research aimed at creating promising information technologies, a low level of implementation of domestic developments and insufficient staffing in the field of information security, as well as low awareness of citizens in matters of personal information security ... At the same time, measures to ensure the security of information infrastructure, including its integrity, availability and sustainable operation, using domestic information technologies and domestic products often do not have an integrated framework.

19. The state of information security in the field of strategic stability and equitable strategic partnership is characterized by the desire of individual states to use technological superiority to dominate the information space.
The current distribution between countries of the resources necessary to ensure the safe and stable operation of the Internet does not allow for the implementation of joint fair, trust-based management of them.
The absence of international legal norms regulating interstate relations in the information space, as well as mechanisms and procedures for their application, taking into account the specifics of information technologies, complicates the formation of an international information security system aimed at achieving strategic stability and equal strategic partnership.

IV. Strategic goals and main directions of ensuring information security

20. The strategic goal of ensuring information security in the field of national defense is to protect the vital interests of the individual, society and the state from internal and external threats associated with the use of information technologies for military-political purposes that are contrary to international law, including for the purpose of carrying out hostile actions and acts of aggression aimed at undermining sovereignty, violating the territorial integrity of states and posing a threat to international peace, security and strategic stability.

21. In accordance with the military policy of the Russian Federation, the main areas of information security in the field of national defense are:
a) strategic containment and prevention of military conflicts that may arise as a result of the use of information technology;
b) improving the information security system of the Armed Forces of the Russian Federation, other troops, military formations and bodies, including the forces and means of information warfare;
c) forecasting, detection and assessment of information threats, including threats to the Armed Forces of the Russian Federation in the information sphere;
d) assistance in protecting the interests of the allies of the Russian Federation in the information sphere;
e) neutralization of information and psychological impact, including those aimed at undermining the historical foundations and patriotic traditions associated with the defense of the Fatherland.

22. The strategic goals of ensuring information security in the field of state and public security are to protect sovereignty, maintain political and social stability, territorial integrity of the Russian Federation, ensure fundamental human and civil rights and freedoms, and protect critical information infrastructure.

23. The main directions of ensuring information security in the field of state and public security are:
a) countering the use of information technologies to promote extremist ideology, the spread of xenophobia, ideas of national exclusivity in order to undermine sovereignty, political and social stability, forcibly change the constitutional order, violate the territorial integrity of the Russian Federation;
b) suppression of activities detrimental to the national security of the Russian Federation, carried out with the use of technical means and information technologies by special services and organizations of foreign states, as well as by individuals;
c) increasing the security of critical information infrastructure and the stability of its functioning, developing mechanisms for detecting and preventing information threats and eliminating the consequences of their manifestation, increasing the protection of citizens and territories from the consequences of emergencies caused by information and technical impact on objects of critical information infrastructure;
d) increasing the security of the functioning of information infrastructure facilities, including for the purpose of ensuring stable interaction of state bodies, preventing foreign control over the functioning of such facilities, ensuring the integrity, stability of the functioning and security of the unified telecommunication network of the Russian Federation, as well as ensuring the security of information transmitted through it and processed in information systems on the territory of the Russian Federation;
e) improving the operational safety of weapons, military and special equipment and automated control systems;
f) increasing the effectiveness of prevention of offenses committed with the use of information technology, and counteraction to such offenses;
g) ensuring the protection of information containing information constituting a state secret, other information of limited access and distribution, including by increasing the security of the relevant information technologies;
h) improvement of methods and methods of production and safe use of products, provision of services based on information technologies using domestic developments that meet the requirements of information security;
i) increasing the efficiency of information support for the implementation of the state policy of the Russian Federation;
j) neutralization of informational influence aimed at erosion of traditional Russian spiritual and moral values.

24. The strategic goals of ensuring information security in the economic sphere are to reduce to the minimum possible level of the influence of negative factors caused by the insufficient level of development of the domestic information technology and electronic industry, the development and production of competitive means of ensuring information security, as well as increasing the volume and quality of services in the field of information security.

25. The main directions of ensuring information security in the economic sphere are:
a) innovative development of the information technology and electronic industry, an increase in the share of this industry's products in the gross domestic product, in the country's export structure;
b) elimination of the dependence of the domestic industry on foreign information technologies and means of ensuring information security through the creation, development and widespread introduction of domestic developments, as well as the production of products and the provision of services based on them;
c) increasing the competitiveness of Russian companies operating in the information technology and electronic industry, the development, production and operation of information security tools that provide information security services, including by creating favorable conditions for carrying out activities on the territory of the Russian Federation ;
d) development of a domestic competitive electronic component base and technologies for the production of electronic components, meeting the needs of the domestic market for such products and the entry of these products into the world market.

26. The strategic goal of ensuring information security in the field of science, technology and education is to support the innovative and accelerated development of the information security system, the information technology industry and the electronic industry.

27. The main directions of ensuring information security in the field of science, technology and education are:
a) achieving the competitiveness of Russian information technologies and developing scientific and technical potential in the field of information security;
b) creation and implementation of information technologies, initially resistant to various types of impact;
c) conducting scientific research and carrying out experimental developments in order to create promising information technologies and means of ensuring information security;
d) development of human resources in the field of information security and the use of information technology;
e) ensuring the protection of citizens from information threats, including through the formation of a culture of personal information security.

28. The strategic goal of ensuring information security In the field of strategic stability and equal strategic partnership is the formation of a stable system of non-conflict interstate relations in the information space.

29. The main directions of ensuring information security in the field of strategic stability and equitable strategic partnership are:
a) protection of the sovereignty of the Russian Federation in the information space through the implementation of an independent and independent policy aimed at the implementation of national interests in the information sphere;
b) participation in the formation of an international information security system that ensures effective counteraction to the use of information technologies for military-political purposes contrary to international law, as well as for terrorist, extremist, criminal and other illegal purposes;
c) the creation of international legal mechanisms that take into account the specifics of information technology, in order to prevent and resolve interstate conflicts in the information space;
d) promoting, within the framework of the activities of international organizations, the position of the Russian Federation, which provides for the provision of equal and mutually beneficial cooperation of all interested parties in the information sphere;
e) development of a national management system for the Russian segment of the Internet.

V. Organizational basis for ensuring information security

30. The information security system is part of the national security system of the Russian Federation.
Information security is ensured on the basis of a combination of legislative, law enforcement, law enforcement, judicial, control and other forms of activity of state bodies in cooperation with local governments, organizations and citizens.

31. The information security system is built on the basis of the delineation of powers of legislative, executive and judicial authorities in this area, taking into account the jurisdiction of federal government bodies, government bodies of the constituent entities of the Russian Federation, as well as local government bodies determined by the legislation of the Russian Federation in the field of security security.

32. The composition of the information security system is determined by the President of the Russian Federation.

33. The organizational basis of the information security system is composed of: the Federation Council of the Federal Assembly of the Russian Federation, the State Duma of the Federal Assembly of the Russian Federation, the Government of the Russian Federation, the Security Council of the Russian Federation, federal executive bodies, the Central Bank of the Russian Federation, the Military-Industrial Commission of the Russian Federation, interdepartmental bodies created by the President of the Russian Federation and the Government of the Russian Federation, executive bodies of the constituent entities of the Russian Federation, local self-government bodies, judicial bodies that, in accordance with the legislation of the Russian Federation, take part in solving information security problems.
Participants in the information security system are: owners of critical information infrastructure and organizations operating such facilities, media and mass communications, organizations of the monetary, currency, banking and other areas of the financial market, communications operators, operators of information systems, organizations implementing activities for the creation and operation of information systems and communication networks, for the development, production and operation of information security means, for the provision of services in the field of information security, organizations carrying out educational activities in this area, public associations, other organizations and citizens who are in in accordance with the legislation of the Russian Federation, they participate in solving information security problems.

34. The activities of state bodies to ensure information security are based on the following principles:
a) the legality of public relations in the information sphere and the legal equality of all participants in such relations, based on the constitutional right of citizens to freely seek, receive, transfer, produce and disseminate information in any legal way;
b) constructive interaction of state bodies, organizations and citizens in solving problems of ensuring information security;
c) maintaining a balance between the need of citizens for the free exchange of information and restrictions associated with the need to ensure national security, including in the information sphere;
d) the sufficiency of the forces and means of ensuring information security, determined, among other things, through the constant monitoring of information threats;
e) compliance with the generally recognized principles and norms of international law, international treaties of the Russian Federation, as well as the legislation of the Russian Federation.

35. The tasks of state bodies in the framework of information security activities are:
a) ensuring the protection of the rights and legitimate interests of citizens and organizations in the information sphere;
b) assessment of the state of information security, forecasting and detection of information threats, determination of priority directions for their prevention and elimination of the consequences of their manifestation;
c) planning, implementation and evaluation of the effectiveness of a set of measures to ensure information security;
d) organization of activities and coordination of interaction of information security forces, improvement of their legal, organizational, operational-search, intelligence, counterintelligence, scientific-technical, information-analytical, personnel and economic support;
e) development and implementation of measures of state support for organizations engaged in the development, production and operation of information security means, for the provision of services in the field of information security, as well as organizations carrying out educational activities in this area.

36. The tasks of state bodies in the framework of the development and improvement of the information security system are:
a) strengthening the vertical of command and centralization of information security forces at the federal, interregional, regional, municipal levels, as well as at the level of informatization objects, operators of information systems and communication networks;
b) improving the forms and methods of interaction of information security forces in order to increase their readiness to counter information threats, including through regular training (exercises);
c) improvement of information-analytical and scientific-technical aspects of the functioning of the information security system;
d) increasing the efficiency of interaction between state bodies, local self-government bodies, organizations and citizens in solving problems of ensuring information security.

37. The implementation of this Doctrine is carried out on the basis of sectoral strategic planning documents of the Russian Federation. In order to update such documents, the Security Council of the Russian Federation is determining a list of priority areas for ensuring information security for the medium term, taking into account the provisions of the strategic forecast of the Russian Federation.

38. The results of monitoring the implementation of this Doctrine are reflected in the annual report of the Secretary of the Security Council of the Russian Federation to the President of the Russian Federation on the state of national security and measures to strengthen it.

threats to the constitutional rights and freedoms of man and citizen in the field of spiritual life and information activities, individual, group and public consciousness, the spiritual revival of Russia: the adoption by federal government bodies, government bodies of the constituent entities of the Russian Federation of regulatory legal acts that infringe on the constitutional rights and freedoms of citizens in areas of spiritual life and informational activity; creation of monopolies on the formation, receipt and distribution of information in the Russian Federation, including using telecommunication systems; opposition, including from criminal structures, to the exercise by citizens of their constitutional rights to personal and family secrets, secrecy of correspondence, telephone conversations and other messages; irrational, excessive restriction of access to socially necessary information; illegal use of special means of influencing individual, group and public consciousness; non-fulfillment by federal government bodies, government bodies of the constituent entities of the Russian Federation, local government bodies, organizations and citizens of the requirements of federal legislation regulating relations in the information sphere; unlawful restriction of citizens' access to open information resources of federal government bodies, government bodies of the constituent entities of the Russian Federation, local government bodies, to open archival materials, to other open socially significant information; disorganization and destruction of the system of accumulation and preservation of cultural property, including archives; violation of constitutional human and civil rights and freedoms in the field of mass media; ousting Russian news agencies and mass media from the domestic information market and increasing dependence of the spiritual, economic and political spheres of public life in Russia on foreign information structures; devaluation of spiritual values, propaganda of models of mass culture based on the cult of violence, on spiritual and moral values ​​that contradict the values ​​accepted in Russian society; a decrease in the spiritual, moral and creative potential of the Russian population, which will significantly complicate the preparation of labor resources for the introduction and use of the latest technologies, including information; manipulation of information disinformation, concealment or distortion of information.

threats to information support of the state policy of the Russian Federation: monopolization of the information market in Russia, its individual sectors by domestic and foreign information structures; blocking the activities of state media to inform Russian and foreign audiences; low efficiency of information support of the state policy of the Russian Federation due to a shortage of qualified personnel, the absence of a system for the formation and implementation of state information policy. threats to the development of the domestic information industry, including the industry of informatization, telecommunications and communications, meeting the needs of the domestic market for its products and the entry of these products on the world market, as well as ensuring the accumulation, safety and effective use of domestic information resources: opposition to the access of the Russian Federation to the latest information technologies , mutually beneficial and equal participation of Russian manufacturers in the global division of labor in the information services industry, information technology, telecommunications and communications, information products, as well as creating conditions for strengthening Russia's technological dependence in the field of modern information technologies; procurement by public authorities of imported means of informatization, telecommunications and communications in the presence of domestic analogues that are not inferior in their characteristics to foreign models; displacement from the domestic market of Russian manufacturers of information technology, telecommunications and communications; an increase in the outflow of specialists and intellectual property owners abroad. threats to the security of information and telecommunication facilities and systems, both already deployed and created on the territory of Russia: illegal collection and use of information; violation of information processing technology; introduction into hardware and software products of components that implement functions that are not provided for by the documentation for these products; development and distribution of programs that disrupt the normal functioning of information and information and telecommunication systems, including information security systems; destruction, damage, electronic suppression or destruction of information processing facilities and systems, telecommunications and communications; impact on the password-key protection systems of automated systems for processing and transmitting information; compromise of keys and means of cryptographic protection of information; information leakage through technical channels; the introduction of electronic devices for intercepting information in technical means of processing, storing and transmitting information through communication channels, as well as in the office premises of state authorities, enterprises, institutions and organizations, regardless of the form of ownership; destruction, damage, destruction or theft of machine and other storage media; interception of information in data transmission networks and on communication lines, decryption of this information and imposition of false information; the use of non-certified domestic and foreign information technologies, information security means, informatization means, telecommunications and communications in the creation and development of the Russian information infrastructure; unauthorized access to information in banks and databases; violation of legal restrictions on the dissemination of information.

The forecast of information threats to our country does not give grounds for optimism. First of all, we are talking about incessant attempts to revise Soviet and European history, especially in the twentieth century. These actions in relation to national history are undoubtedly elements of an information war. For example, it is regrettable that the decisive battles of the Second World War - the Battle of Stalingrad, the Battle of the Kursk Bulge - are practically not reflected in Western history textbooks. The largest battle in Western historiography is the battle of El Alamein in Africa. This distortion of history is far from harmless. Attempts to belittle the role of our country in the defeat of fascism undermine the image of Russia as a great victorious power, as a founding country of the UN. In such a situation, we have no choice but to intensify and increase the production of our information sources: books, films, Internet products - with content that is beneficial to us, which more objectively assess the role of our country in world history. These projects should be financed by both the state and big business.