Russian ICT as the foundation of national information security
This report was presented at the session "Information Security of Industrial Objects" on May 22, 2019 within the framework of the conference "Digital Industry of Russia 2019" ( TsIPR 2019 ).
06/16/2019: The publication is improved according to the comment Foggy4 - the marketing component at the end is removed in a warning spoiler.
I can send the original of the presentation in .pptx with a personal appeal.
')
I want to start c events that occurred May 19, 1998. The legendary hacker galaxy L0pht, speaking in full in the Senate before a meeting of the most influential Western officials, said: “Your computerized equipment is vulnerable to cyber attacks from the Internet. ... Manufacturers do not care at all about this state of affairs, because modern legislation does not provide for any liability for a negligent approach to ensuring cybersecurity. Responsibility for potential failures lies with the user of the equipment. Source: Washington Post, NET OF INSECURITY A disaster foretold - and ignored
More than 20 years have passed, but today the Internet operates on the same technologies and protocols as then! And as then it is vulnerable, and manufacturers still do not bear any responsibility for neglecting security for the sake of profit and so on. Time-to-Market. (Source: " 30th anniversary of rampant insecurity ", KarevAnton )
At the same time, information technologies for business optimization are developing much faster than business information protection technologies.
Using the example of the Internet of Things (simple and industrial), according to forecasts of the analytical center TAdviser together with the State Corporation Rostec, the IIoT market in Russia by 2020 will grow by 360% compared to 2017 and reach an absolute mark of 67 billion rubles.
And this is logical, because IIoT offers unprecedented opportunities to improve the efficiency of production and technological processes, while reducing capital expenditures. Technologies allow enterprises to reduce downtime (up to 10%), reduce maintenance costs, and improve forecasting procedures and prevent equipment failures (by 10%). The company "Rostelecom" has calculated that by 2020-2021. the effect of the introduction of the Internet of things in the real sector of the economy can be up to 0.8-1.4 trillion rubles, thanks to an increase in labor productivity by 10-25% and a reduction in expenses by 10-20%.
At the same time, according to the annual report of the company Positive Technologies, Actual cyber threats 2017 - Trends and forecasts the main object of attack of industrial enterprises is their infrastructure. 79% of all attacks are committed to it. Also, according to the same report, the number of attacks on industrial enterprises increased by 40% in 2018 compared to 2017. The number of attacks directly to the IIoT infrastructure increased by 25%.
Not comforting and criminal statistics - the share of cybercrime in the total number of crimes increased from 4.4% to 8.1% from 2017 to 2018 - this is almost a twofold increase, while only 26% of them were investigated. Source: General Prosecutor's Office of the Russian Federation, On crimes committed with the use of modern information and communication technologies
In such circumstances, the task of ensuring the integrated information security of enterprises, especially those that own objects of critical information infrastructure, should become a priority for the state. At the same time, it is necessary to use an integrated systems approach that affects not only technologies, but also personnel, as well as processes, including regulatory and legislative documents. Source: Kaspersky Lab, Industrial Cyber ​​Security .
It is this systematic approach that is now used by our state and can be clearly traced in the national program “Digital Economy”, which is designed to solve both the tasks of training qualified personnel in the framework of the project “Personnel for the digital economy”, and the task of optimizing the legislative and regulatory framework within the project “ Regulatory regulation of the digital environment ", as well as the development of domestic technologies in the framework of the projects" Information Infrastructure "and" Information Security ".
The latter is intended to solve not only the tasks of development of domestic security technologies, but also the tasks of bringing these technologies to the world market. 77% of project objectives relate to these areas. The third direction of the “IB” project, which is noteworthy, is the task of providing the digital economy of the Russian Federation with domestic ICT developments - 23% of all tasks belong to this direction. Source: Digital Economy Passport .
This suggests that the state considers this issue not only as a guarantor of economic stability, but as a guarantor of national information security and technological independence!
Useful documents and approval dates:
- December 5, 2016 - Approval of the Information Security Doctrine of the Russian Federation
- July 26, 2017 - On the security of the critical information infrastructure of the Russian Federation
- May 7, 2018 - On the national goals and strategic objectives of the development of the Russian Federation for the period up to 2024
- December 24, 2018 - Passport of the Digital Economy Program
PS: The inspiration for the preparation of the report was obtained from the KarevAnton article "The 30th anniversary of rampant insecurity " for which a special thanks to him. Also thanks ArtKad for the link to this article.
CAUTION!!! Next is undisguised marketing.
Based on this understanding of the needs of national security and the "Digital Economy", we at BULAT are building our strategy to provide the market with the most in-demand solutions. For example, decisions on narrowband radio access. For example, we developed the first and, so far, the only domestic LpWAN-module IoT with support for LTE CAT-M1 / NB1 technology, which is recognized as one of the most promising according to the “Concept of building and developing narrow-band wireless communication networks of the“ Internet of things ”in the Russian Federation” . This concept was developed in the framework of the Information Infrastructure project Digital Economy.
The module operates at an LTE 450 MHz frequency and can be used to connect any IoT devices to the enterprise backbone through narrowband wireless access networks.
In order to ensure the protection of the transmitted information, the module uses an IMSP certified to the KB1 level of the requirements of the Federal Security Service of Russia.
At the moment, the main application of the module is the construction of smart power supply networks (Smart Grid). For this task, the module is used in conjunction with specialized IIOT controllers developed by BULAT.
To build core networks of enterprises, we develop a domestic telecommunications platform based on our own circuit design and hardware production, as well as ODM. At the heart of the platform is the first and so far the only domestic network operating system of carrier class BulatOS.
The module operates at an LTE 450 MHz frequency and can be used to connect any IoT devices to the enterprise backbone through narrowband wireless access networks.
In order to ensure the protection of the transmitted information, the module uses an IMSP certified to the KB1 level of the requirements of the Federal Security Service of Russia.
At the moment, the main application of the module is the construction of smart power supply networks (Smart Grid). For this task, the module is used in conjunction with specialized IIOT controllers developed by BULAT.
To build core networks of enterprises, we develop a domestic telecommunications platform based on our own circuit design and hardware production, as well as ODM. At the heart of the platform is the first and so far the only domestic network operating system of carrier class BulatOS.
Source: https://habr.com/ru/post/456098/
All Articles