Modern threats to information and communication systems and methods of protection against them
DOI:
https://doi.org/10.30837/rt.2024.1.216.03Keywords:
information, information security, information and communication systems, information protection, protection methods, threatsAbstract
In the modern world, information and communication systems (ICS) have become an integral part of our lives, processing, storing and transmitting information. However, this dependence makes them extremely vulnerable to various threats. The article examines the current threats that call into question the normal functioning of ICS. The authors emphasise the constant evolution of these threats, which makes them more complex and dangerous. This necessitates constant research and development of new methods and means of information protection, as well as raising awareness of ICS users about cyber threats. The purpose of the article is to study modern ICS threats and develop recommendations for improving the level of information security (IS). The article provides a classification of ICS IS threats by various criteria: by the basic principles of the cybersecurity triad (confidentiality, integrity and availability), by sources of threats (internal and external), by the amount of damage caused (from general to private), by the degree of impact (passive and active) and by the nature of occurrence (natural and artificial). The article reveals the sources of threats to ICS security: unintentional (related to user errors, software failures or hardware failures) and intentional (cyber-attacks aimed at causing damage to ICS). Particular attention is paid to cyberattacks that are becoming more widespread. The authors describe different types of cyberattacks, as well as methods and means of their implementation. An important aspect of the article is the development of recommendations for improving the level of security. Along with the technical aspects of protection, the article considers the importance of implementing organisational measures such as security policy, access control and privilege management. The article also draws attention to the importance of complying with international and national standards for the protection of information in ICS. These measures help to avoid leakage or prevent unauthorised access to valuable information.
References
Основи управління інформаційною безпекою : навч. посіб. / А.М. Гребенюк, Л.В. Рибальченко. Дніпро : Дніпропетр. держ. ун-т внутр. справ, 2020. 144 с..
Закон України «Про основні засади забезпечення кібербезпеки України» від 05.10.2017 № 2163-VIII [Електронний ресурс] / Офіційний Вебпортал Парламенту України. Режим доступу: https://zakon.rada.gov.ua/laws/show/2163-19/ed20171005#Text.
What is an Insider Threat? Definition, Types, & Examples [Електронний ресурс]/ OpenText. Режим доступу: https://www.opentext.com/what-is/insider-threat.
Dashlane. (2024, Лютий 16) [Електронний ресурс] / A guide to External Security Threats in 2024. Режим доступу: https://www.dashlane.com/blog/guide-to-external-security-threats.
RiskOptics. (2022, Жовтень 31) [Електронний ресурс]/ Most Common Types of Network Security Attacks. Режим доступу: https://reciprocity.com/blog/most-common-types-of-network-security-attacks/.
What is a Cryptographic Attack? Your Comprehensive Guide. (2024, Січень 10) [Електронний ресурс] / Packetlabs. Режим доступу: https://www.packetlabs.net/posts/what-is-a-cryptographic-attack/.
Основи інформаційної безпеки : навч. посіб. / В. Б. Вишня, О. С. Гавриш, Е. В. Рижков. Дніпро : Дніпропетр. держ. ун-т внутр. справ, 2020. 128 с.
What is an Information Security Policy? (2023, Квітень 6) [Електронний ресурс]/ UpGuard. Режим доступу: https://www.upguard.com/blog/information-security-policy.
The important role of access control in cyber security. (2021, Квітень 21) [Електронний ресурс] / International Electrotechnical Commission. Режим доступу: https://www.iec.ch/blog/important-role-access-control-cyber-security.
Закон України «Про захист інформації в інформаційно-комунікаційних системах» від 05.07.1994 № 80/94-ВР [Електронний ресурс] / Офіційний Вебпортал Парламенту України. Режим доступу: https://zakon.rada.gov.ua/laws/show/80/94-%D0%B2%D1%80#Text.
Нормативні документи системи ТЗІ. (2023, Березень 9). [Електронний ресурс] / Державна служба спеціального зв’язку та захисту інформації України. Режим доступу: https://cip.gov.ua/ua/news/normativni-dokumenti-sistemi-tzi.
Downloads
Published
How to Cite
Issue
Section
License
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).