9 » IC Electronic information » Category: T

IC Electronic information

Talking about network attacks under control requirements of power companies

In Electronic Infomation Category: T | on April 20,2011

Abstract: intrusion, network attacks and LMV339M datasheet and described the concept of cyber attacks, described the development trend of network attacks, network attacks on a brief analysis of common means. According to the actual situation of their own power and LMV339M price and the development of information security requirements, refer to the related field of information security management system, management practices and LMV339M suppliers and techniques, combined with the power industry of information security management systems and industry standards, from the system and management procedures, grade protection, information security management system, production control large areas, critical systems and related technology, and some control requirements for the industry reference.

0 Introduction

Advanced network technology today, the network attack as a war of no smoke. Just hit the computer side, the available network technology to carry out the attacks, the cost is very low. However, suffered the attack side, after a full investigation needs to pay a high price. Professor Jayakumar

dialogue with the business community to DBS Bank computer system failures, for example, that the severity of cyber attacks, thought-provoking. July 2009 South Korea and the United States has suffered a number of sites up to several days of cyber attacks and paralysis. That attack has not yet caused serious economic losses, has led to the loss of government policy information and online services were severely disrupted. South Korea NIS told the Korea-US large-scale attacks on the Internet "network attack" made a public speech. South Korean media that the "network attack can destroy a countrys age is coming." British Journal of Politics "The Economist" through "countries to begin negotiations on disarmament in time to the network," a text, called the world face the risk of cyber attacks, by strengthening international cooperation to prevent cyber warfare, to ensure network security. According to the U.S. Defense Department official said the U.S. suffered cyber attacks in the amount of data stolen from the Library of Congress is equivalent to several times the amount of information. Attack the problem in a network * assessment meeting, Jim Miller (Jim Miller), said more than 100 foreign spy agencies are trying to penetrate U.S. computer systems. "Washington Post" reported that U.S. Secretary of State Hillary Clinton on "Internet freedom" in a speech strongly condemning the U.S. economy and threaten national security interests of network attacks.

Power facilities is the countrys most important public infrastructure, effective development of regional electricity production control and management information regions overall security policy and control requirements of power enterprises to improve capacity and overall information security level of protection to prevent Network attacks have destroyed a very important significance.

1 related concept

1.1 Network Intrusion

Use of network intrusion is unauthorized access to computer systems, that is, the attacker through illegal means, procedures or tools to obtain permission to use the system resources. The purpose of

intrusion can be divided into: made use of the system storage capacity, processing power or authority to access the contents of their storage, destruction of the system, so the loss of service capacity, or as a springboard into other systems and so on.

1.2 attacks

Network attack is the use of the system loopholes, security flaws or vulnerabilities of systems and resources to attack the network system confidentiality, integrity, availability, controllability and repudiation of harm behavior.

Network attacks can be divided into: information leakage attacks, damage the integrity of attacks, denial of service attacks, illegal use of attacks, passive attacks, active attacks, inability to close attacks, insider attacks and distributed attacks.

The whole process of network attack is: attackers and apply some of the attack tools (including the strategies and methods of attack), attack the target network systems operation, up to a certain attack effect, to achieve the purpose of the attacker against default.

1.3 cyber attacks

Cyber ??attacks is a large-scale network attacks, the concept is basically the same as network attacks. But they differ in focus, the network focused on surprise attacks and large-scale, and network attacks is not so sudden, not a scale.

Sense, the network attack is a network of a political nature destruction, its main purpose is to be severely damaging the attackers, resulting in adverse social consequences.

2 network attack trends

With the rapid development of network technology, information security incident intensified, various types of network attacks after another, from the skilled to the covert network into a more phishing attacks, from the use of system vulnerabilities and system vulnerabilities to the use of the kinds of Trojans, the broken ring is also growing.

Cyber ??attacks as a large-scale network attacks, and its development trend [1] in general are: the security vulnerabilities discovered and excavated the system faster and faster, wider and wider coverage; more attack tools and means of attack and more complex and difficult to detect; substantial increase in degree of automation attack, attack faster and faster, the rapid increase in destructive and destructive; have increasingly high penetration of the firewall; the formation of the network infrastructure more to the greater threat; increasing the degree of the scale, purpose is very clear; political is becoming increasingly concentrated.

3 common means of network attacks

Cyber ??attacks is a large-scale network attacks, the common means are: software vulnerabilities, threats to the internal implant, logic bombs, Trojan horses, forged hardware, software piracy, the tunnel attacks, backdoor programs, continuous scanning, dictionary scanning, digital scanning, data recovery, botnets, electromagnetic pulse weapons, bacteria *, deception-based attacks, distributed denial of service, rabbits * and social engineering.

4 power enterprise information security control requirements

4.1 system and management procedures required

Optimize documents related systems, to further improve the corporate network and information security management program, will control the network attacks and countermeasures required file system into which the enterprise. Attacks against the network to control levels required to implement the first from the file, and then gradually to reach levels from the executive to implement.

4.2 grade protection requirements

According to Ministry of Public Security issued the "information security technology level of protection of basic information system security requirements" [2], combined with "information security technology level of protection of information system security classification guide", "information security technology level of protection of information system security implementation guide "," information security technology protection measure information system security level * Guidelines "and the" level of information security technology information system technical requirements for protection of the safe design, "etc., to partition, Fenwick, focusing on prevention and defense in depth principle of combining, in general planning the enterprise information system for the overall protection level of protection programs, and then classification of the various information systems and operational importance of the situation, develop appropriate solutions and implement special security protection, so that the level of information systems to achieve the appropriate level of security protection requirements, enhance the overall level of information system security.

4.3 Information Security Management System Requirements

Information security management system requirements:

according to ISO 27001 standards and the national standard, "Information technology - Security techniques - Information security management systems - Requirements" [3], the full establishment of ISMS Information Security Management System; enhance corporate network against attacks on the degree of attention from the fight against terrorism Altitude of the possible harm to cyber attacks; specific cyber attacks, cyber attacks, terrorist attacks, the relationship and differences between, and strengthen network security attacks and corporate similarities and differences between workplace; from a strategic perspective to enhance enterprise network and information security of the important sex, so that integration of information security to the corporate culture; carry full information security training, the training will include information security system and power plant employees basic safety induction training Authorized Training System, a comprehensive information security awareness training of staff, although possible to fundamentally eliminate human error led to information security incidents.

4.4 production control region required Region

production control requirements: the implementation of "Second Power System Security requirements (SERC 5 orders)"; use gateway [4] In the production control and management information region between the implementation of the logic of strong regional isolation; to take "safety partition, network-specific, horizontal separation, vertical certification" principle; enhance production control region (including DCS system) network border security, the development of effective control strategy to enhance the capacity of internal security; prohibition of the production control of large areas through remote access for maintenance.

4.5 Important system control requirements

Important information on the enterprise systems, ensuring the systems normal access to the premise of the business, it can strengthen the implementation of some of the security management strategy, such as: ERP of the system.

ERP system against the system for remote maintenance. Necessary, in a safe condition, while in a control may be appropriate for remote maintenance operations. OA system. OA system because the system has saved a large number of corporate secret documents, to strengthen the control of OA system security and authorization. Meanwhile, the implementation of the document encrypted transmission and storage. external portal system. The system level of protection in accordance with basic requirements of information systems (III) to carry out the external portal system level testing and rectification of building work *. Prohibit the use of an external IP address for remote management, information expressly prohibited transmission, measures to strengthen the audit logs, creating a website linked to horse monitoring mechanism.

4.6 related technology control requirements

Related technology control requirements: the implementation of network access system, the construction of online access systems; improve network defense * Monitoring and killing malicious software system construction, strengthening, and detect and block botnet backdoor efforts; cloth Department network honeypot [5], IDS / IPS system to enhance the ability to resist the network type of attack; traffic statistics and control system deployment, Internet behavior management system, UTM system; strengthening the server, database and desktop terminal security level; Web Security Gateway deployments, the use of firewalls to implement logic isolation; enhance application layer security, tamper-resistant capacity-building site; strengthen the system backup, disaster recovery system, to develop business continuity plans; strengthen the emergency response system , regularly carry out emergency drills work; IT audit work undertaken to improve the work of IT audit system; upgrade our network and information security software R & D capabilities to develop software development security management practices; strengthen document security building, deploying the implementation of document encryption system, from to control the document root of the occurrence of leaks; enhance new IT technologies, new products applied research capacity, to grasp the field of information security development trend of new technology; strengthen information security and external professional organizations and institutions of strategic cooperation.

5 Conclusion

With the rapid development of network technology, and social improvement in the level of information, the social network destructive attacks will become more serious. From a technical, management, security system, put forward a series of levels of protection, management and control requirements of power enterprises to enhance overall information security level. However, as IT development and application of new technologies, network attacks, attacks, attacks would have a new change. Possible future network attacks on the new changes, how to further reasonable and effective information security controls required to protect the safety of power enterprises, but also needs further study.

LMV339M datasheetLMV339M suppliersLMV339M Price

All right © 2010-2016 Certificate