CRIMINAL LEGAL ENSURING OF SECURITY OF CRITICAL INFORMATION INFRASTRUCTURE OF THE RUSSIAN FEDERATION
DOI:
https://doi.org/10.22478/ufpb.2179-7137.2019v8n6.49193Palavras-chave:
attack, security, information, information infrastructure, critical information infrastructure, government system, computer attack, computer information, security, information security, information protection, crime in the field of computer information, computer crime, digital economy, cybercrimes, cybercrime, cybersecurity, crimesResumo
The article considers the problems associated with the development of new state approaches to ensure the security of critical information infrastructure (hereinafter - the CII) in the context of the existence of threats to their information security, including computer attacks in its regard. We analyzed the main provisions of the Federal Law No. 187-FZ dated July 26, 2017 “On the Safety of the CII of the Russian Federation”.We disclosed the content and essence of the concept of “security of the CII”. It is justified that the security of the CII shall be based on the principles and methodology of ensuring national security. We have developed proposals to classify part of the subjects of economic activity as the CII subjects, as well as offered some additional mechanisms to increase the security of the CII. We proposed to develop and implement: the federal state standard of higher education in the direction of “safety of the CII”; retraining and advanced training courses in the direction of “safety of the CII”; a mechanism for improving the qualifications of officials of the CII subjects on various issues of ensuring its security; security insurance mechanism for the CCI; a mechanism for organizing international, all-Russian, regional and sectoral cyber orders at the CII objects. It has been established that the security of the CII directly depends on the correctness of decision-making in countering computer attacks, the speed and effectiveness of the actions of their entities. It is proved that the criminal law norm on liability for unlawful influence on the CII of the Russian Federation shall be changedDownloads
Não há dados estatísticos.
Referências
Atamanov G. A. Security Methodology // Fund for the Promotion of Scientific Research on Security Problems. [Electronic resource]. – URL: http://naukaxxi.ru/materials/302/
Decree of the President of the Russian Federation No. 683 dated December 31, 2015 "On the National Security Strategy of the Russian Federation" // Official Gazette of the Russian Federation. – 2016. – No. 1 (Part II). – Art. 212.
Tereshchenko L.K. Information Security of Executive Authorities at the Present Stage / L.K. Tereshchenko, O. I. Tiunov // Journal of Russian Law. – 2015. – No. 8. – P. 107.
Federal Law No. 187-FZ dated July 26, 2017 “On the Safety of Critical Information Infrastructure of the Russian Federation” // Official Gazette of the Russian Federation. – 2017. – No. 3 (Part I). – Art. 4736.
Federal Law No. 149-FZ dated July 27, 2006 “On Information, Information Technologies and Information Protection” // Official Gazette of the Russian Federation. – 2006. – No. 3 (Part I). – Art. 3448.
Serdyuk V.A. Some aspects of the protection of APCS / V.A. Serdyuk, I. K. Tarvi // Information Security. – 2017. – No. 6. – P. 12.
Order of the Federal Service for Technology and Export Control of the Russian Federation No. 31 dated March 14, 2014 "On approval of requirements to provision of the information protection in the automated production and technological process control systems at the mission-critical sites, as well as potentially dangerous objects that represent an increased danger to life and health of people and environment" // Russian Newspaper. – 2014. – No. 175.
Order of the Ministry of Telecom and Mass Communications of the Russian Federation No. 264 dated June 14, 2016 “On commissioning of the state information system of housing and communal services” // Official website of the Ministry of Telecom and Mass Communications of the Russian Federation. [Electronic resource]. – URL: http://minsvyaz.ru/ru/documents/5069/
Order of the Federal Agency for Technical Regulation and Metrology No. 14-st dated January 31, 2014 “On the adoption and enforcement of the All-Russian Classifier of Economic Activities (OKVED 2) OK 029-2014 (KDEC Rev. 2) and the All-Russian Classifier of Products by Type of Economic Activity (OKPD 2) OK 034-2014 (KPEC 2008)” // Accounting Annex to the Newspaper "Ekonomika i zhyzn". – 2014. – No. 21.
A computer incident is a fact of violation and (or) termination of the operation of an object of critical information infrastructure, a telecommunication network used to organize the interaction of such objects, and (or) a violation of the security of the information processed by such an object, including that one, having resulted from a computer attack.
GosSOPKA is the state system for detecting, preventing and eliminating the consequences of computer attacks on the information resources of the Russian Federation.
Order of the Federal Service for Technical and Export Control No. 235 dated December 21, 2017 “On approval of the requirements for the creation of security systems for the significant objects of critical information infrastructure of the Russian Federation and ensuring their functioning” // “Official Internet Portal of Legal Information” (www.pravo.gov.ru). February 22, 2018.
Order of the Federal Service for Technical and Export Control No. 227 dated December 6, 2017 “On approval of the procedure for maintaining the register of significant objects of critical information infrastructure of the Russian Federation” // “Official Internet Portal of Legal Information” (www.pravo.gov.ru). February 9, 2018.
Decree of the Government of the Russian Federation No. 127 dated February 8, 2018 “On approval of the rules for categorizing objects of critical information infrastructure of the Russian Federation, as well as a list of indicators of criteria for the importance of objects of critical information infrastructure of the Russian Federation and their values” // Official Gazette of the Russian Federation. – 2018. – No. 8. – Art. 1204.
Decree of the President of the Russian Federation No. 204 dated May 7, 2018 “On National Goals and Strategic Tasks of the Development of the Russian Federation for the Period until 2024” // Official Gazette of the Russian Federation. – 2018. – No. 20. – Art. 2817.
Begishev I. R. Criminological risks of using artificial intelligence / I. R. Begishev, Z. I. Khisamova // All-Russian Criminological Journal. – 2018. – V. 12, No. 6. – P. 767-775.
Wiater P. On the notion of «partnership» in critical infrastructure protection / P. Wiater // European Journal of Risk Regulation. – 2015. – № 6 (2). – P. 255–262.
Hathaway O. A., Crootof R., Levitz P., Nix H. The Law of Cyber-Attack / O. A. Hathaway, R. Crootof, P. Levitz, H. Nix // California Law Review. – 2012. – № 100. – P. 817-886.
Shackelford S. J., Sulmeyer M., Craig Deckard A. N., Buchanan B., Micic B. From Russia with Love: Understanding the Russian Cyber Threat to U.S. Critical Infrastructure and What to Do about It / S. J. Shackelford, M. Sulmeyer, A. N. Craig Deckard, B. Buchanan, B. Micic // Nebraska Law Review. – 2017. – № 96. – P. 320-338.
Albrecht D. Chinese Cybersecurity Law Compared to EUNIS-Directive and German IT-Security Act. When cybersecurity not only protects interests of the masses but ultimately also safeguards national sovereignty / D. Albrecht // Recherchieren unter juris (Das Rechtsportal). – 2018. – P. 1-5.
Orji U. J. Towards the Regional Harmonization of E-Commerce Regulation in Africa A Comparative Analysis of the African Union’s E-Commerce Regime / U. J. Orji // Recherchieren unter juris (Das Rechtsportal). – 2018. – P. 12-22.
Begishev I. R. Problems of combating criminal attacks on information systems of critical and potentially dangerous objects // Information Security of the Regions. – 2010. – No. 1. – P. 9-13.
Cohen-Almagor R. Internet architecture, freedom of expression and social responsibility: Critical realism and proposals for a better future / R. Cohen-Almagor // Innovation: The European Journal of Social Science Research. – 2015. – № 28 (2). – P. 147-166.
The Criminal Code of the Russian Federation No. 63-FZ dated June 13, 1996 (as amended by the Federal Law No. 35-FZ dated February 19, 2018) // Official Gazette of the Russian Federation. – 1996. – No. 25. – Art. 2954.
Reshetnikov A.Yu., Russkevich E. A. On criminal liability for unlawful influence on the critical information infrastructure of the Russian Federation (Art. 274.1 of the Criminal Code of Russia) / A.Yu. Reshetnikov, E. A. Russkevich // Laws of Russia: Experience, Analysis, Practice. – 2018. – No. 2. – P. 51-55
Decree of the President of the Russian Federation No. 683 dated December 31, 2015 "On the National Security Strategy of the Russian Federation" // Official Gazette of the Russian Federation. – 2016. – No. 1 (Part II). – Art. 212.
Tereshchenko L.K. Information Security of Executive Authorities at the Present Stage / L.K. Tereshchenko, O. I. Tiunov // Journal of Russian Law. – 2015. – No. 8. – P. 107.
Federal Law No. 187-FZ dated July 26, 2017 “On the Safety of Critical Information Infrastructure of the Russian Federation” // Official Gazette of the Russian Federation. – 2017. – No. 3 (Part I). – Art. 4736.
Federal Law No. 149-FZ dated July 27, 2006 “On Information, Information Technologies and Information Protection” // Official Gazette of the Russian Federation. – 2006. – No. 3 (Part I). – Art. 3448.
Serdyuk V.A. Some aspects of the protection of APCS / V.A. Serdyuk, I. K. Tarvi // Information Security. – 2017. – No. 6. – P. 12.
Order of the Federal Service for Technology and Export Control of the Russian Federation No. 31 dated March 14, 2014 "On approval of requirements to provision of the information protection in the automated production and technological process control systems at the mission-critical sites, as well as potentially dangerous objects that represent an increased danger to life and health of people and environment" // Russian Newspaper. – 2014. – No. 175.
Order of the Ministry of Telecom and Mass Communications of the Russian Federation No. 264 dated June 14, 2016 “On commissioning of the state information system of housing and communal services” // Official website of the Ministry of Telecom and Mass Communications of the Russian Federation. [Electronic resource]. – URL: http://minsvyaz.ru/ru/documents/5069/
Order of the Federal Agency for Technical Regulation and Metrology No. 14-st dated January 31, 2014 “On the adoption and enforcement of the All-Russian Classifier of Economic Activities (OKVED 2) OK 029-2014 (KDEC Rev. 2) and the All-Russian Classifier of Products by Type of Economic Activity (OKPD 2) OK 034-2014 (KPEC 2008)” // Accounting Annex to the Newspaper "Ekonomika i zhyzn". – 2014. – No. 21.
A computer incident is a fact of violation and (or) termination of the operation of an object of critical information infrastructure, a telecommunication network used to organize the interaction of such objects, and (or) a violation of the security of the information processed by such an object, including that one, having resulted from a computer attack.
GosSOPKA is the state system for detecting, preventing and eliminating the consequences of computer attacks on the information resources of the Russian Federation.
Order of the Federal Service for Technical and Export Control No. 235 dated December 21, 2017 “On approval of the requirements for the creation of security systems for the significant objects of critical information infrastructure of the Russian Federation and ensuring their functioning” // “Official Internet Portal of Legal Information” (www.pravo.gov.ru). February 22, 2018.
Order of the Federal Service for Technical and Export Control No. 227 dated December 6, 2017 “On approval of the procedure for maintaining the register of significant objects of critical information infrastructure of the Russian Federation” // “Official Internet Portal of Legal Information” (www.pravo.gov.ru). February 9, 2018.
Decree of the Government of the Russian Federation No. 127 dated February 8, 2018 “On approval of the rules for categorizing objects of critical information infrastructure of the Russian Federation, as well as a list of indicators of criteria for the importance of objects of critical information infrastructure of the Russian Federation and their values” // Official Gazette of the Russian Federation. – 2018. – No. 8. – Art. 1204.
Decree of the President of the Russian Federation No. 204 dated May 7, 2018 “On National Goals and Strategic Tasks of the Development of the Russian Federation for the Period until 2024” // Official Gazette of the Russian Federation. – 2018. – No. 20. – Art. 2817.
Begishev I. R. Criminological risks of using artificial intelligence / I. R. Begishev, Z. I. Khisamova // All-Russian Criminological Journal. – 2018. – V. 12, No. 6. – P. 767-775.
Wiater P. On the notion of «partnership» in critical infrastructure protection / P. Wiater // European Journal of Risk Regulation. – 2015. – № 6 (2). – P. 255–262.
Hathaway O. A., Crootof R., Levitz P., Nix H. The Law of Cyber-Attack / O. A. Hathaway, R. Crootof, P. Levitz, H. Nix // California Law Review. – 2012. – № 100. – P. 817-886.
Shackelford S. J., Sulmeyer M., Craig Deckard A. N., Buchanan B., Micic B. From Russia with Love: Understanding the Russian Cyber Threat to U.S. Critical Infrastructure and What to Do about It / S. J. Shackelford, M. Sulmeyer, A. N. Craig Deckard, B. Buchanan, B. Micic // Nebraska Law Review. – 2017. – № 96. – P. 320-338.
Albrecht D. Chinese Cybersecurity Law Compared to EUNIS-Directive and German IT-Security Act. When cybersecurity not only protects interests of the masses but ultimately also safeguards national sovereignty / D. Albrecht // Recherchieren unter juris (Das Rechtsportal). – 2018. – P. 1-5.
Orji U. J. Towards the Regional Harmonization of E-Commerce Regulation in Africa A Comparative Analysis of the African Union’s E-Commerce Regime / U. J. Orji // Recherchieren unter juris (Das Rechtsportal). – 2018. – P. 12-22.
Begishev I. R. Problems of combating criminal attacks on information systems of critical and potentially dangerous objects // Information Security of the Regions. – 2010. – No. 1. – P. 9-13.
Cohen-Almagor R. Internet architecture, freedom of expression and social responsibility: Critical realism and proposals for a better future / R. Cohen-Almagor // Innovation: The European Journal of Social Science Research. – 2015. – № 28 (2). – P. 147-166.
The Criminal Code of the Russian Federation No. 63-FZ dated June 13, 1996 (as amended by the Federal Law No. 35-FZ dated February 19, 2018) // Official Gazette of the Russian Federation. – 1996. – No. 25. – Art. 2954.
Reshetnikov A.Yu., Russkevich E. A. On criminal liability for unlawful influence on the critical information infrastructure of the Russian Federation (Art. 274.1 of the Criminal Code of Russia) / A.Yu. Reshetnikov, E. A. Russkevich // Laws of Russia: Experience, Analysis, Practice. – 2018. – No. 2. – P. 51-55
Downloads
Publicado
2019-11-28
Como Citar
R. BEGISHEV, I. .; I. KHISAMOVA, Z. .; I. MAZITOVA, G. . CRIMINAL LEGAL ENSURING OF SECURITY OF CRITICAL INFORMATION INFRASTRUCTURE OF THE RUSSIAN FEDERATION. Gênero & Direito, [S. l.], v. 8, n. 6, 2019. DOI: 10.22478/ufpb.2179-7137.2019v8n6.49193. Disponível em: https://periodicos.ufpb.br/index.php/ged/article/view/49193. Acesso em: 28 dez. 2024.
Edição
Seção
Seção Livre