重大信息安全事件背景下的反竞争情报工作及其启示

Study on the Counterintelligence Work and It's Enlightenment in the Context of Major Information Security Incidents

概述了2010年以来发生的40起重大信息安全事件,剖析了重大信息安全事件给当事方造成的核心信息资产被窃取、财务损失巨大、关键性基础设施遭受破坏以及给供应链系统造成巨大的安全隐患等危害;总结了重大信息安全事件背景下反竞争情报工作的主要做法,即重点管控两类特殊群体以防止内部员工泄密,加强信息安全系统的维护以堵塞信息安全漏洞,防范黑客攻击和斩断黑客利益链条;从重视三大行业的反竞争情报工作,安全漏洞和黑客攻击已成为泄密的主要原因,关键性基础设施的破坏应引起足够的重视,从供应链系统的高度审视信息安全问题,关注泄密事件背后的利益链条等5个方面得出反竞争情报工作的启示。

The paper summarizes 40 major information security incidents since 2010,analyzes such harms to the parties caused by the significant information security incidents as the core information assets stolen, huge financial losses, critical infrastructure damage and great harm to the safety of the supply chain system; summarizes the main practices of the counterintelligence work in the context of major information security incidents, which focuses on the control of two kinds of special groups to prevent internal employees from leaking, strengthens the maintenance of information security system to block information security vulnerabilities and prevents hacker attacks and cuts off the hacker＇s interest chain;and puts forward such five enlightenments for the counterintelligence as paying more attention to the counterintelligence work in three major industries,security vulnerabilities and hacker attacks have become the main reasons for leakage,the destruction of critical infrastructure should be paid much attention, looking at the issue of information security from the perspective of supply chain system, and concerning about the interests chain behind the leak event.