摘要
在水利部组织的网络安全攻防演练中,攻防双方的技术水平和对抗能力在博弈中不断升级。介绍攻防演练的组织模式及红蓝紫三方在攻防演练中的职责与任务,描述攻击方在情报收集、据点建立、横向移动3个阶段常用的攻击策略和战术,并以海河水利委员会参与的攻防演练防守工作为例,探讨防守方在战前准备、实战应对和总结整改3个阶段应采取的措施和应对部署,提出在防守准备阶段要从技术、管理和运营等方面自查并优化安全策略,在实战应对阶段加强专项值守、分析研判、运维管理、应急处置等。通过实战演练,可进一步提高演练双方网络安全防护能力。
During the attack and defense of cyber security drill organized by the Ministry of Water Resources,both of the attackers and the defenders improved their technical level and confrontation capabilities.This paper introduces the organization model of the attack and defense of cyber security drill as well as the responsibilities and tasks of the red,blue and purple party during the drill.It focuses on describing the most commonly adopted attack strategies and tactics during such three attack phases as intelligence gathering,foothold building and lateral movement of the attacker.Moreover,taking the defensive work of Haihe River Conservancy Commission(HWCC)in attack and defense drills as an example,this paper discusses the countermeasures and arrangement that shall be adopted by the defender during the pre-war stage,the actual combat stage and the summary stage.It especially proposes that during the pre-war stage,the defender should conduct self-examination from various aspects such as technology,management and operation based on current safe operation work.While in the stage of actual combat,the defender shall strengthen itself with respect to special guard,analysis and judgment,operation and maintenance and emergency disposal and so on.
作者
黄锐
王妍
谷立成
赵满胜
HUANG Rui;WANG Yan;GU Licheng;ZHAO Mansheng(Information Network Center of Water Commission,Haihe Water Conservancy Commission,the Ministry of Water Resources,Tianjin 300170,China)
出处
《水利信息化》
2020年第6期27-31,共5页
Water Resources Informatization
关键词
水利网络安全
攻防演练
海委防守应对
组织模式
攻防阶段
cyber security of water conservancy
attack and defense drills
defensive response of HWCC
organization pattern
offensive and defensive phase