Q&A: How to prevent network loss and theft?

The main ways and prevention of computer leakage

The widespread application of computers has promoted the development and progress of society, but it has also brought about a series of social problems. Now, Western developed countries call their societies "fragile societies" due to the widespread use of computers. The vulnerability of computers is generally manifested in many aspects such as computer crime, destruction by hostile countries, accidents and natural disasters, electromagnetic interference, staff errors, and defects in the computer itself. The most prominent manifestation is that secrets are easily leaked and stolen.

(1) The main ways of computer leakage

1. Computer electromagnetic wave radiation leakage

There are four main parts of computer radiation: radiation from the monitor; communication lines ( radiation from the connecting cable), radiation from the host; radiation from the output device (printer). Computers work on high-frequency pulse circuits. Due to changes in the electromagnetic field, electromagnetic waves must be radiated outward. These electromagnetic waves will take the information out of the computer. As long as criminals have the corresponding receiving equipment, they can receive the electromagnetic waves and steal secret information. According to foreign tests, it can receive and restore information from a computer display terminal 1,000 meters away, and can see it clearly. When the microcomputer is working, radiation signals can be received using monitoring equipment 100 meters away from it in an open area. Computer electromagnetic radiation is roughly divided into two categories: the first category is radiation from the computing control and external equipment of the computer, and the frequency is generally in the range of 10 MHz to 1000 MHz. This electromagnetic wave can be received by a receiver in the corresponding frequency band, but other The intercepted information is more complicated to interpret. The second type is the video electromagnetic waves radiated by the cathode ray tube of the computer terminal display, and its frequency is generally below 6.5 MHz. This kind of electromagnetic wave can be directly received by an ordinary TV or a computer of the same model within an effective distance. Receiving or interpreting electromagnetic waves radiated by computers has now become a common secret-stealing technology used by foreign intelligence agencies and has reached a very high level.

2. Computer networking leaks

Computer networking is an important stage in the history of computer development. It enables computers to only classify, process and organize single items of different information in the computer room. , developed to integrate the collection, processing, storage and transmission of information, expanded the application scope of computers, and made the application of computers penetrate into all aspects of society. Computer networks span continents and oceans and can connect computers around the world. Each user can make full use of the large amounts of text, data and image materials stored in each computer through his or her own terminal. The information exchange and knowledge integration brought about by computer networking enable people to make full use of all the knowledge wealth created by all mankind, and the far-reaching impact of this will be inestimable. However, since the data in the computer network structure is shared, there are many leakage loopholes in the communication between hosts and users and between users through lines.

First of all, the computer system implements user identification passwords when "data sharing". Because the computer system recognizes the "code" but not the "person" when distinguishing users, in this way, those unauthorized illegal users Or secret thieves may master user passwords through impersonation, long-term testing or other methods, and then break into networked information systems to steal secrets.

Secondly, after computers are connected to the Internet, transmission lines are mostly composed of carrier lines and microwave lines, which greatly increases the channels and scope of computer leaks. Furthermore, the larger the network, the more branches the line channels will have, the wider the area for transmitting information, and the more convenient the conditions for intercepting the transmitted signals. The spy only needs to conduct the interception on any branch channel or at a certain node or terminal in the network. intercept. You can get the information transmitted by the entire network.

3. Computer media leaks

Computers have amazing storage capabilities. It can transmit, process and store all kinds of information coming in like a lake, and can change a large number of secret documents and information from paper media to magnetic media and optical media. A Chinese character must occupy at least 55 square millimeters, and an integrated circuit memory of the same area can store 500,000 Chinese characters.

In order to process and utilize various information automatically and efficiently, more and more secret data and archive materials are stored in computers.

Computer memory is divided into two types: internal memory and external memory. Internal memory requires fast access speed, and external memory requires large storage capacity. As mentioned above, secret information stored in internal memory can be leaked or stolen through electromagnetic radiation or network exchanges, and a large number of external memories such as magnetic disks, tapes, optical disks, and U disks can easily be illegally tampered with. or copy. Because after a disk has been degaussed more than ten times, there are still ways to recover the original recorded information. When a disk containing secret information is reused, it is likely that the disk's residual magnetism will be illegally used to extract the original recorded information. When a computer fails, the hard drive containing secret information is taken out for repair without processing or supervision, which can lead to leakage of secrets. Putting secret information and non-confidential information on the same media without distinguishing between the obvious and the secret can easily lead to leaks. If disks and other media containing secret information are stolen or taken abroad, a large number of state secrets will be leaked, and the harm will be inestimable. Exam collection

4. Computer staff leak secrets

(1) Ignorant leaks. For example, because you do not know that the electromagnetic wave radiation of the computer will leak secret information, you do not take any measures when the computer is working, thus providing others with the opportunity to steal secrets. Another example is not knowing that the residual magnetism on the computer floppy disk can be extracted and restored, and the floppy disk that once stored secret information is exchanged, thus causing leakage.

(2) Violating rules and regulations to leak secrets. For example, if a malfunctioning computer is not degaussed before being sent for repair, and no dedicated personnel are arranged to supervise the repair, secret data may be stolen. Another example is that because the content stored in computer media lacks observability, it is easy to lose the media due to paralysis of the mind and neglect of management.

(3) Deliberate leakage of secrets. Foreign intelligence agencies often use money to bribe, pornographic inducements and computer workers who incite rebellion against other countries. Stealing secrets from information systems. This is much more effective than using electronic monitoring and attacking networks. If programmers are instigated, they can learn about computer system software confidentiality measures, obtain passwords or keys for using computers, and then break into computer networks and steal important secrets in information systems and databases; if operators are bribed, they can use computers to The files and information of the confidential system are provided to the outside; if the maintenance personnel are threatened, they can use the opportunity to enter the computer or get close to the computer terminal, change the program, install a bug, etc.

(2) Computer confidentiality precautions

Computer confidentiality precautions mainly focus on three aspects: technical, administrative and legal aspects:

1. Technical precautions

(1) Use low-radiation computer equipment. This is a fundamental measure to prevent computer radiation leaks. During the design and production of these devices, radiation protection measures have been taken for components, integrated circuits, connecting wires, and CRTs that may produce information radiation, so as to suppress the information radiation of the equipment to a minimum. limit.

(2) Shielding. According to the amount of radiation and the objective environment, the computer room or the internal components of the host must be shielded. After passing the test, the computer can be turned on again. Enclosing the computer and auxiliary equipment with a gold shielding cage (Faraday cage) and grounding the global shielding cage can effectively prevent electromagnetic wave radiation from the computer and auxiliary equipment. If the above conditions are not met, the area where the computer radiates signals can be controlled and outsiders are not allowed to approach.

(3) Interference. According to the principle of electronic countermeasures, certain technical measures are adopted to use jammers to generate noise and radiate outward together with the information radiation generated by computer equipment. Interfere with the computer's radiation signal, increase the difficulty of reception, restoration and interpretation, and protect the secret information radiated by the computer. If the above conditions are not met, computers that process important information can also be placed in the middle, and computers that process general information can be placed around them. This approach reduces the likelihood that radiation information will be restored by the receiver.

(4) Technical precautions against Internet leaks: First, identity authentication. The computer's identification of users mainly checks the passwords entered by users. Legal users on the network also have access rights issues when using resource information, so the use of passwords must be strictly managed.

Of course, there are other ways to identify users, such as using magnetic cards, fingerprints, voices, retinal images, etc. to identify users. The second is monitoring and alarming. The work status of legal users in the network is recorded in detail. For illegal users, the computer records the number of attempts, time, phone number, etc. to break into the network, and issues an alarm to trace the whereabouts of the illegal users. The third is encryption. The information is encrypted and stored in the computer, and a special calling password is added. In this way, even if the spy breaks through the general password and enters the computer, he will not be able to retrieve the information. During the information transmission process, the information is encrypted (primary or secondary disguise), and the eavesdropper will know nothing even if he intercepts the signal. The fourth is digital signature.

(5) Technical precautions against media leaks: First, prevent copying. Anti-copy technology actually marks the media with special marks, such as laser spots, perforations, fingerprint technology and other special marks on the disk. This special mark can be identified by the encrypted program, but cannot be easily copied. The second is encryption. Encrypt the files in the media so that they cannot be retrieved by conventional methods. Since ciphertext encryption has not yet formed a complete system in theory, there are many encryption methods and there are no certain rules to follow. They can usually be divided into substitution ciphers, transposition ciphers and bar product ciphers. The third is degaussing. Exam summary

2. Administrative management

(1) Establish a strict computer room management system and prohibit irrelevant personnel from entering and exiting the computer room at will. The central control room of the network system should have strict access. system. At the same time, the location of the computer room must be safe and reliable, and the computer rooms of important departments must have necessary security measures.

(2) Specify hierarchical usage rights. First of all, computer centers and computer data are classified into confidentiality levels and different management measures are adopted. Secret information cannot be processed in public computer centers, and data with high confidentiality levels cannot be processed in computer centers with low confidentiality levels. Secondly, regulations are provided based on the different situations of users. Different usage levels, low-level computer rooms cannot perform high-level operations; in system development, system analysts, programmers and operators should separate their responsibilities so that there are as few people as possible who are aware of the overall situation.

(3) Strengthen the management of media. Media containing secret documents should be managed as confidential documents of the same level, and their copying, printing, borrowing, storage, and destruction should comply with relevant regulations. Do not mix secret files and public files on the same floppy disk. If files with different confidentiality levels are recorded at the same time, they should be managed according to the highest level of confidentiality. At the same time, the disks where secret files were temporarily stored during the operation and the waste paper printed during the debugging operation should also be properly handled.

(4) Strengthen the management of staff. Because the equipment is controlled by people, the system is formulated and followed by people. Regarding personnel issues, we must first firmly establish the concept of confidentiality to make them realize the importance and urgency of confidentiality issues in the new era, thereby enhancing the awareness of keeping state secrets. Confidentiality education must be carried out frequently and unremittingly; personnel selection and daily inspections must be done well, and those who are unqualified must be resolutely used. Problems found among existing staff must be dealt with promptly and resolutely transferred to ensure the purity of the team. Be lean and efficient; invest well in intelligence, continuously improve the scientific and technical level of users and managers, so that they can truly understand the performance of all equipment and master the knowledge and preventive measures to prevent leaks; use and create opportunities to expand their knowledge and enhance Initiative, reduce blindness to prevent leaks due to ignorance; we must also establish a reward and punishment system, conduct regular assessments, reward the good and punish the bad, and improve the incentive mechanism.

3. Legal supervision

Computer confidentiality prevention must be based on laws and regulations. At present, our country has the "Confidentiality Law", "Regulations on the Security Protection of Computer Information Systems" and "Interim Provisions on the Management of International Networking of Computer Information Networks". In accordance with regulations and requirements, do a good job in computer confidentiality and prevention, and do not use computers to engage in illegal and criminal activities that endanger national security or leak state secrets

Reference: /ms/jingyan/20081009/093915915.html