Information technologies in the Tula region

2023

Cyber ​ ​ attacks on the IT systems of the Tula region have become 2 times more frequent, under the "fire" sites on the "1C-Bitrix." How did the region deal with this ?

Information protection in the public sector has never been as relevant as it is now. Yaroslav Rakov, Deputy Chairman of the Government of the Tula Region, Minister for Informatization, Communications and Open Management of the Tula Region, spoke about how it is provided in the region in conditions of increased complexity at an industry event in early October 2023.

The minister cited data that in 2022 the number of cyber attacks on the infrastructure of the regional government increased almost 2 times compared to 2021. In 2023, in the Tula region, they see a decrease in the number of cyber attacks, but at the same time they record that they have become more targeted, and the attackers have begun to approach attacks more prepared.

The main motives of the attacks are the theft of confidential and official information, the placement of campaign messages on web resources, the disabling of interaction services with citizens, including the regional portal of public services.

In recent years, there have also been several waves of mass automatic hacking of organizations' web resources and sites by exploiting the vulnerability of the 1C-Bitrix site management platform in order to post propaganda and illegal information, Yaroslav Rakov noted. In the region, one rural settlement and municipality also fell under this history. But the timely response and the presence of contacts of all resource administrators allows you to quickly repay these resources from the point of view of non-proliferation of information and begin to resolve the incident, the official says.

По данным Ярослава Ракова, в 2022 году почти в 2 раза выросло количество cyber attacks on the infrastructure of the government of the Tula region (photo: portal of the government of the Tula region)

The concept of information security management in the Tula region is based on a centralized comprehensive model for managing information security processes. A specialized department of 40 people was created in the subordinate institution of the ministry, which ensures the protection of all information resources of the government and subordinate institutions, as well as provides technical and methodological assistance to local governments.

The advantages of a centralized approach are that you can quickly and centrally implement the necessary solutions and exercise high-quality control. But there is a difficulty here - the availability of qualified personnel. To overcome the deficit, cooperation is underway with the supporting Tula university, both its employees and employees of subordinate institutions are trained according to the training program agreed with the FSTEC.

To counter modern threats, information protection systems are being improved and developed. Currently, in the Tula region, special attention is paid to such areas as security analysis, identification and elimination of vulnerabilities, security of web resources, monitoring of incidents and security events, monitoring of internal networks and protection of mobile devices.

According to statistics, says Yaroslav Rakov, most attacks on public resources are carried out by exploiting vulnerabilities in software. To counter such attacks, regular measures are taken to analyze security using specialized scanners, as well as libraries provided by FSTEC, FSB, NCCCI.

In order to analyze the security of regional information systems, a security control system has been created and operated, which provides scanning of nodes in order to find vulnerabilities, control the installation of updates and verification of versions of system-wide and application software, as well as an audit of the use of user authentication information, including privileged ones.

Every year, a full audit and penetration tests of the infrastructure of all regional information systems - servers, equipment, workstations, web resources are carried out. And in addition to it, once every six months an audit is carried out in the mode of pentesting servers, telecom equipment and Internet resources of units of the government apparatus of the Tula region and quarterly - an audit of user workplaces.

Yaroslav Rakov said that a centralized security system was created in the person of security administrators assigned to each executive body. And in the case of information security incidents or emergency situations, they solve the problem that has arisen in a specific authority or in a subordinate institution.

To protect the information resources of the Tula region, such tools as application layer firewalls and firewall tools are used. And in order to coordinate actions to protect the information of subordinate and municipal institutions, provide methodological assistance to prevent attacks and various assistance in the event of information security incidents, the ministry has formed a list of responsible persons for all information resources of all public administration organizations.

Monitoring of information security events is carried out automatically around the clock. To detect incidents in a timely manner, the information security analysis and monitoring group operates. To automate their activities, SIEM is implemented, which allows you to centrally receive, analyze and compare security events coming from all security systems and protective equipment. And to organize round-the-clock monitoring of information security events, in particular, at night after hours, analysts of the situation center, who are provided with access to SIEM, are involved in the work.

To develop the used information protection system, a network traffic analysis (NTA) system is being implemented, which allows detecting malicious activity and violation of information security policies within the secure perimeter of the network, including using retrospective traffic analysis.

Corporate means of communication - phones, tablets in compliance with the requirements for information security regulators are also equipped with information protection tools: antiviruses, communication channel protection tools, centralized management of mobile devices.

Since the beginning of 2023, there have been no facts of computer attacks on the infrastructure of the government of the Tula region, says Yaroslav Rakov: all attacks were repelled, and the downtime of the government's IT systems was also not recorded. Critical infections also do not occur, the minister says. To do this, training is carried out periodically, such as phishing mailings to employees of the authorities, "and if people come across our tricks, then they are automatically assigned additional instructions and advanced training on information security issues ."

Executive authorities of the Tula region are switching to the Russian software "MyOffice"

CIT of the Tula region, as well as executive authorities and subordinate institutions of the region, are switching to MyOffice products. Thus, the Center purchased more than 3,500 licenses of the MyOffice Standartny 2 product, some of which have already been deployed. The company "MyOffice" announced this on March 30, 2023. Read more here.

2022: Putin presented the situation center of the governor of the Tula region

On December 23, Russian President Vladimir Putin paid a working visit to Tula. Governor Alexei Dyumin presented to the head of state a situation center, a project to create which was implemented on behalf of the President of Russia.

The technical equipment of the center allows building interaction with authorities of all levels in real time - not only to analyze the socio-economic situation, but also to predict scenarios for its development in the region, Alexey Dyumin emphasized.

Around the clock, the situation center collects, processes and exchanges information in three main areas: comprehensive security, socio-political and socio-economic spheres.

Information on all aspects flocks here. There is an opportunity to go to the situation center of the Ministry of Emergency Situations, the government. At the expense of artificial intelligence, we make the right management decisions. The car lays out two or three options. The decision is up to the head of the subject. The system helps to accept more correct and more reliable, - said the Tula governor.

The center has created more than 150 information and analytical panels for areas of activity, where data on more than 30 thousand indicators are displayed. The data comes from 10 federal and 30 regional systems.

2020: Smart city technologies in the Tula region

Main article: Technologies of the "smart city" in the Tula region

2015

The Tula region began the transition to the SPO. Interview with the Minister for IT

Yaroslav Rakov, who has been the Minister for Informatization, Communications and Open Management of the Tula Region since June, told TAdviser about the region's key IT projects for 2015, the use of free software and the main difficulties that the Tula Region faces during informatization. Read more here.

New Minister for Informatization, Communications and Open Management of the Tula Region - Yaroslav Rakov

In June 2015, Yaroslav Rakov was appointed Minister for Informatization, Communications and Open Management of the Tula Region.

2014: On the course of informatization in the Tula region

Artur Contrabayev, Chairman of the Regional Committee for Informatization and Communications, spoke about the course of informatization in the Tula region in an interview with TAdviser in February 2014. Read more here.

Notes