With technology advances, the interdependence of various infrastructures has increased, which enhances their vulnerabilities. The national information infrastructure security concerns the nation's stability and economic security. Risk assessment methodology was introduced into the safeguard of the information infrastructure, which is prone to terrorist attack. Through the analysis of terrorists’ behaviors and its characteristics, the four steps of risk management were studied in detail using many factual examples. The macroscopic and microscopic countermeasures were developed lately, which attribute to adopting counteractions to reduce the vulnerability and relieve the risk in the modern society caused by terrorist attack.