STM Savunma Teknolojileri M\u00fchendislik ve Ticaret A.\u015e. b\u00fcnyesinde bulunan Siber F\u00fczyon Merkezi (SFM), y\u0131l\u0131n her \u00e7eyre\u011finde bir kez “STM ThinkTech Siber Tehdit Durum Raporu” haz\u0131rl\u0131yor. Merkez taraf\u0131ndan haz\u0131rlanan ve son \u00fc\u00e7 ayl\u0131k s\u00fcreci kapsayan \u00fc\u00e7\u00fcnc\u00fc \u00e7eyrek raporuna g\u00f6re, siber sald\u0131rganlar pandemi s\u00fcrecinde sald\u0131r\u0131lar\u0131n\u0131 art\u0131rd\u0131. STM Siber G\u00fcvenlik M\u00fcd\u00fcr\u00fc Kadir Murat Bi\u00e7er, STM b\u00fcnyesinde bulunan Siber F\u00fczyon Merkezi’nin \u00e7al\u0131\u015fmalar\u0131 ve merkez taraf\u0131ndan haz\u0131rlanan \u201cSTM ThinkTech Siber Tehdit Durum Raporu\u201d hakk\u0131nda \u0130hlas Haber Ajans\u0131 muhabirine \u00f6zel a\u00e7\u0131klamalarda bulundu. Bi\u00e7er, Siber F\u00fczyon Merkezi’nin (SFM) Siber \u0130stihbarat Merkezi, Siber Operasyon Merkezi ve Zararl\u0131 Yaz\u0131l\u0131m Analiz Laboratuvar\u0131 dahil olmak \u00fczere 3 alt merkezden olu\u015ftu\u011funu anlatarak, merkezin 2016 y\u0131l\u0131ndan beri hizmet verdi\u011fini s\u00f6yledi.<\/p>\n\n\n\n
Siber F\u00fczyon Merkezi’ni olu\u015fturan alt merkezler hakk\u0131nda bilgiler payla\u015fan Bi\u00e7er, \u201cBir siber olay g\u00f6z \u00f6n\u00fcne al\u0131nd\u0131\u011f\u0131 zaman Siber \u0130stihbarat Merkezi; olay olmadan \u00f6nce olayla ilgili bulgular\u0131n tespit edilmesi, proaktif davran\u0131lmas\u0131 i\u00e7in, Siber Operasyon Merkezi; mevcut verilerin incelenerek bir olay olup olmad\u0131\u011f\u0131n\u0131n tespiti i\u00e7in, Zararl\u0131 Yaz\u0131l\u0131m Analiz Laboratuvar\u0131 ise; olay sonras\u0131 olaya y\u00f6nelik bulgularda detayl\u0131 bir \u00e7al\u0131\u015fma yap\u0131lmas\u0131 gerekiyorsa o taraf\u0131 i\u00e7erecek \u00e7al\u0131\u015fmalar yapan merkezimizdir. Bu \u00fc\u00e7 merkezde birbiriyle ili\u015fkili ve entegre vaziyette \u00e7al\u0131\u015fmaktad\u0131r\u201d ifadelerini kulland\u0131.<\/p>\n\n\n\n
Siber sald\u0131r\u0131lar\u0131n her zaman g\u00fcndemde oldu\u011funu dile getiren Bi\u00e7er, \u201cDijitalle\u015fen d\u00fcnya i\u00e7erisinde dijital ortam\u0131n ula\u015ft\u0131\u011f\u0131 ve birbirleriyle etkile\u015fim i\u00e7erisinde bulundu\u011fu t\u00fcm ortamlarda siber sald\u0131r\u0131lar meydana gelecektir. Bu i\u015fin do\u011fas\u0131 gere\u011fi m\u00fcmk\u00fcnd\u00fcr\u201d diye konu\u015ftu.<\/p>\n\n\n\n
\u201cPandemi s\u00fcreci siber sald\u0131rganlara sald\u0131r\u0131 yapaca\u011f\u0131 atak y\u00fczeylerini art\u0131rmas\u0131 anlam\u0131nda katk\u0131 verdi\u201d
Pandemi d\u00f6neminin dijitalle\u015fmeyi biraz da olsa \u00f6ne ald\u0131\u011f\u0131n\u0131 ve dijitalle\u015fme ile ilgili temel ad\u0131m\u0131n at\u0131lmas\u0131n\u0131 sa\u011flad\u0131\u011f\u0131n\u0131 aktaran Bi\u00e7er, bunun siber sald\u0131rganlara sald\u0131r\u0131 yapaca\u011f\u0131 atak y\u00fczeylerini art\u0131rmas\u0131 anlam\u0131nda katk\u0131 verdi\u011fini vurgulayarak, \u201cPandemi d\u00f6neminde de siber sald\u0131r\u0131lar\u0131n artt\u0131\u011f\u0131na y\u00f6nelik 2020’nin ikinci d\u00f6nem raporunda da ayr\u0131nt\u0131l\u0131 olarak ele ald\u0131\u011f\u0131m\u0131z \u015fekilde sald\u0131rganlar ba\u015fta \u2018oltalama e-postalar\u0131’ kullanmak \u00fczere sald\u0131r\u0131lar\u0131na devam etmi\u015fler\u201d \u015feklinde konu\u015ftu.<\/p>\n\n\n\n
Sald\u0131r\u0131lar\u0131n sadece u\u00e7 nokta kullan\u0131c\u0131lar\u0131na olmad\u0131\u011f\u0131n\u0131 s\u00f6yleyen Bi\u00e7er, \u201cBunlarla birlikte bu sald\u0131rganlar\u0131n a\u015f\u0131 \u00e7al\u0131\u015fmalar\u0131 yapan enstit\u00fcler, hastaneler, akademilere de benzer sald\u0131r\u0131lar yapt\u0131klar\u0131n\u0131 tespit ettik. Bununla ilgili g\u00fcncel durumu da \u00fc\u00e7\u00fcnc\u00fc \u00e7eyrek raporumuza yans\u0131tt\u0131k. STM olarak biz kullan\u0131c\u0131 baz\u0131nda fark\u0131ndal\u0131\u011f\u0131 art\u0131r\u0131rken, sistem y\u00f6neticisi ve g\u00fcvenlik y\u00f6neticileri baz\u0131nda da onlar\u0131n ihtiya\u00e7 duyacaklar\u0131 bilgileri ve teknik raporlar\u0131, Tehdit Durum Raporlar\u0131 i\u00e7erisinde payla\u015fmaktay\u0131z\u201d aktar\u0131m\u0131nda bulundu.<\/p>\n\n\n\n
\u00dc\u00e7\u00fcnc\u00fc \u00e7eyrek olarak bak\u0131lan Temmuz-A\u011fustos ve Eyl\u00fcl 2020’yi kapsayan raporu da \u00e7\u0131kard\u0131klar\u0131n\u0131 belirten Bi\u00e7er, \u201cRapor i\u00e7erisinde pandemi d\u00f6neminde sald\u0131rganlardaki yeni davran\u0131\u015f, yeni trendler, \u00f6zellikle sald\u0131r\u0131lar\u0131n nerelerde artt\u0131\u011f\u0131 ve evdeki be\u015fikten otomobillere, televizyon, buzdolab\u0131 ve di\u011fer b\u00fct\u00fcn sistemlerde yer alan nesnelerin interneti olarak g\u00f6rd\u00fc\u011f\u00fcm\u00fcz \u0130nternet of Things (IoT) sistemlerine y\u00f6nelik yap\u0131lan sald\u0131r\u0131lar sonucunda nelerin olabilece\u011fine y\u00f6nelik vakalara da tehdit raporumuzda yer verdik. Teknik olarak vermi\u015f oldu\u011fumuz raporlar\u0131n yan\u0131 s\u0131ra kullan\u0131c\u0131 fark\u0131ndal\u0131\u011f\u0131n\u0131 art\u0131racak \u015fekilde bilgiler i\u00e7eren raporlar\u0131m\u0131za da yer vermeye \u00e7al\u0131\u015ft\u0131k\u201d dedi.<\/p>\n\n\n\n
2020 y\u0131l\u0131n\u0131n \u00fc\u00e7\u00fcnc\u00fc Tehdit Durum Raporu’nda d\u00f6nem konusu olarak \u201cSiber Durumsal Fark\u0131ndal\u0131k\u201d konusunu \u00f6n plana \u00e7\u0131kard\u0131klar\u0131n\u0131 kaydeden Bi\u00e7er, Siber Durumsal Fark\u0131ndal\u0131k hakk\u0131nda bilgiler payla\u015farak, \u015funlar\u0131 aktard\u0131:<\/p>\n\n\n\n
\u201cFark\u0131ndal\u0131k kelimesi bir siber ortam i\u00e7erisinde \u00e7ok ciddi bir kelime, bunu biz normalde kullan\u0131c\u0131lar i\u00e7in kullanmaktay\u0131z. Kullan\u0131c\u0131lar \u2018oltalama e-postalar\u0131na t\u0131klamas\u0131nlar, ne oldu\u011funu bilmedikleri dok\u00fcmanlar\u0131 a\u00e7mas\u0131nlar, dosyalar\u0131 a\u00e7mas\u0131nlar’ diye bunu hep kullan\u0131c\u0131 olarak s\u00f6ylemekteyiz. \u2018Fark\u0131ndal\u0131k’ dendi\u011finde biraz daha kullan\u0131c\u0131lar hedefleniyor gibi bir alg\u0131 olu\u015fmakta. Siber durumsal fark\u0131ndal\u0131kta ise bizim burada ki hedefledi\u011fimiz; \u00f6zellikle sistemleri y\u00f6neten, sistemlerin g\u00fcvenli\u011fini alan, sistemlerin hakimiyetini sa\u011flayan birimler, ki\u015filer. Durumsal fark\u0131ndal\u0131ktaki ama\u00e7 ise y\u00f6netilen sistemlerin veya g\u00fcvenlikleri al\u0131nan sistemlerin ne durumda oldu\u011funun anl\u0131k olarak bilinebilmesi, y\u00f6netilen sistemler i\u00e7erisindeki hareketlerin g\u00f6r\u00fclebilmesi, g\u00f6r\u00fclen hareketler \u00fczerinde otomatik veya manuel olarak aksiyonlar\u0131n al\u0131nabilmesi, bu tarz siber olaylar\u0131n hem \u00f6nceden tespit edilmesi hem an\u0131nda tespit edildikten sonra bunlar\u0131n ortadan kald\u0131r\u0131lmas\u0131 i\u00e7in neler yap\u0131labilece\u011fiyle ilgili konular\u0131 \u00f6n tarafa \u00e7\u0131karmaya \u00e7al\u0131\u015ft\u0131k. Durumsal fark\u0131ndal\u0131\u011f\u0131n art\u0131r\u0131lmas\u0131yla da son kullan\u0131c\u0131lar\u0131n elindeki ba\u015fta nesnelerin interneti dedi\u011fimiz IoT cihazlar\u0131n kullan\u0131m\u0131 dahil, kendi kulland\u0131\u011f\u0131m\u0131z sistemler, yaz\u0131l\u0131mlar, buralardaki hata yapma ihtimalleri azalacakt\u0131r.\u201d<\/p>\n\n\n\n
\u201c2030 y\u0131l\u0131na kadar d\u00fcnya \u00fczerinde 25 milyar IoT cihaz\u0131n\u0131n birbirine ba\u011fl\u0131 \u00e7al\u0131\u015fmas\u0131 \u00f6ng\u00f6r\u00fcl\u00fcrken, bu IoT cihazlar\u0131na kay\u0131ts\u0131z kalmadan m\u00fcmk\u00fcn oldu\u011fu kadar \u00f6nden gerekli g\u00fcvenlik tedbirlerinin al\u0131nmas\u0131 i\u00e7in \u00e7aba sarf edilmesi gerekti\u011fine inan\u0131yoruz\u201d
Kendilerinin hep \u201cson kullan\u0131c\u0131lar fark\u0131nda olsun, son kullan\u0131c\u0131 hata yapmas\u0131n\u201d diye d\u00fc\u015f\u00fcn\u00fcrken, halihaz\u0131rda sistem y\u00f6neticilerinin, g\u00fcvenlik y\u00f6neticilerinin alacaklar\u0131 g\u00fcvenlik seviyelerini, olgunluklar\u0131n\u0131 art\u0131rmak i\u00e7in \u00e7aba sarf ettiklerini vurgulayan Bi\u00e7er, \u201cNesnelerin interneti burada \u00e7ok \u00f6nem ta\u015f\u0131yor. Raporumuzda \u00f6zellikle belirttik. Nesnelerin interneti i\u00e7erisinde yap\u0131labilecek sald\u0131r\u0131lar\u0131, tespit edilen zafiyetleri de belirttik. Raporda yine nesnelerin interneti i\u00e7erisinde, evlerimizde de kullan\u0131lan sesli asistanlar\u0131n lazer \u0131\u015f\u0131klar\u0131yla nas\u0131l hack edilebilece\u011fi, nas\u0131l farkl\u0131 komutlarla \u00e7al\u0131\u015ft\u0131r\u0131labilece\u011finden bahsettik. \u00d6n\u00fcm\u00fczdeki d\u00f6nemde 2030 y\u0131l\u0131na kadar d\u00fcnya \u00fczerinde 25 milyar IoT cihaz\u0131n\u0131n birbirine ba\u011fl\u0131 \u00e7al\u0131\u015fmas\u0131 \u00f6ng\u00f6r\u00fcl\u00fcrken, bu IoT cihazlar\u0131na kay\u0131ts\u0131z kalmadan m\u00fcmk\u00fcn oldu\u011fu kadar \u00f6nden, gerekli g\u00fcvenlik tedbirlerinin al\u0131nmas\u0131 i\u00e7in \u00e7aba sarf edilmesi gerekti\u011fine inan\u0131yoruz\u201d de\u011ferlendirmesinde bulundu.<\/p>\n\n\n\n
STM olarak \u00f6zellikle sa\u011fl\u0131k alan\u0131nda medikal taraftaki IoT cihazlar\u0131n g\u00fcvenli\u011fine y\u00f6nelikte bir proje ba\u015flatt\u0131klar\u0131n\u0131 ve sona yakla\u015f\u0131ld\u0131\u011f\u0131n\u0131 bildiren Bi\u00e7er, \u201cBununla ilgili birka\u00e7 hastaneyle birlikte \u00e7al\u0131\u015fmalar\u0131m\u0131z\u0131 y\u00fcr\u00fctmekteyiz. Sa\u011fl\u0131k sekt\u00f6r\u00fcne \u00f6nem vermemizin sebebi, insan g\u00fcvenli\u011finin her \u015feyden \u00f6nce gelmesi. Ama sa\u011fl\u0131k sekt\u00f6r\u00fcnde bu \u00e7al\u0131\u015fmalar\u0131 b\u0131rakmadan di\u011fer, kurumsal, end\u00fcstri yap\u0131da kullan\u0131lan IoT cihazlar veya ev ortamlar\u0131nda, okul ortamlar\u0131nda kullan\u0131lan IoT cihazlar\u0131nda g\u00fcvenli\u011fini alacak \u015fekilde projeyi geli\u015ftirmeye devam edece\u011fiz. Bununla ilgili \u00e7al\u0131\u015fmalar\u0131m\u0131z yine devam edecek\u201d diye konu\u015ftu.<\/p>\n\n\n\n
\u201cSTM olarak temel hedefimiz \u00f6zellikle b\u00fcy\u00fck siber g\u00fcvenlik projelerini \u00e7\u00f6z\u00fcm odakl\u0131 herhangi bir \u00fcr\u00fcn ya da partnerle beraber olmadan \u00e7\u00f6z\u00fcm odakl\u0131 olu\u015fturmak, bununla ilgili olu\u015fturulan g\u00fcvenlik projeleri i\u00e7erisinde olgunluk seviyelerini y\u00fckseltecek \u015fekilde dan\u0131\u015fmanl\u0131k e\u011fitimlerini vermek, bu sistemler i\u00e7erisinde proaktif davranacak \u015fekilde tehdit istihbarat\u0131 sa\u011flay\u0131p, olay sonras\u0131nda m\u00fcdahale edecek \u015fekilde olay m\u00fcdahale hizmetlerini verebilmek ki zaten bunlar\u0131n hepsini sa\u011flamaktay\u0131z. Sa\u011flam\u0131\u015f oldu\u011fumu bu \u00fcr\u00fcn ve \u00e7\u00f6z\u00fcmleri daha geni\u015f bir alana yaymak ve yurt d\u0131\u015f\u0131 ihracat\u0131 ile bu bilgi birikimini di\u011fer \u00fclkelere de aktarabilmek, ba\u015fta IoT sistemler olmak \u00fczere g\u00fcvenlik taraf\u0131nda az e\u011filinmi\u015f alanlarda yeni projeler \u00fcreterek bunlara y\u00f6nelik yetenekler kazanmakt\u0131r. Bununla birlikte yine kullan\u0131c\u0131 fark\u0131ndal\u0131\u011f\u0131n\u0131 art\u0131racak \u015fekilde raporlar \u00e7\u0131karmakta ve \u2018CTF’ diye s\u00f6yledi\u011fimiz \u2018bayra\u011f\u0131 yakala’ yar\u0131\u015fmalar\u0131 yapmaktay\u0131z. Bayra\u011f\u0131 yakala yar\u0131\u015fmam\u0131z 30 Ekim’de ba\u015flayacak. STM ile \u00f6zle\u015fen STM CTF’in bu y\u0131l 6’nc\u0131s\u0131n\u0131 d\u00fczenlemekteyiz. Bundan \u00f6nceki senelerde 200’e yak\u0131n tak\u0131m kat\u0131ld\u0131. Bu y\u0131lda benzer kat\u0131l\u0131m olaca\u011f\u0131n\u0131 varsay\u0131yoruz. Konuyla ilgili b\u00fct\u00fcn gen\u00e7leri yar\u0131\u015fmam\u0131za bekliyoruz.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"
STM Siber G\u00fcvenlik M\u00fcd\u00fcr\u00fc Kadir Murat Bi\u00e7er, \u201cPandemi s\u00fcreci siber sald\u0131rganlara sald\u0131r\u0131 yapaca\u011f\u0131 atak y\u00fczeylerini art\u0131rmas\u0131 anlam\u0131nda katk\u0131 verdi\u201d dedi. STM Savunma Teknolojileri M\u00fchendislik ve Ticaret A.\u015e. b\u00fcnyesinde bulunan Siber F\u00fczyon Merkezi (SFM), y\u0131l\u0131n her \u00e7eyre\u011finde bir kez “STM ThinkTech Siber Tehdit Durum Raporu” haz\u0131rl\u0131yor. Merkez taraf\u0131ndan haz\u0131rlanan ve son \u00fc\u00e7 ayl\u0131k s\u00fcreci kapsayan \u00fc\u00e7\u00fcnc\u00fc […]<\/p>\n","protected":false},"author":1,"featured_media":1541142,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25,1],"tags":[],"class_list":["post-1541141","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-erzurum-haber","category-gundem"],"_links":{"self":[{"href":"https:\/\/www.erzhaber.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/1541141","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.erzhaber.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.erzhaber.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.erzhaber.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.erzhaber.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1541141"}],"version-history":[{"count":0,"href":"https:\/\/www.erzhaber.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/1541141\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.erzhaber.com.tr\/index.php?rest_route=\/wp\/v2\/media\/1541142"}],"wp:attachment":[{"href":"https:\/\/www.erzhaber.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1541141"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.erzhaber.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1541141"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.erzhaber.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1541141"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}