{"id":8807,"date":"2016-10-26T15:31:50","date_gmt":"2016-10-26T13:31:50","guid":{"rendered":"https:\/\/ihs.com.tr\/blog\/?p=8807"},"modified":"2016-10-27T12:23:38","modified_gmt":"2016-10-27T10:23:38","slug":"siber-saldiri-magduru-kucuk-sirketlerin-yuzde-altmisi-iflas-ediyor","status":"publish","type":"post","link":"https:\/\/www.ihs.com.tr\/blog\/siber-saldiri-magduru-kucuk-sirketlerin-yuzde-altmisi-iflas-ediyor\/","title":{"rendered":"Siber Sald\u0131r\u0131 Ma\u011fduru K\u00fc\u00e7\u00fck \u015eirketlerin %60\u2019\u0131 \u0130flas Ediyor"},"content":{"rendered":"

\u0130stanbullu k\u00fc\u00e7\u00fck bir online perakende \u015firketi i\u00e7in s\u0131radan bir g\u00fcn gibi g\u00f6r\u00fcn\u00fcyordu. Fakat \u015firket \u00e7al\u0131\u015fanlar\u0131 bir e-postay\u0131 a\u00e7mak i\u00e7in yap\u0131lan tek bir t\u0131k\u0131n t\u00fcm \u015firketi tehdit edece\u011finden haberdar de\u011fildi. \u015eirket \u00e7al\u0131\u015fanlar\u0131ndan biri zarars\u0131z g\u00f6r\u00fcnen bir katalo\u011fa y\u00f6nlendiren bir linkin oldu\u011fu bir e-posta alm\u0131\u015ft\u0131. Tek bir t\u0131kla \u015firketin sistemine muhasebe yaz\u0131l\u0131mlar\u0131n\u0131 ve m\u00fc\u015fteri hesap dosyalar\u0131n\u0131n, kredi kart\u0131 numaralar\u0131n\u0131n, sosyal g\u00fcvenlik numaralar\u0131n\u0131n, m\u00fc\u015fteri isimlerinin ve di\u011fer bir\u00e7ok bilginin oldu\u011fu m\u00fc\u015fteri muhasebe dosyalar\u0131n\u0131 etkileyen Crytowall k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 bula\u015ft\u0131.<\/span><\/p>\n

Muhasebe yaz\u0131l\u0131m\u0131 ve m\u00fc\u015fteri dosyalar\u0131 \u00e7al\u0131\u015fan\u0131n bilgisayar\u0131nda de\u011fil, \u015firketin a\u011f s\u00fcr\u00fcc\u00fcs\u00fcndeydi; bu y\u00fczden k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m 15.000 muhasebe ve m\u00fc\u015fteri dosyas\u0131n\u0131 kriptolad\u0131. Bunu k\u0131sa s\u00fcre sonra kriptoyu \u00e7\u00f6zme \u015fifresi kar\u015f\u0131l\u0131\u011f\u0131nda 50.000 dolar isteyen bir fidye talebi takip etti. \u015eirketin yedekleme sistemleri birka\u00e7 ayd\u0131r \u00e7al\u0131\u015ft\u0131r\u0131lmad\u0131\u011f\u0131 ve vir\u00fcs\u00fcn \u015firketle ilgili hayati veriler kaybedilmeden yok edilmesi imkans\u0131z oldu\u011fu i\u00e7in, \u015firket bu fidyeyi mecburen verdi.<\/span><\/p>\n

Fakat kriptoyu \u00e7\u00f6zme \u015fifresi i\u015fe yaramad\u0131. \u015eirketin i\u015fleri durma noktas\u0131na geldi. \u015eirket sahibi a\u011f sistemlerini yeniden kurma masraflar\u0131n\u0131 kar\u015f\u0131layamayacak durumdayd\u0131. 6 ay sonra \u015firket kap\u0131s\u0131na kilidi vurdu.<\/span><\/p>\n

ABD Ulusal Siber G\u00fcvenlik Birli\u011fi siber sald\u0131r\u0131 ma\u011fduru k\u00fc\u00e7\u00fck \u015firketlerin %60\u2019\u0131n\u0131n sald\u0131r\u0131dan sonraki 6 ay i\u00e7erisinde iflas etme noktas\u0131na geldi\u011fini s\u00f6yl\u00fcyor. Ponemon Institute\u2019a g\u00f6re k\u00fc\u00e7\u00fck \u015firketlerin hacklendikten sonra zararlar\u0131n\u0131 kar\u015f\u0131lamas\u0131 i\u00e7in gereken ortalama maliyetin 690.000 dolar oldu\u011funu ifade ediyor. Orta \u00f6l\u00e7ekli \u015firketleri i\u00e7inde bu mebla\u011f 1 milyon dolar\u0131n \u00fczerinde.<\/span><\/p>\n

Yak\u0131n zamanda ya\u015fanan bir\u00e7ok siber sald\u0131r\u0131 olay\u0131 hi\u00e7kimsenin bu tehditten muaf olmad\u0131\u011f\u0131n\u0131 g\u00f6steriyor; ne b\u00fcy\u00fck \u015firketler, ne k\u00fc\u00e7\u00fck \u015firketler, ne startuplar, ne devlet daireleri. Hatta ABD ba\u015fkan adaylar\u0131 bile siber sald\u0131r\u0131 ma\u011fduru olabiliyor.<\/span><\/p>\n

T\u00fcm siber sald\u0131r\u0131lar\u0131n %62\u2019si KOB\u0130\u2019leri hedef al\u0131yor. Bu da IBM\u2019in verilerine g\u00f6re g\u00fcnde 4000 sald\u0131r\u0131ya tekab\u00fcl ediyor. Hackerlar k\u00fc\u00e7\u00fck \u015firketleri hedef al\u0131yor \u00e7\u00fcnk\u00fc bunlar sistemlerine s\u0131z\u0131lmas\u0131 kolay hedefler. Hackerlar bu sistemlerdeki bilgileri \u00e7alarak banka hesaplar\u0131ndan kendilerine para aktar\u0131yor, m\u00fc\u015fterilerin kimlik bilgilerini \u00e7al\u0131yor, sahte vergi iadesi formlar\u0131 dolduruyor veya sa\u011fl\u0131k sigortas\u0131 ba\u015fvurular\u0131 yap\u0131yorlar.<\/span><\/p>\n

\"siber<\/p>\n

Peki bir sonraki hedef olmamak i\u00e7in dua etmekten ba\u015fka ne yap\u0131labilir?<\/span><\/p>\n

Unutmay\u0131n ki siber sald\u0131r\u0131lar\u0131n \u00e7o\u011fu \u00e7al\u0131\u015fanlardan birinin yapmamas\u0131 gereken bir \u015feyi yapmas\u0131 nedeniyle oluyor.<\/strong> \u00dcst d\u00fczey tehditlerin \u00e7o\u011fu basit bir temel e\u011fitimle \u00f6nlenebilir. Fakat \u00e7al\u0131\u015fanlar\u0131n\u0131z\u0131 veri g\u00fcvenli\u011fi konusunda e\u011fitmek tek ba\u015f\u0131na yeterli bir \u00f6nlem de\u011fil. \u015eirket sahipleri mutlaka veri g\u00fcvenli\u011fi protokollerini, ilkelerini, uygulamalar\u0131n\u0131 ve prosed\u00fcrlerini de t\u00fcm \u00e7al\u0131\u015fanlar\u0131n\u0131n kula\u011f\u0131na k\u00fcpe etmesi \u015fart.<\/span><\/p>\n

\u0130\u015f s\u00fcreklili\u011fini sa\u011flamak ve acil durum tepki planlar\u0131 haz\u0131rlamak da \u00e7ok \u00f6nemli.<\/strong> Bu planlar sisteminizin tehdit alt\u0131nda oldu\u011funun anla\u015f\u0131ld\u0131\u011f\u0131 anda derhal devreye girmesi gerekiyor.<\/span><\/p>\n

G\u00fcvenlik yaz\u0131l\u0131mlar\u0131n\u0131z\u0131n s\u00fcrekli g\u00fcncel olmas\u0131 hayati bir mesele.<\/strong> En son g\u00fcvenlik yaz\u0131l\u0131mlar\u0131na, web taray\u0131c\u0131lar\u0131na ve i\u015fletim sistemlerine sahip olmak vir\u00fcslere, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlara ve di\u011fer online tehditlere kar\u015f\u0131 en iyi \u00f6nlem.<\/span><\/p>\n

E\u011fer bir dosyayla ilgili \u015f\u00fcpheleriniz varsa, o dosyay\u0131 derhal silin.<\/strong> E-postalardaki, tweetlerdeki, mesajlardaki ve online reklamlardaki linkler hackerlar\u0131n bir numaral\u0131 veri h\u0131rs\u0131zl\u0131\u011f\u0131 arac\u0131d\u0131r. Kayna\u011f\u0131n\u0131 bilseniz dahi, e\u011fer bir dosya size \u015f\u00fcpheli g\u00f6r\u00fcn\u00fcyorsa o dosyay\u0131 hemen silin.<\/span><\/p>\n

\u0130nternete ba\u011fl\u0131 t\u00fcm cihazlar\u0131n\u0131z\u0131 koruyun.<\/strong> Bilgisayarlar\u0131n yan\u0131 s\u0131ra ak\u0131ll\u0131 telefonlar\u0131n, tabletlerin ve internete ba\u011flanabilen di\u011fer t\u00fcm cihazlar\u0131n vir\u00fcslere ve k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlara kar\u015f\u0131 koruma alt\u0131na al\u0131nmas\u0131 \u015fart. AirWatch<\/a> ile \u015firketler mobil cihazlar\u0131n\u0131 y\u00f6netebiliyor.
\n<\/span><\/p>\n

Bir cihaz\u0131 a\u011f\u0131n\u0131za ba\u011flad\u0131\u011f\u0131n\u0131z anda taray\u0131n.<\/strong> USB\u2019lere ve di\u011fer harici cihazlara da vir\u00fcs ve k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bula\u015fabilir. G\u00fcvenlik yaz\u0131l\u0131m\u0131n\u0131z\u0131 kullanarak bu cihazlar\u0131 da taray\u0131n.<\/span><\/p>\n

Siber sigorta yapt\u0131rmay\u0131 g\u00fcndeminize al\u0131n.<\/strong> Bu sigortalar\u0131n fiyatlar\u0131 g\u00fcn ge\u00e7tik\u00e7e artsa da, sigorta maliyeti sistemlerinizi yeniden aya\u011fa kald\u0131rmak i\u00e7in uzmanlara ve dan\u0131\u015fmanlara \u00f6deyece\u011finiz \u00fccretin yan\u0131nda solda s\u0131f\u0131r kal\u0131yor. Tabii \u00e7oktan iflas etmemi\u015fseniz.<\/span><\/p>\n

IT\u2019nin \u00f6tesinde de \u00f6nlemler al\u0131n.<\/strong> Siber sald\u0131r\u0131 \u00f6nleme i\u015fini yaln\u0131zca IT departman\u0131n\u0131za b\u0131rakmay\u0131n. Bu i\u015fi \u015firketinizin t\u00fcm kademelerine yay\u0131n.<\/span><\/p>\n

Hassas dosyalar\u0131n\u0131z\u0131 kriptolay\u0131n.<\/strong> Veri kriptolama verinin o dosyan\u0131n kriptosunu \u00e7\u00f6zecek \u015fifreye veya parolaya eri\u015fimi olmayan kimse taraf\u0131ndan g\u00f6r\u00fcnt\u00fclenemeyecek bir forma sokulmas\u0131d\u0131r. Kriptolama donan\u0131m ya da yaz\u0131l\u0131m temelli olabilir. Donan\u0131m temelli kriptolama ve kripto \u00e7\u00f6zme, donan\u0131m \u00fczerinde bu i\u015fe tahsis edilmi\u015f bir i\u015flemci taraf\u0131ndan ger\u00e7ekle\u015ftirilir. Yaz\u0131l\u0131m temelli kriptolamada ise verinin kriptolanmas\u0131 ve kriptosunun \u00e7\u00f6z\u00fclmesi i\u00e7in yaz\u0131l\u0131m\u0131n y\u00fcklendi\u011fi cihaz\u0131n kaynaklar\u0131 kullan\u0131l\u0131r.<\/span><\/p>\n

Enigma isimli donan\u0131m temelli kriptolama cihaz\u0131 \u00fcreticisi olan Blacksquare Technologies\u2019in kurucusu ve ba\u015fkan\u0131 Robert Fleming donan\u0131m temelli kriptolaman\u0131n daha h\u0131zl\u0131 oldu\u011funu s\u00f6yl\u00fcyor. \u201cKriptografik \u015fifre belle\u011fin farkl\u0131 ve eri\u015filemez bir k\u0131sm\u0131nda tutuldu\u011fu i\u00e7in, donan\u0131m temelli kriptolama yaz\u0131l\u0131m temelli kriptolamaya k\u0131yasla \u00e7ok daha g\u00fcvenilir. Bir \u015firket hacklense ve hackerlar dosyalar\u0131 ele ge\u00e7irse bile, kriptolanm\u0131\u015f dosyalar\u0131 a\u00e7amazlar.\u201d<\/span><\/p>\n

Web siteleri hackleniyor. Kurumsal veriler s\u0131zd\u0131r\u0131l\u0131yor. Kimlik bilgileri \u00e7al\u0131n\u0131yor. Bu tehditler g\u00fcn ge\u00e7tik\u00e7e daha ciddi bir hal almakta. Ge\u00e7ti\u011fimiz 12 ay i\u00e7erisinde t\u00fcm kurulu\u015flar\u0131n %75\u2019i \u015fu ya da bu \u015fekilde bir siber sald\u0131r\u0131 olay\u0131na maruz kald\u0131\u011f\u0131ndan, k\u00fc\u00e7\u00fck \u015firket sahiplerinin er ya da ge\u00e7 herhangi bir boyutta bir siber sald\u0131r\u0131 olay\u0131 ya\u015fayacaklar\u0131n\u0131 g\u00f6z \u00f6n\u00fcnde bulundurmal\u0131. Siber sald\u0131r\u0131 piyasas\u0131 \u015fu an trilyonlarca dolarl\u0131k i\u015flem hacmiyle d\u00fcnyan\u0131n en b\u00fcy\u00fck piyasas\u0131 konumunda. \u015eu ana kadar da kazanan hep \u201ck\u00f6t\u00fc adamlar\u201d olmu\u015f durumda.<\/span><\/p>\n

Bu nedenle k\u00fc\u00e7\u00fck \u015firket sahiplerinin oturup \u201cin\u015fallah bizim ba\u015f\u0131m\u0131za b\u00f6yle bir \u015fey gelmez\u201d demekten \u00e7ok daha fazlas\u0131n\u0131 yapmalar\u0131 elzem.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

\u0130stanbullu k\u00fc\u00e7\u00fck bir online perakende \u015firketi i\u00e7in s\u0131radan bir g\u00fcn gibi g\u00f6r\u00fcn\u00fcyordu. Fakat \u015firket \u00e7al\u0131\u015fanlar\u0131 bir e-postay\u0131 a\u00e7mak i\u00e7in yap\u0131lan tek bir…<\/p>\n","protected":false},"author":3,"featured_media":8809,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-8807","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haberler"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8807","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=8807"}],"version-history":[{"count":3,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8807\/revisions"}],"predecessor-version":[{"id":8814,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8807\/revisions\/8814"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media\/8809"}],"wp:attachment":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=8807"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=8807"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=8807"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}