{"id":550191,"date":"2021-11-19T13:08:52","date_gmt":"2021-11-19T18:08:52","guid":{"rendered":"https:\/\/gijn.org\/?p=550191"},"modified":"2023-06-25T07:31:42","modified_gmt":"2023-06-25T11:31:42","slug":"siber-suclari-ve-karanlik-agi-arastirmak","status":"publish","type":"post","link":"https:\/\/gijn.org\/tr\/kaynak\/siber-suclari-ve-karanlik-agi-arastirmak\/","title":{"rendered":"Siber Su\u00e7lar\u0131 ve Karanl\u0131k A\u011f\u0131 Ara\u015ft\u0131rmak"},"content":{"rendered":"<p><a href=\"https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/pexels-sora-shimazaki-5935794-1-scaled.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-391434\" src=\"https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/pexels-sora-shimazaki-5935794-1-1170x780.jpg\" alt=\"\" width=\"771\" height=\"514\" srcset=\"https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/pexels-sora-shimazaki-5935794-1-1170x780.jpg 1170w, https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/pexels-sora-shimazaki-5935794-1-336x224.jpg 336w, https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/pexels-sora-shimazaki-5935794-1-771x514.jpg 771w, https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/pexels-sora-shimazaki-5935794-1-768x512.jpg 768w, https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/pexels-sora-shimazaki-5935794-1-1536x1024.jpg 1536w, https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/pexels-sora-shimazaki-5935794-1-2048x1365.jpg 2048w\" sizes=\"auto, (max-width: 771px) 100vw, 771px\" \/><\/a><\/p>\n<p><em>Edit\u00f6r\u00fcn Notu: GIJN, 1 Kas\u0131m\u2019da\u00a0<\/em><a href=\"https:\/\/gijn.org\/2021\/03\/24\/the-global-investigative-journalism-conference-goes-online-oct-2021-we-head-to-sydney-in-22\/\" target=\"_blank\" rel=\"noreferrer noopener\">K\u00fcresel Ara\u015ft\u0131rmac\u0131 Gazetecilik Konferans\u0131\u2019nda <\/a><em>\u00a0Organize Su\u00e7lar\u0131 Ara\u015ft\u0131rmak ile illgili bir rehber dizi yay\u0131nl\u0131yor. Siber su\u00e7lar\u0131 ve karanl\u0131k a\u011f\u0131 ara\u015ft\u0131rmaya odaklanan bu b\u00f6l\u00fcm,\u00a0<\/em>\u00a0<em>Amerikan kablolu TV a\u011f\u0131 CNBC i\u00e7in siber g\u00fcvenlikle ilgili \u00e7al\u0131\u015fan teknoloji muhabiri \u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.cnbc.com\/kate-fazzini\/\">Kate Fazzini<\/a>\u00a0taraf\u0131ndan yaz\u0131lm\u0131\u015ft\u0131r\u00a0.\u00a0<\/em><\/p>\n<p>Siber su\u00e7, dijital bir alanda ger\u00e7ekle\u015ftirilen herhangi bir su\u00e7 faaliyetidir.\u00a0Siber su\u00e7u s\u0131kl\u0131kla, bu ba\u011flamda dijital ortama yetkisiz giri\u015f anlam\u0131na gelen \u201chack\u201d olarak tan\u0131mlasak da, fiziksel su\u00e7lar da dahil olmak \u00fczere bir\u00e7ok su\u00e7 t\u00fcr\u00fc vard\u0131r.<\/p>\n<p>\u00c7ocuk pornografisi ticaretinden, bir banka i\u00e7inden bir m\u00fc\u015fterinin ATM bilgilerini de\u011fi\u015ftirilmesine ve yasad\u0131\u015f\u0131 para \u00e7ekilmesine, kaynak kodunun \u00e7al\u0131nmas\u0131na kadar her \u015fey \u201csiber\u201d su\u00e7 kategorisine giriyor.\u00a0Siber su\u00e7, ba\u015far\u0131l\u0131 bir \u015fekilde i\u015flendi\u011finde, genellikle yasal gizlilik ihlallerinin istismar\u0131n\u0131 ortaya \u00e7\u0131kar\u0131r. \u00d6rne\u011fin, bir \u015firket ki\u015fisel bilgileri uygunsuz bir \u015fekilde \u015fifreledi\u011finde ve bu veriler \u00e7al\u0131nd\u0131\u011f\u0131nda, bu, \u015firket taraf\u0131ndan t\u00fcketici gizlili\u011finin ihlali ve bireyler taraf\u0131ndan bir siber su\u00e7 te\u015fkil edecektir.<\/p>\n<p>Siber su\u00e7lardan kaynaklanan mali kay\u0131plar ayn\u0131 anda astronomik boyutlardad\u0131r ve tahmin edilmesi veya hesaplanmas\u0131 \u00e7ok zordur. Milyarder yat\u0131r\u0131mc\u0131 Warren Buffett, ge\u00e7mi\u015fte, ne kadar paran\u0131n kaybedilebilece\u011fini tahmin etmek i\u00e7in yeterli veri olmad\u0131\u011f\u0131 i\u00e7in i\u015fletmelerini siber sigorta pazar\u0131ndan ka\u00e7\u0131nmaya zorlad\u0131\u011f\u0131n\u0131 s\u00f6yledi. Tan\u0131mlamas\u0131 zor olan bu risk, kas\u0131rgalar veya sel gibi do\u011fal afetlerden veya banka soygunlar\u0131 veya fiziksel sabotajlar gibi di\u011fer su\u00e7 faaliyetlerinden kaynaklanan di\u011fer parasal kay\u0131p t\u00fcrlerine ili\u015fkin anlay\u0131\u015f\u0131m\u0131zla keskin bir tezat olu\u015fturuyor. McAfee, Cybersecurity Ventures, SANS Enstit\u00fcs\u00fc ve FBI dahil olmak \u00fczere \u00e7e\u015fitli kaynaklardan gelen kaba tahminler, siber su\u00e7lardan devlete ve i\u015fletmeye trilyonlarca dolarl\u0131k zararlara i\u015faret ediyor.<\/p>\n<p>G\u00fcvenlik g\u00fcndemimizin \u00f6n saflar\u0131nda yer alan bu belirgin ve h\u0131zl\u0131 de\u011fi\u015fime ra\u011fmen, siber g\u00fcvenlik yeralt\u0131 d\u00fcnyas\u0131 \u015fa\u015f\u0131rt\u0131c\u0131 bir \u015fekilde kurumsal d\u00fcnya gibi yap\u0131land\u0131r\u0131lm\u0131\u015ft\u0131r.\u00a0Co\u011frafya veya ilgi alanlar\u0131 ile gev\u015fek bir \u015fekilde birbirine ba\u011fl\u0131 k\u00fc\u00e7\u00fck \u00e7etelerin su\u00e7 \u201cstart-up\u2019lar\u0131\u201d, Silikon Vadisi\u2019ndekilerle kar\u015f\u0131la\u015ft\u0131r\u0131labilir bir \u00e7eviklik ve h\u0131rsla geli\u015febilir, birbirlerinden alet \u00e7alabilir, rekabet edebilir ve i\u015fbirli\u011fi yapabilir.\u00a0Yeralt\u0131 d\u00fcnyas\u0131n\u0131n daha b\u00fcy\u00fck oyuncular\u0131, merkezi liderli\u011fi, insan kaynaklar\u0131 y\u00f6neticileri gibi davranan kriminal i\u015fe al\u0131m g\u00f6revlilerini ve hatta kurbanlar\u0131n nas\u0131l kurulaca\u011f\u0131n\u0131 \u00f6\u011frenmek i\u00e7in arad\u0131klar\u0131 m\u00fc\u015fteri hizmetleri yard\u0131m masalar\u0131n\u0131n ger\u00e7ek\u00fcst\u00fc versiyonlar\u0131n\u0131 kullanarak Asya, Avrupa, Afrika ve Amerika\u2019da su\u00e7 \u00e7\u0131karlar\u0131n\u0131 birle\u015ftirmeye \u00e7al\u0131\u015f\u0131rlar. Fidye \u00f6demelerinde komisyon almak i\u00e7in bir Bitcoin c\u00fczdan\u0131.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/Ransomware-Attack-image-336x236.jpg\" alt=\"Fidye Yaz\u0131l\u0131m Sald\u0131r\u0131s\u0131 resmi\" width=\"336\" height=\"236\" \/><\/p>\n<p>Resim: Shutterstock<\/p>\n<p>Bu yasa d\u0131\u015f\u0131 etkinliklerin \u00e7o\u011fu,\u00a0genellikle yaln\u0131zca Tor taray\u0131c\u0131s\u0131 arac\u0131l\u0131\u011f\u0131yla eri\u015filebilen gizli bir web katman\u0131 olan\u00a0<a href=\"https:\/\/www.youtube.com\/watch?v=c7xu2VD0rzQ\" target=\"_blank\" rel=\"noreferrer noopener\">\u201ckaranl\u0131k a\u011f\u201d<\/a>\u00a0olarak adland\u0131r\u0131lan \u015feyden kaynaklan\u0131r veya burada ger\u00e7ekle\u015fir\u00a0.\u00a0Herhangi bir g\u00fcnde, \u00fclke i\u00e7i fidye yaz\u0131l\u0131m\u0131 bot operat\u00f6r\u00fc, k\u00f6t\u00fc niyetli siber kazan\u00e7lar\u0131 sahte yolculuklarla temizleyen kara para aklayan bir Uber s\u00fcr\u00fcc\u00fcs\u00fc veya sahte bir paraolarak dark web\u2019deki i\u015flere de \u201cba\u015fvurabilirsiniz\u201d. ATM makinelerinden sahtekarl\u0131kla nakit bo\u015faltmak gibi.<\/p>\n<p><strong>Potansiyel Kaynaklar<\/strong><\/p>\n<ul>\n<li><strong>Akademik ara\u015ft\u0131rmac\u0131lar:<\/strong>\u00a0\u00dcniversite tabanl\u0131 bir dizi merkez, \u00e7evrimi\u00e7i sald\u0131r\u0131lar\u0131 izler ve izler ve belirli durumlarda faydal\u0131 ipu\u00e7lar\u0131 sa\u011flayabilir. Carnegie Mellon, Amerika Birle\u015fik Devletleri\u2019nde bunlar\u0131n en \u00fcnl\u00fcs\u00fcd\u00fcr ve ayn\u0131 zamanda\u00a0kritik g\u00fcvenlik a\u00e7\u0131\u011f\u0131 uyar\u0131lar\u0131 vermekten sorumlu\u00a0ABD\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.sei.cmu.edu\/about\/divisions\/cert\/\">Bilgisayar Acil M\u00fcdahale Ekibi\u2019nin<\/a>\u00a0(CERT)\u00a0evi olarak hizmet vermektedir\u00a0. \u0130ngiltere\u2019deki Cambridge \u00dcniversitesi\u2019nin de bir\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.cambridgecybercrime.uk\/\">siber su\u00e7 merkezi var<\/a>\u00a0.<\/li>\n<li><strong>Siber g\u00fcvenlik \u015firketleri<\/strong>\u00a0: McAfee, Crowdstrike, Carbon Black, FireEye gibi firmalar ve b\u00fcy\u00fck bulut hizmetleri sa\u011flay\u0131c\u0131lar\u0131 Amazon, Microsoft ve Google, en son sald\u0131r\u0131lar\u0131 izleyen bir\u00e7ok \u00f6zel adli t\u0131p ekibine sahiptir. G\u00f6rd\u00fckleri sald\u0131r\u0131 t\u00fcrlerini tart\u0131\u015fmak i\u00e7in bu \u015firketlerden birini me\u015fgul etmek \u00e7ok daha kolay. Ancak bunlar\u0131n sat\u0131c\u0131 olduklar\u0131n\u0131 ve bu konularda ticari bir ilgileri oldu\u011funu unutmay\u0131n. Bu, uzman olmad\u0131klar\u0131 anlam\u0131na gelmez, ancak tarafs\u0131zl\u0131klar\u0131n\u0131 bozan \u00e7\u0131kar \u00e7at\u0131\u015fmalar\u0131 olabilece\u011fini unutmay\u0131n. Bu nedenle, arka planda bile sald\u0131r\u0131ya u\u011frayan \u015firketlerdeki siber g\u00fcvenlik \u00e7al\u0131\u015fanlar\u0131na, neler oldu\u011fuyla ilgili anlay\u0131\u015f\u0131n\u0131z\u0131 tamamlamak i\u00e7in ula\u015fmak her zaman \u00f6nemlidir. Bu kaynaklar\u0131 geli\u015ftirmek \u00e7ok daha zor olabilir, ancak raporlaman\u0131za ele\u015ftirel bir bak\u0131\u015f a\u00e7\u0131s\u0131 kazand\u0131r\u0131r.<\/li>\n<li><strong>Devlet yetkilileri<\/strong>\u00a0: Yaln\u0131zca ABD\u2019de\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.lawfareblog.com\/road-map-tackling-cybercrime\">en az 20 federal departman ve kurumun siber su\u00e7lara ayr\u0131lm\u0131\u015f personeli var<\/a>\u00a0. \u0130\u00e7 G\u00fcvenlik Bakanl\u0131\u011f\u0131\u2019n\u0131n\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.cisa.gov\/\">Siber G\u00fcvenlik ve Altyap\u0131 G\u00fcvenlik Ajans\u0131<\/a>\u00a0(CISA), kamuoyunu me\u015fgul etmek i\u00e7in aktif bir g\u00f6rev alan\u0131na sahip, muhtemelen en bas\u0131n dostu olan\u0131d\u0131r.\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.fbi.gov\/investigate\/cyber\">FBI siber b\u00f6l\u00fcm\u00fc<\/a>\u00a0siber sald\u0131r\u0131lar ve bunlar\u0131n maliyeti hakk\u0131nda ger\u00e7eklere dayanan, tarafs\u0131z bilgilerle yuvarlak d\u0131\u015far\u0131 makaleleri yard\u0131mc\u0131 olabilir de\u011ferli ve tarafs\u0131z istatistiklerini \u00fcretir. ABD Gizli Servisi ve ABD Hazine Bakanl\u0131\u011f\u0131, dikkate al\u0131nmas\u0131 gereken di\u011fer kaynaklard\u0131r.\u00a0\u00a0D\u00fcnyan\u0131n d\u00f6rt bir yan\u0131ndaki \u00fclkelerdeki benzer devlet kurumlar\u0131 da yard\u0131m edebilmelidir. Birle\u015fik Krall\u0131k\u2019ta, bir\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.ncsc.gov.uk\/section\/about-ncsc\/media-centre\">bas\u0131n ekibine<\/a>\u00a0sahip olan Ulusal Siber G\u00fcvenlik Merkezi\u2019dir.\u00a0gazetecilerle \u00e7al\u0131\u015f\u0131r. Europol\u2019\u00fcn kendi\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.europol.europa.eu\/about-europol\/european-cybercrime-centre-ec3\">Avrupa Siber Su\u00e7 Merkezi vard\u0131r<\/a>\u00a0. Japonya\u2019n\u0131n\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.nisc.go.jp\/eng\/index.html\">Ulusal Olaya Haz\u0131rl\u0131k ve Siber G\u00fcvenlik Stratejisi Merkezi (NISC)<\/a>\u00a0ge\u00e7ti\u011fimiz g\u00fcnlerde\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=http:\/\/www.uniindia.com\/japan-to-establish-cyber-bureau-to-deal-with-ransomware-threats-official\/world\/news\/2532976.html\">siber su\u00e7larla m\u00fccadele i\u00e7in \u00f6zel bir b\u00fcro kurdu\u011funu<\/a>\u00a0duyurdu\u00a0. BM\u2019nin\u00a0Uyu\u015fturucu ve Su\u00e7 Ofisi\u2019nin bir par\u00e7as\u0131 olarak\u00a0bir\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.unodc.org\/unodc\/en\/cybercrime\/global-programme-cybercrime.html\">siber su\u00e7 program\u0131<\/a>\u00a0vard\u0131r\u00a0.<\/li>\n<li><strong>Kurbanlar<\/strong>\u00a0: Siber su\u00e7 kurbanlar\u0131 insanlar de\u011fil, \u00e7e\u015fitli kurumlar, gruplar, h\u00fck\u00fcmetler, sosyal medya platformlar\u0131 vb. olabilir. Herhangi bir siber sald\u0131r\u0131daki deneyimlerini tart\u0131\u015fmak i\u00e7in onlarla ba\u011flant\u0131 kurmak \u00e7ok \u00f6nemlidir.\u00a0Bir siber sald\u0131r\u0131ya ili\u015fkin t\u00fcm raporlar, ma\u011fdura ula\u015fma giri\u015fimini ve\/veya ma\u011fdurun veya kurumun neden yorum yapmay\u0131 reddetti\u011finin bir a\u00e7\u0131klamas\u0131n\u0131 i\u00e7ermelidir.\u00a0Bir siber sald\u0131r\u0131n\u0131n \u00f6l\u00e7e\u011fi ve verdi\u011fi hasarla ilgili ilk izlenimlerin yan\u0131lt\u0131c\u0131 olabilece\u011fini unutmay\u0131n.\u00a0Tecr\u00fcbelerime g\u00f6re, ba\u015flang\u0131\u00e7ta k\u00f6t\u00fc g\u00f6r\u00fcnen bir olay, \u015firket i\u00e7in \u00f6zellikle zararl\u0131 olmayabilirken, ba\u015flang\u0131\u00e7ta zarars\u0131z g\u00f6r\u00fcnen di\u011ferleri son derece zarar vericidir.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/gijn.org\/wp-content\/uploads\/2021\/10\/CyberCrime_TexBreak_Transparency-336x220.png\" alt=\"Organize Su\u00e7 Siber Su\u00e7 k\u00fc\u00e7\u00fck resim\" width=\"336\" height=\"220\" \/><\/p>\n<p>\u0130ll\u00fcstrasyon: GIJN i\u00e7in Ann Kiernan<\/p>\n<p><strong>\u0130pu\u00e7lar\u0131 ve Ara\u00e7lar<\/strong><\/p>\n<p>Pek \u00e7ok siber su\u00e7 sald\u0131r\u0131s\u0131, ister ceza davas\u0131 ister hukuk davas\u0131 olsun, ABD mahkeme salonlar\u0131nda sonu\u00e7land\u0131\u011f\u0131ndan, siber g\u00fcvenlik gazetecili\u011finin en de\u011ferli kaynaklar\u0131ndan biri, ABD yasal veritaban\u0131 olan\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/pacer.uscourts.gov\/\">PACER\u2019dir<\/a>\u00a0(\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/pacer.uscourts.gov\/pacer-pricing-how-fees-work\">aramalara ve belgelere dayal\u0131 olarak \u00fccret uygulan\u0131r<\/a>\u00a0), Kamuya a\u00e7\u0131k anlam\u0131na gelen bir k\u0131saltmad\u0131r. Mahkeme Elektronik Kay\u0131tlar\u0131na Eri\u015fim.\u00a0Yasal ba\u015fvurular\u0131, \u00f6zellikle de yerli veya yabanc\u0131 siber su\u00e7lular\u0131n iddianamelerini okumak, siber sald\u0131r\u0131lara ili\u015fkin \u00e7ok y\u00f6nl\u00fc bir g\u00f6r\u00fc\u015f sa\u011flayabilir ve ayn\u0131 zamanda bunlar\u0131n kovu\u015fturulmas\u0131nda mevcut yasal \u00e7er\u00e7evelerin s\u0131n\u0131rlar\u0131n\u0131 vurgulayabilir. Muhabirler ayr\u0131ca\u00a0, s\u0131radan insanlar\u0131n internete a\u00e7\u0131k olan ba\u011fl\u0131 cihazlar\u0131\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.shodan.io\/\">arayabilecekleri Shodan arama motoru hakk\u0131nda\u00a0<\/a>bilgi sahibi olmal\u0131d\u0131r\u00a0.<\/p>\n<p>Devlet kurumlar\u0131 ve siber g\u00fcvenlik \u015firketleri, \u00f6zellikle ikincisi, \u00e7evrimi\u00e7i su\u00e7lular\u0131n maskesini d\u00fc\u015f\u00fcrmede veya bir su\u00e7u adli olarak incelemede de\u011ferli ortaklar olabilir.\u00a0Bununla birlikte, gazeteciler bu ili\u015fkileri di\u011fer i\u015f ba\u011flar\u0131 veya \u00e7\u0131kar \u00e7at\u0131\u015fmalar\u0131 i\u00e7in izlemeye \u00f6zen g\u00f6stermelidir, b\u00f6ylece ara\u015ft\u0131rmadan yaln\u0131zca kendilerine hizmet eden bir anlat\u0131 almazlar.\u00a0Siber g\u00fcvenlik \u015firketleri, iyi bir tan\u0131t\u0131m sa\u011flad\u0131klar\u0131 i\u00e7in gazetecilerle veya di\u011fer kamu hizmeti projeleriyle i\u015fbirli\u011fi yapmaktan genellikle mutlu olurlar; bu nedenle, herhangi bir r\u00f6portaj\u0131n\u0131zda \u015firketin rol\u00fcn\u00fc if\u015fa etmeye de \u00f6zen g\u00f6sterilmelidir.<\/p>\n<p><strong>\u00d6rnekler<\/strong><\/p>\n<p><a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.trustwave.com\/en-us\/resources\/blogs\/spiderlabs-blog\/post-soviet-bank-heists-a-hybrid-cybercrime-study\/\"><strong>Sovyet Sonras\u0131 Banka Soygunu<\/strong><\/a><\/p>\n<p>Hikaye bir gazetede yay\u0131nlanmad\u0131, ancak Trustwave adl\u0131 bir siber g\u00fcvenlik ara\u015ft\u0131rma firmas\u0131 taraf\u0131ndan \u00fcretildi.\u00a0Ancak bu 2017 ara\u015ft\u0131rma makalesi, bir siber su\u00e7 komplosunun her bir par\u00e7as\u0131n\u0131 par\u00e7alay\u0131p iletmenin insanlar\u0131n bu karma\u015f\u0131k d\u00fcnyay\u0131 daha iyi anlamalar\u0131na nas\u0131l yard\u0131mc\u0131 olabilece\u011fini a\u00e7\u0131k\u00e7a g\u00f6stermektedir.\u00a0(\u0130ndirilebilir kopyalar istek \u00fczerine yaln\u0131zca Trustwave\u2019den temin edilebilir.)<\/p>\n<p class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/CNBC-Equifax-Breach-story-image-771x332.jpg\" alt=\"CNBC Equifax Breach story image\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>Resim: Ekran g\u00f6r\u00fcnt\u00fcs\u00fc<\/p>\n<p>&nbsp;<\/p>\n<p><a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.cnbc.com\/2019\/02\/13\/equifax-mystery-where-is-the-data.html\"><strong>Equifax T\u00fcketici Verileri \u0130hlali<\/strong><\/a><\/p>\n<p>Bu, ABD\u2019nin en b\u00fcy\u00fck t\u00fcketici kredisi b\u00fcrolar\u0131ndan birinin devasa veri ihlali hakk\u0131nda CNBC i\u00e7in haz\u0131rlad\u0131\u011f\u0131m bir hikayeydi.\u00a0Equifax ihlalinde \u00e7al\u0131nan muazzam miktarda veriyi araman\u0131n yaratt\u0131\u011f\u0131 s\u0131k\u0131nt\u0131lar\u0131 anlatmak i\u00e7in \u201cd\u00fc\u015f\u00fck seviyede\u201d ancak uygulamal\u0131 ve kritik bir rolde \u00e7al\u0131\u015fan bir g\u00fcvenlik analistini ikna edebildim.\u00a0\u0130hlal \u00c7in\u2019e atfedilmi\u015f olsa da, \u00e7al\u0131nan veriler hi\u00e7bir zaman karanl\u0131k a\u011fda veya ba\u015fka bir yerde bulunamad\u0131, bu t\u00fcr sald\u0131r\u0131ya u\u011fram\u0131\u015f veriler genellikle daha sonra bir \u015fekilde sat\u0131ld\u0131\u011f\u0131ndan biraz s\u0131ra d\u0131\u015f\u0131 bir durum.\u00a0Bu hikaye, Equifax ve di\u011fer ihlallerle ilgili ABD Kongre oturumlar\u0131nda yasa koyucular taraf\u0131ndan al\u0131nt\u0131lanm\u0131\u015ft\u0131r.<\/p>\n<p>&nbsp;<\/p>\n<p><a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.wsj.com\/articles\/the-man-who-wrote-those-password-rules-has-a-new-tip-n3v-r-m1-d-1502124118\"><strong>NIST \u015eifre Hikayesi<\/strong><\/a><\/p>\n<p>Bu, hepimizin bildi\u011fi ve nefret etti\u011fi \u201charf, say\u0131 ve sembol\u201d parola gereksinimlerinin olu\u015fturulmas\u0131na yard\u0131mc\u0131 olan bir devlet \u00e7al\u0131\u015fan\u0131n\u0131n pi\u015fmanl\u0131klar\u0131n\u0131 anlatan klasik bir Wall Street Journal \u00f6yk\u00fcs\u00fcd\u00fcr.\u00a0Bu hikaye, siber g\u00fcvenlik sorununu son kullan\u0131c\u0131n\u0131n bak\u0131\u015f a\u00e7\u0131s\u0131yla \u2013 hepimizin sonsuz parola kombinasyonlar\u0131 olu\u015fturmaktan ne kadar nefret etti\u011fimizi \u2013 genel olarak siber g\u00fcvenlik hakk\u0131nda ne kadar az \u015fey anlad\u0131\u011f\u0131m\u0131za dair b\u00fcy\u00fck resim senaryosu ile ili\u015fkilendirmede inan\u0131lmaz derecede \u00f6nemliydi.<\/p>\n<p>&nbsp;<\/p>\n<p><a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.newyorker.com\/magazine\/2021\/04\/26\/the-incredible-rise-of-north-koreas-hacking-army\"><strong>Kuzey Kore\u2019nin Hacking Ordusunun Y\u00fckseli\u015fi<\/strong><\/a><\/p>\n<p>Tek bir sald\u0131r\u0131n\u0131n k\u00f6kenlerinin \u00f6tesine bakan kapsaml\u0131 bir soru\u015fturma olan bu New Yorker hikayesi, d\u00fcnyan\u0131n en b\u00fcy\u00fck siber su\u00e7lu varl\u0131klar\u0131 aras\u0131nda yer alan Kuzey Kore\u2019nin devlet destekli bilgisayar korsanl\u0131\u011f\u0131 ordusunun profilini \u00e7\u0131kard\u0131. Aldat\u0131c\u0131 bir \u015fekilde banal ismine ra\u011fmen, o \u00fclkenin Genel Ke\u015fif B\u00fcrosu (RGB), fidye yaz\u0131l\u0131m\u0131 sald\u0131r\u0131lar\u0131ndan banka soygunlar\u0131na ve kripto para birimi h\u0131rs\u0131zl\u0131klar\u0131na kadar her \u015feyi y\u00f6neten \u201csu kafal\u0131\u201d bir canavard\u0131r. Genel olarak tarihin en c\u00fcretkar hacklerinden birinin \u2013 2014 Sony Pictures sald\u0131r\u0131s\u0131n\u0131n \u2013 arkas\u0131nda oldu\u011fu varsay\u0131l\u0131yor. \u00d6rg\u00fct\u00fcn yasad\u0131\u015f\u0131 faaliyetleriyle ilgili bir Birle\u015fmi\u015f Milletler raporu, k\u00fcresel pay\u0131n\u0131 2 milyar dolara \u00e7\u0131kard\u0131 ve bunun \u00e7o\u011fu Kuzey Kore ordusunun silah program\u0131na ak\u0131t\u0131ld\u0131. Ve New Yorker, okuyucular\u0131 perde arkas\u0131na, RBG\u2019nin d\u00fcnya \u00e7ap\u0131nda siber su\u00e7 operasyonlar\u0131n\u0131 nas\u0131l i\u015fe ald\u0131\u011f\u0131na ve nihayetinde ger\u00e7ekle\u015ftirdi\u011fine g\u00f6t\u00fcr\u00fcyor.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Ara\u015ft\u0131rma Stratejileri<\/strong><\/p>\n<p>Siber su\u00e7 soru\u015fturmalar\u0131n\u0131n do\u011fas\u0131 gere\u011fi, sald\u0131r\u0131dan hemen sonra sald\u0131rganla ilgili herhangi bir bilgiyi bilmemizin olas\u0131 olmad\u0131\u011f\u0131 anlam\u0131na gelir.<\/p>\n<p>Geleneksel su\u00e7 ve siber su\u00e7 aras\u0131ndaki temel farklar \u00fc\u00e7 temel alanda yatmaktad\u0131r;\u00a0siber su\u00e7 faillerinin daha geleneksel su\u00e7lularla kar\u015f\u0131la\u015ft\u0131r\u0131ld\u0131\u011f\u0131nda nas\u0131l oldu\u011fu, siber su\u00e7 ma\u011fdurlar\u0131n\u0131n nas\u0131l tan\u0131mland\u0131\u011f\u0131 ve siber su\u00e7lara kar\u015f\u0131 geleneksel su\u00e7lar i\u00e7in en kritik olan yeni ortaya \u00e7\u0131kan sorunlar.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Failler<\/strong><\/p>\n<p><strong>Geleneksel su\u00e7<\/strong>\u00a0\u2013 faillerin su\u00e7 mahalline genellikle canl\u0131 yak\u0131n \u2013 ister trafik ihlalleri veya cinayet bahsediyoruz. Ulusal yasalar, su\u00e7lanan siber su\u00e7lulara eri\u015fim konusunda de\u011fi\u015fiklik g\u00f6sterir, ancak m\u00fcmk\u00fcn oldu\u011funda, olay ne kadar \u00f6nemsiz olursa olsun, gazetecilerin hikayenin su\u00e7lu taraf\u0131n\u0131 anlamas\u0131 iyi bir etik uygulamad\u0131r. Su\u00e7u ispatlanana kadar insanlar\u0131n masum oldu\u011fu ABD\u2019de, san\u0131klara ula\u015fmak i\u00e7in hi\u00e7bir giri\u015fimde bulunmayan gazeteciler g\u00f6revi k\u00f6t\u00fcye kullan\u0131yor. Hatta bir \u201cyorum yok\u201d veya \u201cBay. Smith\u2019e birden fazla denemeden sonra ula\u015f\u0131lamad\u0131\u201d veya \u201cBayan Miller\u2019\u0131n avukat\u0131 yorum yapmaktan ka\u00e7\u0131nd\u0131\u201d yeterli olacakt\u0131r.<\/p>\n<p>\u00c7ete ba\u011flant\u0131l\u0131 \u015fiddet veya \u0131rk\u00e7\u0131 su\u00e7 vakalar\u0131nda oldu\u011fu gibi, ad\u0131 belli bir \u015f\u00fcpheli yoksa, muhabirler polisten ve su\u00e7un i\u015flendi\u011fi topluluktan fail hakk\u0131nda bilgi toplamal\u0131d\u0131r.<\/p>\n<p><strong>Siber<\/strong>\u00a0kapsama olsa da, bu f\u0131rsatlar nadir olur.\u00a0Ger\u00e7ekten de, bu beklentilerin \u00e7o\u011fu tersine \u00e7evrilir.\u00a0\u201cSan\u0131k\u201d, su\u00e7la \u00e7evrimi\u00e7i olarak \u00f6v\u00fcnen bir siber su\u00e7 grubu olabilir veya bir birey olabilir.\u00a0Su\u00e7, bir vekil su\u00e7 grubu veya bireyin himayesinde yabanc\u0131 bir h\u00fck\u00fcmet taraf\u0131ndan y\u00fcr\u00fct\u00fclebilir.\u00a0Su\u00e7, bir \u00f6rg\u00fct i\u00e7indeki bu h\u00fck\u00fcmetlerden biri i\u00e7in bir casus taraf\u0131ndan i\u015flenebilir veya Helsinki\u2019de bir bodrum kat\u0131ndan bir gen\u00e7 taraf\u0131ndan ba\u015flat\u0131lm\u0131\u015f olabilir.<\/p>\n<p>Ayn\u0131 ad\u0131 ta\u015f\u0131yan bir siber g\u00fcvenlik \u015firketi taraf\u0131ndan yay\u0131nlanan bir sekt\u00f6r yay\u0131n\u0131 olan Recorded Future, yak\u0131n zamanda\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/therecord.media\/106-italian-mafia-members-arrested-for-sim-swapping-bec-scams-phishing\/\">, \u0130talyan mafyas\u0131n\u0131n 106 \u00fcyesinin,<\/a>\u00a0SIM kart takas\u0131 ve \u0130\u015f E-posta Uzla\u015fmas\u0131 (BEC) \u015femalar\u0131 da dahil olmak \u00fczere bir dizi siber su\u00e7 faaliyetiyle ba\u011flant\u0131l\u0131\u00a0<a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/therecord.media\/106-italian-mafia-members-arrested-for-sim-swapping-bec-scams-phishing\/\">olarak tutukland\u0131\u011f\u0131<\/a>\u00a0bir davaya dikkat \u00e7ekti\u00a0. SIM kart takas\u0131, bir banka hesab\u0131 oturum a\u00e7ma i\u015flemini ikili kimlik do\u011frulamas\u0131 yapmak ve elektronik doland\u0131r\u0131c\u0131l\u0131k yapmak i\u00e7in bir ki\u015finin telefonunu taklit etmek i\u00e7in sahte SIM kartlar\u0131n kullan\u0131lmas\u0131n\u0131 i\u00e7erir; BEC ayr\u0131ca kurbanlar\u0131 e-posta yoluyla hileli olarak para g\u00f6ndermeye ikna etmeyi de i\u00e7erir. FBI\u2019a g\u00f6re su\u00e7lar genellikle birbirine ba\u011fl\u0131 ve her y\u0131l milyarlarca i\u015f ve ki\u015fisel kay\u0131p i\u015flemek i\u00e7in kullan\u0131l\u0131yor.<\/p>\n<p>Ancak, siber su\u00e7 soru\u015fturmalar\u0131n\u0131n do\u011fas\u0131 gere\u011fi, sald\u0131r\u0131dan hemen sonra sald\u0131rganla ilgili herhangi bir bilgiyi bilmemizin olas\u0131 olmad\u0131\u011f\u0131 anlam\u0131na gelir.\u00a0Sald\u0131r\u0131n\u0131n nereden kaynakland\u0131\u011f\u0131n\u0131 belirlemek bile haftalar, aylar veya bazen y\u0131llar alabilir.\u00a0Bu, su\u00e7u haber yapan bir gazeteci i\u00e7in \u00e7e\u015fitli zorluklar sunar.\u00a0Gazeteciler, failin belirsizli\u011fi ile kar\u015f\u0131 kar\u015f\u0131ya kald\u0131klar\u0131nda a\u015fa\u011f\u0131daki ipu\u00e7lar\u0131na dikkat etmelidir:<\/p>\n<ol>\n<li>Siber ara\u015ft\u0131rmalar kesin bir bilim olmaktan \u00e7ok uzakt\u0131r.\u00a0M\u00fcfetti\u015fler veya uzmanlar taraf\u0131ndan, ister bir ulus devlet, ister bir \u201chacker\u201d grubu ya da bir ki\u015fi olsun \u2013 belirli bir failin olaya kar\u0131\u015fm\u0131\u015f olabilece\u011fine dair iddialar, \u00f6zellikle olaydan hemen sonra, genellikle yanl\u0131\u015ft\u0131r.\u00a0Bu iddialar dikkatli bir \u015fekilde ele al\u0131nmal\u0131d\u0131r.<\/li>\n<li>Siber su\u00e7lular, \u00f6zellikle karma\u015f\u0131k sald\u0131r\u0131lar s\u0131ras\u0131nda kimliklerini gizlemek i\u00e7in bir\u00e7ok katman kullan\u0131r.\u00a0Su\u00e7lu oldu\u011fundan \u015f\u00fcphelenilen bir bilgisayar korsan\u0131 hakk\u0131ndaki ilk bilgiler, olas\u0131 bir oyalama olarak ele al\u0131nmal\u0131d\u0131r.\u00a0Muhabirler, soru\u015fturman\u0131n ne kadar s\u00fcrebilece\u011fi konusunda dinleyicilerini bilgilendirmeye \u00f6zen g\u00f6stermelidir.<\/li>\n<\/ol>\n<p>Bu, siber denklemin cezai y\u00f6n\u00fcnden kaynak bulmay\u0131 son derece zorla\u015ft\u0131r\u0131yor.\u00a0Bununla birlikte, siber su\u00e7 i\u015fleyen birinin sizinle konu\u015fmas\u0131n\u0131, bak\u0131\u015f a\u00e7\u0131s\u0131n\u0131 ve su\u00e7un i\u015flenmesinin kendi bak\u0131\u015f a\u00e7\u0131s\u0131ndan nas\u0131l g\u00f6r\u00fcnd\u00fc\u011f\u00fcn\u00fc a\u00e7\u0131klamas\u0131n\u0131 sa\u011flaman\u0131n, istekli bir kurban bulmaktan \u00e7ok daha kolay oldu\u011funu buldum. konu\u015fmak.\u00a0Bu da bizi bir sonraki sorunumuza g\u00f6t\u00fcr\u00fcr.<\/p>\n<p><strong>Kurbanlar<\/strong><\/p>\n<p>Bir siber su\u00e7 failinin kimli\u011fi ilk ba\u015fta net olmayabilece\u011finden, gazeteciler genellikle odaklar\u0131n\u0131 \u00e7abucak ma\u011fdura kayd\u0131r\u0131rlar \u2013 genellikle anlay\u0131\u015fs\u0131z bir \u015firket veya bir devlet kurumu, her ikisi de ger\u00e7ek veya alg\u0131lanan bir gecikme nedeniyle kamuoyunun tepkisine e\u011filimli olabilir. \u00f6zel vatanda\u015f\/t\u00fcketici verilerinin korunmas\u0131.<\/p>\n<p>Bir gazetecinin bu varl\u0131klar\u0131n hat\u0131rlamak i\u00e7in Oysa \u00f6nemli olan\u00a0<em>olan<\/em>\u00a0ma\u011fdurlar ve bunlar su\u00e7 etkilenebilir ki\u015fiye istihdam. Sald\u0131r\u0131ya u\u011frayan bir \u015firketin bireysel teknoloji ve g\u00fcvenlik \u00e7al\u0131\u015fanlar\u0131, \u00f6zellikle kal\u0131c\u0131 k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m veya fidye yaz\u0131l\u0131m\u0131 durumunda, bir sald\u0131r\u0131y\u0131 d\u00fczeltmek i\u00e7in aylar harcayabilir. Ma\u011fdur \u015firketlerin teknik \u00e7al\u0131\u015fanlar\u0131, travma sonras\u0131 stres bozuklu\u011fu (TSSB) ile m\u00fccadele ettiklerini bildirdi. Di\u011ferleri g\u00fcnlerce ofislerinde uyurlar ve sald\u0131r\u0131 i\u00e7in onlar\u0131 ki\u015fisel olarak su\u00e7layan m\u00fc\u015fterilerinden veya meslekta\u015flar\u0131ndan gelen \u015fiddetli tacizlerle kar\u015f\u0131 kar\u015f\u0131ya kal\u0131rlar.<\/p>\n<p>Do\u011frudur, baz\u0131 \u015firketler g\u00fcvenlik konusunda ihmalkard\u0131r ve baz\u0131lar\u0131 paralar\u0131n\u0131 nereye harcayacaklar\u0131 ve kilit g\u00fcvenlik veya teknoloji rolleri i\u00e7in kimi i\u015fe alacaklar\u0131 konusunda yanl\u0131\u015f se\u00e7imler yapmaktad\u0131r.\u00a0Evet, baz\u0131 devlet kurumlar\u0131 ve kar amac\u0131 g\u00fctmeyen kurulu\u015flar, y\u00f6netim yakla\u015f\u0131mlar\u0131nda hantald\u0131r ve eski teknolojiye g\u00fcvenirler.\u00a0Di\u011ferleri olduk\u00e7a g\u00fcnceldir ve sorumlu y\u00f6netim uygular, ancak bir sald\u0131rgan\u0131n yararlanabilece\u011fi tek bir hata yapar.<\/p>\n<p>Yine de gazeteciler kurban ve fail aras\u0131ndaki \u00e7izgiyi geleneksel su\u00e7 habercili\u011finde kabul edilemeyecek \u015fekilde bulan\u0131kla\u015ft\u0131r\u0131yor.\u00a0Bunun yerine, ma\u011fduru ve neden hedef al\u0131nd\u0131klar\u0131n\u0131 anlamak, su\u00e7u anlamam\u0131za yard\u0131mc\u0131 olabilir.\u00a0Ma\u011fdurun g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n incelenmesi bu s\u00fcrecin bir par\u00e7as\u0131d\u0131r, ancak su\u00e7u ba\u015fka bir varl\u0131\u011f\u0131n i\u015fledi\u011fi ger\u00e7e\u011fini gizlememelidir.Siber g\u00fcvenlikle ilgili bir habere yakla\u015fan muhabirlerin, haberin i\u00e7indeki t\u00fcm ulusal ve uluslararas\u0131 oyuncular\u0131 anlamas\u0131 gerekecek.<\/p>\n<p>Siber su\u00e7lar\u0131 raporlamak, o halde, incelikli bir bak\u0131\u015f a\u00e7\u0131s\u0131 gerektirir.\u00a0Su\u00e7lu veya su\u00e7lular\u0131n kimli\u011fi kolayca belli olmasa da, yine de su\u00e7 unsuru vard\u0131r.\u00a0Sald\u0131r\u0131ya kar\u0131\u015fan ki\u015fi veya kurum veya \u00fclke hakk\u0131nda istihbarat elde etmek, t\u0131pk\u0131 kolluk kuvvetleri ve di\u011fer m\u00fcfetti\u015fler i\u00e7in oldu\u011fu gibi, bir siber su\u00e7 gazetecisinin devam eden bir sorumlulu\u011fu olmal\u0131d\u0131r.<\/p>\n<p>Sa\u011flam kaynak bulman\u0131n en \u00f6nemli oldu\u011fu yer buras\u0131d\u0131r. Bir ihlalin nas\u0131l oldu\u011funu anlamak i\u00e7in muhabirler, ihlale en yak\u0131n olan ve ihlalin ne anlama geldi\u011fini ve yan\u0131t\u0131n ne anlama geldi\u011fini yorumlayabilen ki\u015filerden arka planda bile ger\u00e7ekleri almak i\u00e7in ellerinden gelenin en iyisini yapmal\u0131d\u0131r. Bu kaynaklar\u0131 yeti\u015ftirmek \u00e7ok zordur. Bir \u00e7al\u0131\u015fan\u0131 i\u015f s\u00f6zle\u015fmesini muhtemelen ihlal etmeye ve arka planda konu\u015fmaya ikna etmek zordur, k\u0131demli bir g\u00fcvenlik \u00e7al\u0131\u015fan\u0131n\u0131 \u2013 b\u00fcy\u00fck olas\u0131l\u0131kla gizli bilgiler y\u00fcz\u00fcnden gazetecilerle kar\u0131\u015fmamaya \u00e7al\u0131\u015fm\u0131\u015ft\u0131r \u2013 ikna etmek daha da zordur.<\/p>\n<p>Ancak muhabirler, ihlale en yak\u0131n ki\u015filerden olu\u015fan bir \u00e7ember olu\u015fturmaya \u00e7al\u0131\u015fmal\u0131 ve onlara ula\u015fmal\u0131d\u0131r.\u00a0Yorum yapabilecek tek uzmanlar d\u0131\u015far\u0131dan ve olay hakk\u0131nda do\u011frudan bilgisi olmayan ki\u015filerse, muhabirler son zamanlarda siperlerde bulunmayan teorisyenler veya akademisyenlerin aksine siber g\u00fcvenlik pratisyenlerini se\u00e7me konusunda g\u00fc\u00e7l\u00fc bir tercih yapmal\u0131d\u0131r.\u00a0Uygulay\u0131c\u0131lar, bu durumda, son 12 ay i\u00e7inde bir t\u00fcr uygulamal\u0131 siber g\u00fcvenlik rollerinde bulunmu\u015f i\u015f\u00e7ilerdir.K\u00fcresel payda\u015flar i\u00e7inde kaynak geli\u015ftirmek, siber g\u00fcvenlik konusu i\u00e7in hayati \u00f6nem ta\u015f\u0131maktad\u0131r.<\/p>\n<p><strong>D\u0131\u015f D\u00fcnya<\/strong><\/p>\n<p>Siber g\u00fcvenlik raporlamas\u0131n\u0131n geleneksel su\u00e7 raporlamas\u0131ndan farkl\u0131 bir ba\u015fka y\u00f6n\u00fc, d\u0131\u015f d\u00fcnyan\u0131n belirli bir su\u00e7un nas\u0131l alg\u0131land\u0131\u011f\u0131na g\u00f6re g\u00f6receli \u00f6nemidir.<\/p>\n<p>Siber g\u00fcvenlikle ilgili bir habere yakla\u015fan muhabirlerin, okuyucular\u0131n konuyu \u00e7ok y\u00f6nl\u00fc bir \u015fekilde anlamalar\u0131n\u0131 sa\u011flamak i\u00e7in, haberin i\u00e7indeki t\u00fcm ulusal ve uluslararas\u0131 akt\u00f6rler hakk\u0131nda bir anlay\u0131\u015f kazanmalar\u0131 gerekecektir.<\/p>\n<p>\u0130yi bir \u00f6rnek: Bir Teksas kasabas\u0131ndaki bir fidye yaz\u0131l\u0131m\u0131 olay\u0131 hakk\u0131nda yak\u0131n tarihli bir teknik inceleme yazarken, olay payda\u015flar\u0131 aras\u0131nda Texas A&amp;M \u00dcniversitesi (g\u00f6n\u00fcll\u00fcler dahil), yerel FBI ofisleri, Gizli Servis (kablosuz doland\u0131r\u0131c\u0131l\u0131k nedeniyle), ABD D\u0131\u015fi\u015fleri Bakanl\u0131\u011f\u0131 yer ald\u0131. \u0130\u00e7 G\u00fcvenlik ve Washington DC merkezli bir siber olay m\u00fcdahale \u015firketi. \u015eirket petrol ve gaz end\u00fcstrisinde oldu\u011fu ve Suudi Arabistan\u2019a ait oldu\u011fu i\u00e7in m\u00fcfetti\u015fler de g\u00f6nderdi. Suudi ekibi, Fransa merkezli belirli bir s\u00fcre\u00e7 m\u00fchendisli\u011fi yaz\u0131l\u0131m\u0131nda bir kusur ke\u015ffetti ve AB\u2019yi, Frans\u0131z h\u00fck\u00fcmetinin Ulusal Siber G\u00fcvenlik Ajans\u0131 ile birlikte ara\u015ft\u0131rmaya ba\u015flamas\u0131na neden oldu. Sonu\u00e7 olarak, ABD\u2019nin g\u00fcneybat\u0131s\u0131ndaki bu g\u00f6r\u00fcn\u00fc\u015fte izole edilmi\u015f sald\u0131r\u0131, hem ABD hem de Suudi Arabistan, bu Frans\u0131z yaz\u0131l\u0131m\u0131n\u0131 kullanan herhangi bir \u00fclke veya \u015firket i\u00e7in ulusal g\u00fcvenlik endi\u015felerini tetikledi.ayn\u0131 zamanda AB\u2019nin daha sa\u011flam yapt\u0131r\u0131ma y\u00f6nelik giri\u015fimi i\u00e7in bir testtir.<\/p>\n<p>&nbsp;<\/p>\n<p>Son ipucum, k\u00fcresel payda\u015flar aras\u0131nda kaynak geli\u015ftirmenin siber g\u00fcvenlik sorunu i\u00e7in hayati \u00f6nem ta\u015f\u0131d\u0131\u011f\u0131d\u0131r. Daha iyi ele almad\u0131\u011f\u0131m i\u00e7in hala pi\u015fman oldu\u011fum bir hikaye, ABD ba\u015fkan aday\u0131 Hillary Clinton\u2019\u0131n 2016 yar\u0131\u015f\u0131n\u0131n hacklenmesiyle, kampanyas\u0131 bir y\u0131l sonra gelen \u015fu anki Fransa cumhurba\u015fkan\u0131 Emmanuel Macron\u2019unki aras\u0131ndaki farklarla ilgiliydi. Eski kampanyaya Rus s\u0131zmas\u0131 hakk\u0131nda \u00e7ok \u015fey biliyor olsak da, Ruslar\u0131n Fransa ba\u015fkanl\u0131\u011f\u0131n\u0131 kazanan Macron\u2019un kampanyas\u0131na nas\u0131l etkili bir \u015fekilde zarar veremedi\u011finin tam hikayesini asla alamad\u0131k.<\/p>\n<p>Bunun \u00e7o\u011fu, Macron\u2019un siber g\u00fcvenlik ba\u015fkan\u0131n\u0131n Rus dezenformasyonunu tahmin etmek ve ona proaktif bir \u015fekilde yan\u0131t vermek i\u00e7in kulland\u0131\u011f\u0131 ilgi \u00e7ekici ve yenilik\u00e7i tekniklerle ilgili.\u00a0Bu, Macron\u2019un kampanyas\u0131n\u0131n sald\u0131r\u0131ya u\u011frad\u0131\u011f\u0131n\u0131 bildi\u011fi e-postalara yanl\u0131\u015f bilgiler yerle\u015ftirmeyi ve b\u00f6ylece onlara t\u00fcm operasyonu kamuya a\u00e7\u0131k bir \u015fekilde kolayca reddetme yetene\u011fi kazand\u0131rmay\u0131 i\u00e7eriyordu.\u00a0Frans\u0131z h\u00fck\u00fcmeti ve kampanya i\u00e7inde daha derin ili\u015fkiler geli\u015ftirebilseydim, ABD\u2019nin se\u00e7im g\u00fcvenli\u011finde yapt\u0131\u011f\u0131 ve tekrarlanmas\u0131 gerekmeyen hatalar hakk\u0131nda daha kapsaml\u0131 bir hikaye yaratabilirdim.\u00a0Belki okuyanlardan biri onun yerine yazar.<\/p>\n<p><strong>Ek kaynaklar<\/strong><\/p>\n<p><em><a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/gijn-org.translate.goog\/2014\/09\/26\/how-can-online-research-tools-help-investigative-reporters\/?_x_tr_sl=en&amp;_x_tr_tl=tr&amp;_x_tr_hl=en-GB\">\u00c7evrimi\u00e7i Ara\u015ft\u0131rma Ara\u00e7lar\u0131 Ara\u015ft\u0131rmac\u0131 Muhabirlere Nas\u0131l Yard\u0131mc\u0131 Olabilir?<\/a><\/em><\/p>\n<p><em><a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/gijn-org.translate.goog\/2017\/05\/23\/foia\/?_x_tr_sl=en&amp;_x_tr_tl=tr&amp;_x_tr_hl=en-GB\">Fidye Yaz\u0131l\u0131m\u0131n\u0131 Raporlamak i\u00e7in FOIA\u2019y\u0131 Kullanma<\/a><\/em><\/p>\n<p><em><a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/gijn-org.translate.goog\/2017\/02\/16\/investigating-a-cyberwar\/?_x_tr_sl=en&amp;_x_tr_tl=tr&amp;_x_tr_hl=en-GB\">Bir Siber Sava\u015f\u0131 Ara\u015ft\u0131rmak<\/a><\/em><\/p>\n<hr class=\"wp-block-separator\" \/>\n<figure class=\"alignleft\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-383308\" src=\"https:\/\/gijn.org\/wp-content\/uploads\/2021\/09\/Kate-Fazzinni-profile-picture.png\" alt=\"Kate Fazzinni profil resmi\" width=\"139\" height=\"135\" \/><\/figure>\n<p><em><strong><a rel=\"noopener\" target=\"_blank\" href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/www.cnbc.com\/kate-fazzini\/\">Kate Fazzini<\/a>\u00a0<\/strong>,<\/em>\u00a0<em>CNBC\u2019de siber g\u00fcvenlik ve teknoloji muhabiri. 2019 tarihli \u201c<\/em><a href=\"https:\/\/translate.google.com\/website?sl=en&amp;tl=tr&amp;u=https:\/\/read.macmillan.com\/lp\/kingdom-of-lies\/\" target=\"_blank\" rel=\"noreferrer noopener\"><em>\u201c<\/em><\/a><a href=\"https:\/\/read.macmillan.com\/lp\/kingdom-of-lies\/\" target=\"_blank\" rel=\"noreferrer noopener\">Kingdom of Lies: Unnerving Adventures in the World of Cybercrime<\/a><em>.\u201d\u00a0<\/em><em>kitab\u0131n\u0131n yazar\u0131d\u0131r.\u00a0George Washington \u00dcniversitesi\u2019nden siber g\u00fcvenlik stratejisi alan\u0131nda y\u00fcksek lisans derecesine sahiptir ve Georgetown \u00dcniversitesi\u2019nde uygulamal\u0131 istihbarat program\u0131nda yard\u0131mc\u0131 profes\u00f6rd\u00fcr.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Siber su\u00e7, dijital bir alanda ger\u00e7ekle\u015ftirilen herhangi bir su\u00e7 faaliyetidir. Siber su\u00e7un genellikle &#8220;hack&#8221; olarak tan\u0131mland\u0131\u011f\u0131n\u0131 d\u00fc\u015f\u00fcn\u00fcrken, bu d\u00fcnyan\u0131n par\u00e7as\u0131 olan ba\u015fka su\u00e7 t\u00fcrleri de vard\u0131r ve \u00e7ocuk pornografisi ticaretinden yasa d\u0131\u015f\u0131 fonlara, kaynak kodunun \u00e7al\u0131nmas\u0131na kadar her \u015fey bu d\u00fcnyan\u0131n bir par\u00e7as\u0131 haline gelir. <\/p>\n","protected":false},"author":3031167,"featured_media":391433,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_price":"","_stock":"","_tribe_ticket_header":"","_tribe_default_ticket_provider":"","_tribe_ticket_capacity":"0","_ticket_start_date":"","_ticket_end_date":"","_tribe_ticket_show_description":"","_tribe_ticket_show_not_going":false,"_tribe_ticket_use_global_stock":"","_tribe_ticket_global_stock_level":"","_global_stock_mode":"","_global_stock_cap":"","_tribe_rsvp_for_event":"","_tribe_ticket_going_count":"","_tribe_ticket_not_going_count":"","_tribe_tickets_list":"[]","_tribe_ticket_has_attendee_info_fields":false,"republication-tracker-tool-hide-widget":false,"footnotes":"","_tec_slr_enabled":"","_tec_slr_layout":""},"categories":[23200],"tags":[14334,4432,14413,14400,14412,14411],"gijn_topic":[],"series":[],"gijn_language":[17789],"gijn_region":[],"class_list":["post-550191","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kaynak","tag-araclar","tag-hack","tag-kaynak-kodu","tag-organize-suc-rehberi","tag-siber-suc","tag-siber-suclar","gijn_language-tr-tr"],"acf":[],"ticketed":false,"_links":{"self":[{"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/posts\/550191","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/users\/3031167"}],"replies":[{"embeddable":true,"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/comments?post=550191"}],"version-history":[{"count":0,"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/posts\/550191\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/media\/391433"}],"wp:attachment":[{"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/media?parent=550191"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/categories?post=550191"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/tags?post=550191"},{"taxonomy":"gijn_topic","embeddable":true,"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/gijn_topic?post=550191"},{"taxonomy":"series","embeddable":true,"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/series?post=550191"},{"taxonomy":"gijn_language","embeddable":true,"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/gijn_language?post=550191"},{"taxonomy":"gijn_region","embeddable":true,"href":"https:\/\/gijn.org\/tr\/wp-json\/wp\/v2\/gijn_region?post=550191"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}