Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
www.hazarworld.com<br />
• Bu siber saldırılar hangi kurumları ne ölçüde<br />
hedef alabilir<br />
• Bahsedilen siber saldırılar hangi siber silahlar<br />
kullanılarak gerçekleştirilebilir<br />
• Bu siber saldırıların doğuracağı ekonomik,<br />
ticari, sosyal zararlar neler olabilir<br />
KRITIK ENERJI ALTYAPILARI IÇIN BIR YOL<br />
HARITASI: ALINAN DERSLER VE EN İYI<br />
UYGULAMALAR<br />
Kritik altyapılar için güvenliğin %100 sağlanması<br />
mümkün olmasa da, daha önce gerçekleşmiş<br />
siber saldırılardan çıkarılan dersler ve<br />
siber güvenlik anlamındaki en iyi uygulamalar<br />
kurumlar için önemli yol haritaları sunuyor.<br />
Bu çerçevede, Türkiye’deki kritik enerji<br />
altyapı profesyonelleri için birtakım öneriler<br />
getirmek mümkün:<br />
TÜRKİYE, DÜNYADA<br />
EN ÇOK SİBER<br />
SALDIRIYA UĞRAYAN<br />
6. ÜLKE.<br />
TURKEY IS THE<br />
SIXTH MOST<br />
FREQUENTLY<br />
TARGETED COUNTRY<br />
BY CYBER ATTACKS.<br />
Transportation, Maritime Affairs and<br />
Communications is considered as the primary<br />
course of action for the steps to be taken in<br />
the sense of cyber security in Turkey.<br />
National Cyber Incident Response Center<br />
(USOM) acts as the coordination mechanism<br />
in case Turkey encounters with a cyberattack.<br />
Other than that, a center was established<br />
in order for the cyber attacks to be<br />
reported and the reports made were as many<br />
as 23.475 until September 2014. The foundation<br />
of the Cyber Incident Response Team<br />
(SOME) was one of the most substantial<br />
steps. The institutional SOME efforts within<br />
Ministries and public institutions have been<br />
mostly completed and the efforts for establishing<br />
sectoral SOMEs are in progress.<br />
Cyber attacks against the energy sector constitute<br />
a major threat in Turkey. According to<br />
the US security firm Symantec, Turkish<br />
energy firms along with many European<br />
counterparts are facing attacks by the worm<br />
Dragonfly since the year of 2011. The cyberattack<br />
against TEİAŞ had wide media coverage<br />
in last November.<br />
All these developments lead us towards an<br />
important question: How prepared are the<br />
critical energy infrastructures in the prospective<br />
energy hub Turkey against a cyberattack<br />
In order to conduct this analysis in a<br />
systematic manner, first of all, relevant<br />
actors should answer certain questions:<br />
• What would be the sources of cyber<br />
attacks against critical energy infrastructures<br />
in Turkey<br />
• Which institutions could be targeted and<br />
to what degree<br />
• Which cyber weapons could be used in<br />
those cyber attacks<br />
• What would be the economic, commercial<br />
and social damages of those cyber attacks<br />
A ROADMAP FOR CRITICAL ENERGY<br />
INFRASTRUCTURES: LESSONS TAKEN AND<br />
BEST PRACTICES<br />
Even though it is impossible to provide<br />
100% security for critical infrastructures,<br />
the lessons taken from past cyber attacks<br />
and the best practices in the cyber security<br />
field provide significant roadmaps for institutions.<br />
In this framework, it is possible to<br />
offer several suggestions for CIP professionals<br />
in Turkey:<br />
• Integrated Security Concept: Cyber security<br />
concepts and policies should be considered<br />
within an integrated security system<br />
and should be included into institutional<br />
security policies. The security of the SCADA<br />
HAZAR WORLD<br />
29