{"id":74445,"date":"2018-05-20T13:29:39","date_gmt":"2018-05-20T10:29:39","guid":{"rendered":"https:\/\/www.enerjigazetesi.ist\/?p=74445"},"modified":"2018-05-20T13:29:39","modified_gmt":"2018-05-20T10:29:39","slug":"enerji-sektorunde-siber-guvenlik","status":"publish","type":"post","link":"https:\/\/www.enerjigazetesi.ist\/en\/enerji-sektorunde-siber-guvenlik\/","title":{"rendered":"(Turkish) Enerji Sekt\u00f6r\u00fcnde Siber G\u00fcvenlik&#8230;"},"content":{"rendered":"<p class=\"qtranxs-available-languages-message qtranxs-available-languages-message-en\">Sorry, this entry is only available in <a href=\"https:\/\/www.enerjigazetesi.ist\/tr\/wp-json\/wp\/v2\/posts\/74445\" class=\"qtranxs-available-language-link qtranxs-available-language-link-tr\" title=\"Turkish\">Turkish<\/a>. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.<\/p><p><strong>Enerji Sekt\u00f6r\u00fc Siber G\u00fcvenlik (ESSG) \u00c7al\u0131\u015fma Grubunca haz\u0131rlanan Siber G\u00fcvenlik B\u00fclteni ile d\u00fcnyadan ve \u00fclkemizden g\u00fcncel siber g\u00fcvenlik haberleri derlenerek sunulmaktad\u0131r.<\/strong><\/p>\n<p><strong>Enerji Sekt\u00f6r\u00fcnde Kritik Ara\u015ft\u0131rma<\/strong><\/p>\n<p>Bank Info Security sitesinde yer alan habere g\u00f6re, Massachusetts merkezli CyberX \u015firketi taraf\u0131ndan 375 kurum \u00fczerinde yap\u0131lan bir \u00e7al\u0131\u015fmada, kurumlar\u0131n sistemlerindeki zay\u0131f noktalar ve zafiyetler ara\u015ft\u0131r\u0131ld\u0131.<br \/>\n\u00c7al\u0131\u015fma s\u00fcresince, s\u00f6z konusu kurumlar\u0131n a\u011f trafi\u011fi incelenerek a\u011fa ba\u011fl\u0131 cihazlar tespit edildi. Daha sonra derin paket muayenesi ve a\u011f trafi\u011fi analizini ile kurumlar\u0131n %58\u2019inin Modbus kulland\u0131\u011f\u0131 g\u00f6r\u00fcld\u00fc.<\/p>\n<p><img loading=\"lazy\" class=\"alignleft wp-image-74446 size-medium\" src=\"https:\/\/www.enerjigazetesi.ist\/wp-content\/uploads\/2018\/05\/siber-sald\u0131r\u0131-hacker-300x228.jpg\" alt=\"\" width=\"300\" height=\"228\" srcset=\"https:\/\/www.enerjigazetesi.ist\/wp-content\/uploads\/2018\/05\/siber-sald\u0131r\u0131-hacker-300x228.jpg 300w, https:\/\/www.enerjigazetesi.ist\/wp-content\/uploads\/2018\/05\/siber-sald\u0131r\u0131-hacker-768x583.jpg 768w, https:\/\/www.enerjigazetesi.ist\/wp-content\/uploads\/2018\/05\/siber-sald\u0131r\u0131-hacker-1024x778.jpg 1024w, https:\/\/www.enerjigazetesi.ist\/wp-content\/uploads\/2018\/05\/siber-sald\u0131r\u0131-hacker-500x380.jpg 500w, https:\/\/www.enerjigazetesi.ist\/wp-content\/uploads\/2018\/05\/siber-sald\u0131r\u0131-hacker-66x50.jpg 66w, https:\/\/www.enerjigazetesi.ist\/wp-content\/uploads\/2018\/05\/siber-sald\u0131r\u0131-hacker.jpg 1317w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>Uzmanlar taraf\u0131ndan Modbus TCP\u2019de \u00e7ok say\u0131da g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ve zafiyet bulundu. Bu a\u00e7\u0131kl\u0131klar\u0131n sald\u0131rganlar taraf\u0131ndan istismar edilebilece\u011fini s\u00f6ylendi.<\/p>\n<p>Kurumlar\u0131n %76\u2019s\u0131n\u0131n Windows\u2019un eski versiyonlar\u0131n\u0131 kulland\u0131\u011f\u0131 da tespit edildi. Microsoft\u2019un g\u00fcncellenmeyen sistemler i\u00e7in \u00fccretsiz g\u00fcvenlik deste\u011fi sa\u011flam\u0131yor olmas\u0131 kullan\u0131c\u0131lar\u0131 g\u00fcncelleme konusunda dikkatli olmaya zorlamaktad\u0131r. Bununla yan\u0131 s\u0131ra ara\u015ft\u0131rma, kurumlar\u0131n bilgi teknolojileri b\u00fct\u00e7esine ili\u015fkin yat\u0131r\u0131m planlar\u0131 konusunu da \u00f6ncelikli olarak ele almad\u0131\u011f\u0131n\u0131 g\u00f6stermi\u015ftir. Windows\u2019un eski versiyonlar\u0131n\u0131n kullan\u0131lmas\u0131n\u0131n EKS i\u00e7in risk te\u015fkil etti\u011fi uzmanlar taraf\u0131ndan ifade edilmi\u015ftir. Yap\u0131lan ara\u015ft\u0131rmada birka\u00e7 noktaya dikkat \u00e7ekilmektedir.<\/p>\n<p>S\u00f6z konusu kurumlar\u0131n neredeyse %60\u2019\u0131 \u015fifrelenmemi\u015f kullan\u0131c\u0131 giri\u015fi bilgileri kullan\u0131yor ve bu bilgiler a\u011f i\u00e7inde serbest\u00e7e gezebiliyor. Sald\u0131rganlar\u0131n bu \u015fifrelere ula\u015fmas\u0131n\u0131n \u00e7ok kolay oldu\u011fu de\u011ferlendirilmektedir. Ayr\u0131ca kurumlar\u0131n neredeyse yar\u0131s\u0131 Windows i\u015fletim sisteminde antivir\u00fcs<br \/>\nkullanm\u0131yor. EKS sa\u011flay\u0131c\u0131lar\u0131n\u0131n antivir\u00fcs kullan\u0131m\u0131 durumunda garantiyi ge\u00e7ersiz saymas\u0131 sebebiyle bu programlara ra\u011fbet olmuyor. Son olarak kurumlar\u0131n %10\u2019u k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n vermi\u015f oldu\u011fu zarardan habersiz. Bunlar\u0131n i\u00e7inde WannaCry, NotPetya ve Conficker solucan\u0131 gibi neredeyse geni\u015f \u00e7apl\u0131 etkileri olan sald\u0131r\u0131lar da var.<\/p>\n<p><strong>ENCS, enerji sekt\u00f6r\u00fc i\u00e7in RTBT Siber G\u00fcvenlik E\u011fitimi ba\u015flatt\u0131<\/strong><\/p>\n<p>ENCS, Avrupa \u00e7ap\u0131nda g\u00fcvenli kritik enerji \u015febeke ve altyap\u0131 entegrasyonu i\u00e7in \u00e7e\u015fitli payda\u015f gruplar\u0131 ve g\u00fcvenlik uzmanlar\u0131 ile ortak \u00e7al\u0131\u015fma yapan bir kurulu\u015ftur. ENCS, RTBT ekiplerini kurarak enerji sekt\u00f6r\u00fcnde siber g\u00fcvenlik uygulamalar\u0131 \u00fczerine e\u011fitimlere ba\u015flad\u0131.<\/p>\n<p>RTBT siber g\u00fcvenlik e\u011fitimi ile kat\u0131l\u0131mc\u0131lar, hacker ve savunma grubu olarak, enerji sekt\u00f6r\u00fcne \u00f6zel tasarlanm\u0131\u015f canl\u0131 bir sald\u0131r\u0131 senaryosuna tabi tutulacak. Canland\u0131rma senaryolar\u0131n\u0131n, bu t\u00fcr tehditlerin nas\u0131l tespit edilece\u011fi ve \u00e7\u00f6z\u00fclece\u011fi konusunda ihtiya\u00e7 duyulan bilginin peki\u015ftirilmesine yard\u0131mc\u0131 olaca\u011f\u0131 tahmin ediliyor.<\/p>\n<p>E\u011fitim kapsam\u0131nda Gridnet ad\u0131 verilen bir sim\u00fclasyon ortam\u0131 tasarlanm\u0131\u015ft\u0131r. E\u011fitim ortam\u0131na orta gerilim devre kesiciler, y\u00f6nlendiriciler, protokol a\u011f ge\u00e7itleri ve koruma r\u00f6leleri gibi fiziksel yard\u0131mc\u0131 cihazlar\u0131 yerle\u015ftirilmi\u015ftir. E\u011fitimin ilk iki g\u00fcn\u00fc i\u00e7in g\u00fcvenlik uzmanlar\u0131 taraf\u0131ndan farkl\u0131 siber sald\u0131r\u0131<br \/>\ntekniklerine ve \u00e7e\u015fitli savunma \u00f6nlemlerine ili\u015fkin detayl\u0131 bilgilendirme yap\u0131lmas\u0131 planlanm\u0131\u015ft\u0131r. \u00dc\u00e7\u00fcnc\u00fc g\u00fcn ise, enerji sekt\u00f6r\u00fcnden kat\u0131l\u0131mc\u0131lar\u0131n, k\u0131rm\u0131z\u0131 tak\u0131m ve mavi tak\u0131m olarak ikiye ayr\u0131lmas\u0131 planlanm\u0131\u015ft\u0131r.<\/p>\n<p>Son g\u00fcn yap\u0131lmas\u0131 planlanan uygulamal\u0131 e\u011fitimde k\u0131rm\u0131z\u0131 tak\u0131m, operasyonel teknoloji risklerine kar\u015f\u0131 y\u00fcksek donan\u0131ma sahip Gridnet&#8217;i kapatmaya \u00e7al\u0131\u015facakt\u0131r. K\u0131rm\u0131z\u0131 tak\u0131m kat\u0131l\u0131mc\u0131lar\u0131 bilgisayar korsan\u0131 gibi d\u00fc\u015f\u00fcnmeye zorlanacakt\u0131r. Mavi tak\u0131m ise g\u00fcvenlik izleme, ihlal tespiti ve olay \u00e7\u00f6z\u00fcmlemesi \u00fczerinde \u00e7al\u0131\u015farak sim\u00fcle edilmi\u015f bu enerji \u015febekesini savunmaya \u00e7al\u0131\u015facakt\u0131r.<\/p>\n<p><strong>Kaspersky Lab EKSler i\u00e7in 2017 y\u0131l\u0131n\u0131 de\u011ferlendirdi<\/strong><\/p>\n<p>2017, End\u00fcstriyel sistemlerde bili\u015fim g\u00fcvenli\u011finin yo\u011fun olarak g\u00fcndeme geldi\u011fi bir y\u0131l oldu. G\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131 taraf\u0131ndan, y\u00fczlerce yeni g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ke\u015ffedildi ve raporland\u0131; EKS ve teknolojik s\u00fcre\u00e7lerde yeni tehdit vekt\u00f6rleri konusunda uyar\u0131lar yap\u0131ld\u0131; hedefli sald\u0131r\u0131lar tespit edildi(\u00f6rne\u011fin, Shamoon 2.0 \/ StoneDrill). Stuxnetten sonra ilk defa fiziksel sistemleri hedef alan \u201ccyber<br \/>\nweapon\u201d ad\u0131 verilen bir toolset ke\u015ffedildi.<\/p>\n<p>Bununla birlikte, 2017 y\u0131l\u0131nda end\u00fcstriyel sistemler i\u00e7in en \u00f6nemli tehdit, \u015fifreleme fidye sald\u0131r\u0131lar\u0131 oldu. Kaspersky Lab ICS CERT raporuna g\u00f6re, y\u0131l\u0131n ilk yar\u0131s\u0131nda 33 farkl\u0131 \u015fifreleme yaz\u0131l\u0131m\u0131 ke\u015ffedildi. D\u00fcnyadaki 63 \u00fclkede say\u0131s\u0131z sald\u0131r\u0131 engellendi. WannaCry ve ExPetr&#8217;\u0131n y\u0131k\u0131c\u0131 ransomware sald\u0131r\u0131lar\u0131,<br \/>\nend\u00fcstriyel i\u015fletmelerinin temel \u00fcretim sistemlerini koruma y\u00f6nelik bak\u0131\u015f a\u00e7\u0131s\u0131n\u0131 de\u011fi\u015ftirmi\u015f g\u00f6r\u00fcn\u00fcyor.<\/p>\n<p><strong>Bad Rabbit Fidye Yaz\u0131l\u0131m\u0131 &#8216;EternalRomance&#8217; Exploitini Kullan\u0131yor<\/strong><\/p>\n<p>Cisco\u2019s Talos Security Intelligence taraf\u0131ndan yay\u0131nlanan yeni bir raporda Bad Rabbit fidye yaz\u0131l\u0131m\u0131n\u0131n EternalRomance exploitini kulland\u0131\u011f\u0131 ortaya \u00e7\u0131kt\u0131. Microsoft ve F-Secure de Bad Rabbit fidye yaz\u0131l\u0131m\u0131ndaki exploitin varl\u0131\u011f\u0131n\u0131 do\u011frulad\u0131.<\/p>\n<p>EternalRomance, birbirine ba\u011fl\u0131 Windows bilgisayarlar\u0131 aras\u0131nda veri aktar\u0131m\u0131 i\u00e7in bir protokol olan Microsoft&#8217;un Windows Server Message Block (SMB)&#8217;undaki bir kusurdan (CVE-2017-0145) yararlan\u0131r ve b\u00f6ylece Windows istemcileri ve sunucular\u0131 \u00fczerinde uzaktan kod y\u00fcr\u00fct\u00fclmesine olanak tan\u0131r. Kendinizi Bad Rabbit&#8217;ten korumak i\u00e7in WMI hizmetini devre d\u0131\u015f\u0131 b\u0131rakman\u0131z \u00f6nerilir. B\u00f6ylece, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n a\u011f\u0131n\u0131za yay\u0131lmas\u0131n\u0131 \u00f6nlenir. Ayr\u0131ca, sistemlerinizi d\u00fczenli olarak g\u00fcncelleyin ve sisteminizde iyi ve etkili bir antivir\u00fcs g\u00fcvenlik paketi bulundurun.<\/p>","protected":false},"excerpt":{"rendered":"<p>Sorry, this entry is only available in Turkish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.Enerji Sekt\u00f6r\u00fc Siber G\u00fcvenlik (ESSG) \u00c7al\u0131\u015fma Grubunca haz\u0131rlanan Siber G\u00fcvenlik B\u00fclteni ile d\u00fcnyadan ve \u00fclkemizden g\u00fcncel siber g\u00fcvenlik haberleri derlenerek sunulmaktad\u0131r. Enerji Sekt\u00f6r\u00fcnde [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":74446,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[53],"tags":[37721,67,1009,23311,37723,37726,37216,37724,37725,37722,16303,34032],"views":819,"_links":{"self":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/74445"}],"collection":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/comments?post=74445"}],"version-history":[{"count":1,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/74445\/revisions"}],"predecessor-version":[{"id":74447,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/74445\/revisions\/74447"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/media\/74446"}],"wp:attachment":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/media?parent=74445"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/categories?post=74445"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/tags?post=74445"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}