{"id":79439,"date":"2018-09-28T12:05:45","date_gmt":"2018-09-28T09:05:45","guid":{"rendered":"https:\/\/www.enerjigazetesi.ist\/?p=79439"},"modified":"2018-09-28T12:05:45","modified_gmt":"2018-09-28T09:05:45","slug":"internet-baglantili-su-isiticisi-elektrik-sebekesini-cokertebilir-mi","status":"publish","type":"post","link":"https:\/\/www.enerjigazetesi.ist\/en\/internet-baglantili-su-isiticisi-elektrik-sebekesini-cokertebilir-mi\/","title":{"rendered":"(Turkish) \u0130nternet Ba\u011flant\u0131l\u0131 Su Is\u0131t\u0131c\u0131s\u0131, Elektrik \u015eebekesini \u00c7\u00f6kertebilir mi?"},"content":{"rendered":"

Sorry, this entry is only available in Turkish<\/a>. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.<\/p>

G\u00f6r\u00fcnen o ki cevap evet. Princeton \u00dcniversitesi’nden akademisyenlerin yapt\u0131\u011f\u0131 bir ara\u015ft\u0131rmaya g\u00f6re siber su\u00e7lular, internete ba\u011fl\u0131 ev cihazlar\u0131n\u0131 bir botnete d\u00f6n\u00fc\u015ft\u00fcrebilir ve b\u00f6ylece b\u00fcy\u00fck \u00f6l\u00e7ekli kararmalara yol a\u00e7abilecek \u015fekilde elektrik \u015febekelerini \u00e7\u00f6kertebilirler. Bilgi g\u00fcvenli\u011fi kurulu\u015fu ESET, \u00e7e\u015fitli felaket senaryolar\u0131n\u0131 inceleyen bu akademik \u00e7al\u0131\u015fmay\u0131 mercek alt\u0131na ald\u0131. <\/strong><\/p>\n

Ara\u015ft\u0131rmalar, \u00f6zellikle ak\u0131ll\u0131 ev sistemleri ya da mobil uygulamalar taraf\u0131ndan kontrol edilen ve y\u00fcksek oranda enerji t\u00fcketen ak\u0131ll\u0131 f\u0131r\u0131nlar, su \u0131s\u0131t\u0131c\u0131lar\u0131 ve klimalar gibi internete ba\u011flanabilen cihazlara \"\"odakland\u0131. Princeton \u00dcniversitesi arademisyenleri herhangi bir cihazda yer alan belirli bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 i\u015faret etmemekle birlikte, bu cihazlar\u0131n korsanlar taraf\u0131ndan ele ge\u00e7irildi\u011fi bir senaryoyu canland\u0131rd\u0131lar. Bilgi g\u00fcvenli\u011fi kurulu\u015fu ESET, bu s\u0131ra d\u0131\u015f\u0131 sald\u0131r\u0131 y\u00f6ntemini inceledi.<\/p>\n

\u015eebekenin kontrol sistemini ele ge\u00e7irmeden sald\u0131r\u0131 yapabilme ihtimali<\/strong><\/p>\n

Bu fikrin kan\u0131t\u0131 niteli\u011findeki sald\u0131r\u0131lar\u0131n alt\u0131nda yatan ola\u011fand\u0131\u015f\u0131 \u015feyler, tehdit akt\u00f6rlerinin \u015febekenin y\u00f6netimsel kontrol ve veri toplama (SCADA) sistemlerini ele ge\u00e7irmeden kesintiye neden olabilmesine dayan\u0131yor. Ayr\u0131ca \u201cMadIoT\u201d<\/strong> (Manipulation of demand via IoT) ad\u0131 verilen bu sald\u0131r\u0131lar, a\u011f\u0131n do\u011frudan arz k\u0131sm\u0131n\u0131 hedef almaktansa, talep taraf\u0131n\u0131 hedef al\u0131yor. Ara\u015ft\u0131rmac\u0131lar MadIoT sald\u0131r\u0131lar\u0131n\u0131n kaynaklar\u0131n\u0131, “da\u011f\u0131t\u0131lm\u0131\u015f yap\u0131lar\u0131ndan \u00f6t\u00fcr\u00fc \u015febeke operat\u00f6r\u00fc taraf\u0131ndan tespit edilmesi ve ba\u011flant\u0131s\u0131n\u0131n kesilmesi \u00e7ok zor” olarak yorumluyorlar. Dahas\u0131, sald\u0131rganlar \u015febekenin y\u00f6netimsel detaylar\u0131 hakk\u0131nda bilgiye ihtiya\u00e7 duymayaca\u011f\u0131 i\u00e7in sald\u0131r\u0131lar kolayca tekrar edilebilir.<\/p>\n

Sald\u0131r\u0131 sim\u00fclasyonlar\u0131 yap\u0131ld\u0131<\/strong><\/p>\n

Akademisyenler taraf\u0131ndan \u00fc\u00e7 ana sald\u0131r\u0131 senaryosu ortaya at\u0131ld\u0131: Birincisi, y\u00fcksek voltajl\u0131 internet ba\u011flant\u0131l\u0131 cihazlar\u0131n g\u00fc\u00e7 gereksinimlerinde ya\u015fanan ani art\u0131\u015f veya d\u00fc\u015f\u00fc\u015fler nedeniyle, \u00e7o\u011fu zaman ayn\u0131 anda a\u00e7\u0131l\u0131p kapanmak suretiyle frekans karars\u0131zl\u0131\u011f\u0131na sebep olan sald\u0131r\u0131lar \u015feklinde ortaya \u00e7\u0131kt\u0131. \u00c7al\u0131\u015fmada “b\u00f6yle bir sald\u0131r\u0131 i\u00e7in sald\u0131rganlar\u0131n hedeflenen co\u011frafi b\u00f6lgede yer alan 90 bin klima veya 18 bin elektrikli su \u0131s\u0131t\u0131c\u0131s\u0131na eri\u015fmeye ihtiya\u00e7 duydu\u011fu” belirtildi.<\/p>\n

\u0130kincisi; tehdit akt\u00f6rleri, g\u00fc\u00e7 talebini yeniden da\u011f\u0131tarak hat ar\u0131zalar\u0131na neden olabilir: Bu da nihai olarak pe\u015fpe\u015fe \u015febeke \u00e7\u00f6kmeleriyle sonu\u00e7lan\u0131r. Bu, \u00f6rnek olarak bir IP aral\u0131\u011f\u0131ndaki cihazlar\u0131n \u00e7al\u0131\u015ft\u0131r\u0131lmas\u0131 ve ba\u015fka bir IP aral\u0131\u011f\u0131ndaki cihazlar\u0131n kapat\u0131lmas\u0131yla di\u011fer alanlardaki talebin azalt\u0131larak, baz\u0131 yerlerdeki talebin art\u0131r\u0131lmas\u0131 yoluyla yap\u0131labilir. Ger\u00e7ekle\u015ftirilecek bu t\u00fcrden bir sald\u0131r\u0131da, \u201cyakla\u015f\u0131k 210 bin kliman\u0131n ele ge\u00e7irilmesi gerekti\u011fi\u201c belirtiliyor.<\/p>\n

\u00dc\u00e7\u00fcnc\u00fc senaryoda ise talep e\u011frisi, elektrik pazar\u0131ndaki baz\u0131 hizmetlerden faydalanmak amac\u0131yla \u015febekenin i\u015flem maliyetlerini art\u0131rmak \u00fczere kontrol ediliyor. Bu durumda sald\u0131r\u0131, altyap\u0131ya zarar vermekten ziyade, maddi ama\u00e7lar do\u011frultusunda ger\u00e7ekle\u015ftiriliyor.<\/p>\n

DDoS sald\u0131r\u0131lar\u0131na benziyor<\/strong><\/p>\n

MadIoT sald\u0131r\u0131lar\u0131, da\u011f\u0131t\u0131lm\u0131\u015f hizmet reddi (DDoS) sald\u0131r\u0131lar\u0131yla benzerlik g\u00f6steriyor. DDoS sald\u0131r\u0131lar\u0131nda, bir botnete ba\u011flanan cihazlar, web sitesi veya sunucu hizmetini kullan\u0131lamayacak duruma getirecek yo\u011funlukta trafik olu\u015ftururlar. DDoS sald\u0131r\u0131lar\u0131n\u0131n aksine, MadIoT sald\u0131r\u0131lar\u0131n\u0131n \u00f6nemli fark\u0131, ele ge\u00e7irilen botlar\u0131n d\u00fcnyan\u0131n her yerine da\u011f\u0131lmas\u0131ndan ziyade, belirli bir alandaki bir g\u00fc\u00e7 sisteminin s\u0131n\u0131rlar\u0131 i\u00e7inde yer almas\u0131 gerekti\u011fidir.<\/p>\n

Akademisyenler bu \u00e7al\u0131\u015fmayla neyi ama\u00e7l\u0131yor?<\/strong><\/p>\n

\u0130lgililere y\u00f6nelik bir dizi tavsiye verebilmek hedefleyen akademisyenler ama\u00e7lar\u0131n\u0131; “Yapt\u0131\u011f\u0131m\u0131z i\u015f, IoT ve g\u00fc\u00e7 \u015febekeleriyle birlikte di\u011fer a\u011flar aras\u0131ndaki g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ba\u011flant\u0131lar\u0131na \u0131\u015f\u0131k tutarak, hem sistem g\u00fcvenli\u011fi hem de enerji m\u00fchendisli\u011fi topluluklar\u0131n\u0131n dikkatini \u00e7ekmek” olarak \u00f6zetlemektedir.<\/p>\n

Bu ara\u015ft\u0131rma sayesinde \u015fu konular da tekrar \u00f6nem kazan\u0131yor: \u015eebeke operat\u00f6rleri, altyap\u0131lar\u0131n\u0131n ani y\u00fck de\u011fi\u015fimlerine kar\u015f\u0131 dayan\u0131kl\u0131 oldu\u011fundan emin olmal\u0131. IoT cihaz \u00fcreticileri ise g\u00fcvenlik a\u00e7\u0131klar\u0131 i\u00e7in \u00fcr\u00fcnlerini titiz bir \u015fekilde test ederek cihazlar\u0131n\u0131n siber sald\u0131r\u0131lar i\u00e7in a\u00e7\u0131k birer hedef olmamas\u0131n\u0131 sa\u011flamal\u0131d\u0131rlar.<\/p>","protected":false},"excerpt":{"rendered":"

Sorry, this entry is only available in Turkish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.G\u00f6r\u00fcnen o ki cevap evet. Princeton \u00dcniversitesi’nden akademisyenlerin yapt\u0131\u011f\u0131 bir ara\u015ft\u0131rmaya g\u00f6re siber su\u00e7lular, internete ba\u011fl\u0131 ev cihazlar\u0131n\u0131 bir botnete d\u00f6n\u00fc\u015ft\u00fcrebilir ve b\u00f6ylece […]<\/p>\n","protected":false},"author":1,"featured_media":79441,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[51,53],"tags":[34979,19638,39655,26353,67,1009,39656,39657,39654],"views":1358,"_links":{"self":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/79439"}],"collection":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/comments?post=79439"}],"version-history":[{"count":1,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/79439\/revisions"}],"predecessor-version":[{"id":79442,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/79439\/revisions\/79442"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/media\/79441"}],"wp:attachment":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/media?parent=79439"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/categories?post=79439"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/tags?post=79439"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}