{"id":80994,"date":"2018-10-26T10:40:15","date_gmt":"2018-10-26T07:40:15","guid":{"rendered":"https:\/\/www.enerjigazetesi.ist\/?p=80994"},"modified":"2018-10-26T10:50:08","modified_gmt":"2018-10-26T07:50:08","slug":"ukrayna-ve-polonyada-enerji-altyapilarina-yonelik-siber-saldirilar-incelendi","status":"publish","type":"post","link":"https:\/\/www.enerjigazetesi.ist\/en\/ukrayna-ve-polonyada-enerji-altyapilarina-yonelik-siber-saldirilar-incelendi\/","title":{"rendered":"(Turkish) Ukrayna ve Polonya\u2019da Enerji Altyap\u0131lar\u0131na Y\u00f6nelik Siber Sald\u0131r\u0131lar \u0130ncelendi"},"content":{"rendered":"

Sorry, this entry is only available in Turkish<\/a>. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.<\/p>

<\/p>\n

Siber sald\u0131r\u0131 grubu kritik altyap\u0131lar\u0131 hedef al\u0131yor…<\/h2>\n

Ukrayna ve Polonya’daki enerji \u015firketlerine y\u00f6nelik siber sald\u0131r\u0131lar\u0131 inceleyen ESET, BlackEnergy APT grubuna ili\u015fkin \u00e7e\u015fitli detaylar\u0131 ortaya \u00e7\u0131kard\u0131. GreyEnergy (Gri Enerji) olarak adland\u0131r\u0131lan bu tehdit akt\u00f6r\u00fc, ke\u015fif faaliyetlerine yo\u011funla\u015farak b\u00fcy\u00fck olas\u0131l\u0131kla gelecekteki siber sabotaj sald\u0131r\u0131lar\u0131na haz\u0131rlan\u0131yor.<\/strong><\/p>\n

Ukrayna’y\u0131 y\u0131llard\u0131r s\u0131k\u0131nt\u0131ya sokan BlackEnergy, Aral\u0131k 2015’te tarihte ilk kez bir siber sald\u0131r\u0131 sonucu 230 bin ki\u015fiyi elektriksiz b\u0131rak\u0131p karanl\u0131\u011fa g\u00f6merek dikkatleri \u00fczerine \u00e7ekti. Bu olay\u0131n meydana geldi\u011fi \"\"d\u00f6nemde ara\u015ft\u0131rmac\u0131lar farkl\u0131 bir zararl\u0131 yaz\u0131l\u0131m altyap\u0131s\u0131 tespit etmeye ba\u015flad\u0131 ve buna GreyEnergy ad\u0131n\u0131 verdi.<\/p>\n

Ara\u015ft\u0131rmay\u0131 y\u00fcr\u00fcten K\u0131demli G\u00fcvenlik Ara\u015ft\u0131rmac\u0131s\u0131 Anton Cherepanov, “Ge\u00e7ti\u011fimiz \u00fc\u00e7 y\u0131l i\u00e7erisinde GreyEnergy’nin Ukrayna ve Polonya’daki enerji \u015firketleri ve di\u011fer y\u00fcksek profilli hedeflere y\u00f6nelik ger\u00e7ekle\u015ftirilen sald\u0131r\u0131lara kar\u0131\u015ft\u0131\u011f\u0131n\u0131 g\u00f6rd\u00fck” \u015feklinde konu\u015ftu. Ukrayna enerji altyap\u0131s\u0131na y\u00f6nelik 2015’te ger\u00e7ekle\u015ftirilen sald\u0131r\u0131, BlackEnergy ara\u00e7lar\u0131n\u0131n kullan\u0131ld\u0131\u011f\u0131 bilinen en son operasyon oldu. Daha sonra TeleBots ad\u0131nda yeni bir APT alt grubunun varl\u0131\u011f\u0131n\u0131 belgelendi.<\/p>\n

BlackEnergy-GreyEnergy-Telebots <\/strong><\/p>\n

TeleBots, 2017’de diskleri silerek k\u00fcresel \u00e7aptaki i\u015f operasyonlar\u0131n\u0131 kesintiye u\u011fratan ve milyarlarca dolarl\u0131k zarara neden olan zararl\u0131 yaz\u0131l\u0131m NotPetya k\u00fcresel salg\u0131n\u0131yla tan\u0131n\u0131yor. Ara\u015ft\u0131rmac\u0131lar\u0131n yak\u0131n zamanda de\u011ferlendirdi\u011fi gibi TeleBots ayr\u0131ca end\u00fcstriyel kontrol sistemlerini hedefleyen en g\u00fc\u00e7l\u00fc ve modern zararl\u0131 yaz\u0131l\u0131mlardan olan Industroyer\u2019e ve 2016 y\u0131l\u0131nda Ukrayna’n\u0131n ba\u015fkenti Kiev’deki ikinci elektrik kesintisinin arkas\u0131ndaki grup gibi de g\u00f6r\u00fcn\u00fcyor.<\/p>\n

“GreyEnergy,TeleBots ile birlikte g\u00fcn y\u00fcz\u00fcne \u00e7\u0131kt\u0131, fakat daha iyi bilinen kuzeninden farkl\u0131 olarak GreyEnergy’nin faaliyetleri Ukrayna ile s\u0131n\u0131rl\u0131 de\u011fil ve \u015fu ana kadar zararl\u0131 olmad\u0131. Radar\u0131n alt\u0131ndan u\u00e7mak istiyorlar” diye yorumlad\u0131 Anton Cherepanov.<\/p>\n

Her siber su\u00e7a uygun mod\u00fcller <\/strong><\/p>\n

Kapsaml\u0131 yap\u0131lan analizine g\u00f6re, GreyEnergy zararl\u0131 yaz\u0131l\u0131m\u0131, hem BlackEnergy hem de TeleBots zararl\u0131 yaz\u0131l\u0131mlar\u0131yla yak\u0131ndan ili\u015fkili. Mod\u00fcler bir yap\u0131ya sahip olmas\u0131, i\u015flevselli\u011fini operat\u00f6r\u00fcn kurban\u0131n sistemlerine y\u00fckledi\u011fi belirli mod\u00fcllerin kombinasyonlar\u0131na ba\u011f\u0131ml\u0131 k\u0131l\u0131yor. Analizlerde a\u00e7\u0131klanan ke\u015fif ama\u00e7l\u0131 mod\u00fcller ise \u015funlar: Arka kap\u0131, dosya \u00e7\u0131karma, ekran g\u00f6r\u00fcnt\u00fcs\u00fc alma, keylogging, parola ve kimlik bilgileri h\u0131rs\u0131zl\u0131\u011f\u0131…<\/p>\n

Anton Cherepanov, \u201cEnd\u00fcstriyel Kontrol Sistemleri yaz\u0131l\u0131mlar\u0131n\u0131 ya da cihazlar\u0131n\u0131 \u00f6zel olarak hedefleyen bir mod\u00fcle rastlamad\u0131k. Ancak GreyEnergy operat\u00f6rlerinin SCADA yaz\u0131l\u0131m\u0131 ve sunucular\u0131n\u0131 \u00e7al\u0131\u015ft\u0131ran ICS kontrol i\u015f istasyonlar\u0131n\u0131 stratejik olarak hedeflediklerini g\u00f6zlemledik\u201d bilgisini payla\u015ft\u0131.<\/p>","protected":false},"excerpt":{"rendered":"

Sorry, this entry is only available in Turkish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language. Siber sald\u0131r\u0131 grubu kritik altyap\u0131lar\u0131 hedef al\u0131yor… Ukrayna ve Polonya’daki enerji \u015firketlerine y\u00f6nelik siber sald\u0131r\u0131lar\u0131 inceleyen ESET, BlackEnergy APT grubuna ili\u015fkin \u00e7e\u015fitli […]<\/p>\n","protected":false},"author":1,"featured_media":80995,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[51,53],"tags":[40586,40597,40589,40582,40593,40598,40599,140,40602,40590,40594,67,1009,2069,40581,28110,40583,40603,40584,40600,40595,40601,9906,40592,40587,40585,17703,40588,2584,40591,40596],"views":792,"_links":{"self":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/80994"}],"collection":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/comments?post=80994"}],"version-history":[{"count":4,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/80994\/revisions"}],"predecessor-version":[{"id":80999,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/80994\/revisions\/80999"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/media\/80995"}],"wp:attachment":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/media?parent=80994"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/categories?post=80994"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/tags?post=80994"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}