{"id":10129,"date":"2021-10-07T12:40:17","date_gmt":"2021-10-07T09:40:17","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=10129"},"modified":"2021-10-07T12:40:17","modified_gmt":"2021-10-07T09:40:17","slug":"ransomware-best-protection-2021","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/ransomware-best-protection-2021\/10129\/","title":{"rendered":"Fidye yaz\u0131l\u0131m\u0131: Buna kar\u015f\u0131 en iyi ne koruma sa\u011flar?"},"content":{"rendered":"

Neden oldu\u011fu zarar, \u015feytani d\u00fczeyde bir karma\u015f\u0131kl\u0131k ve d\u00fcnya man\u015fetlerini s\u00fcsleme a\u00e7\u0131s\u0131ndan g\u00fcn\u00fcm\u00fcz siber d\u00fcnyas\u0131n\u0131n 1 numaral\u0131 en rahats\u0131zl\u0131k veren ba\u015f belas\u0131<\/span> can s\u0131k\u0131c\u0131 konu nedir? Tahmin edebilir misiniz?..<\/p>\n

Ah, bunu yaz\u0131n\u0131n ba\u015fl\u0131\u011f\u0131nda s\u00f6ylemi\u015f olabiliriz, neyse evet, tabi ki bu fidye yaz\u0131l\u0131m\u0131<\/strong> (di\u011fer bir deyi\u015fle kripto k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m<\/a>, ancak ben daha basit, s\u00f6ylemesi daha kolay ve profesyonel terim olan \u2018fidye yaz\u0131l\u0131m\u0131\u2019 ile devam edece\u011fim).<\/p>\n

\u015e\u00f6yle ki: Fidye yaz\u0131l\u0131m\u0131, k\u00f6t\u00fcd\u00fcr. Peki ne kadar k\u00f6t\u00fc?..<\/p>\n

Asl\u0131nda olduk\u00e7a<\/em> k\u00f6t\u00fc ve y\u0131llard\u0131r s\u00fcrekli olarak k\u00f6t\u00fc olmaya devam ediyor, dijital olan her \u015feye \u00e7ok derinden n\u00fcfuz etti ve pek \u00e7ok b\u00fcy\u00fck i\u015fletme<\/a> (dolayl\u0131 olarak sebep oldu\u011fu insan \u00f6l\u00fcmleriyle<\/a>) bu durumdan bunald\u0131 ve (b\u00fcy\u00fck i\u015fletmeler) o kadar b\u00fcy\u00fck tutarlarda fidye \u00f6demeler yapt\u0131lar<\/a> ki, d\u00fcnya medyas\u0131 art\u0131k buna neredeyse ilgi g\u00f6stermemeye ba\u015flad\u0131. Her g\u00fcn ya\u015fanan s\u0131radan bir olaya d\u00f6n\u00fc\u015ferek man\u015fetlerden d\u00fc\u015ft\u00fc. Ve hepsinden endi\u015fe verici olan da \u015fu: Siber pislikler (b\u00f6yle bir dil kulland\u0131\u011f\u0131m i\u00e7in \u00f6z\u00fcr dilerim ama bu insanlar\u0131 tan\u0131mlaman\u0131n en iyi yolu bu) kazan\u0131yor; siber gasp\u00e7\u0131lar, g\u00f6r\u00fcn\u00fc\u015fe g\u00f6re g\u00fcn\u00fcm\u00fcz\u00fcn dijital d\u00fcnyas\u0131n\u0131n ka\u00e7\u0131n\u0131lmaz bir ger\u00e7e\u011fi haline geliyor ve bu konuda yap\u0131labilecek hi\u00e7bir \u015fey yok gibi g\u00f6r\u00fcn\u00fcyor.<\/p>\n

Ve \u015fu \u00fc\u00e7 nedenden dolay\u0131 kazan\u0131yorlar:<\/p>\n

\u00dc\u00e7\u00fcnc\u00fcs\u00fc<\/strong> (sondan ba\u015flayaca\u011f\u0131m): \u2018b\u00fcy\u00fckler\u2019 h\u00e2l\u00e2 okul bah\u00e7esindeki<\/span> jeopolitik oyunlar\u0131na devam ediyor, bu da ulusal siber polislerin koordinasyon i\u00e7inde arama, yakalama, tutuklama faaliyetleri ve fidye yaz\u0131l\u0131m\u0131 operat\u00f6rlerini su\u00e7lama konusunda operasyonel bilgi al\u0131\u015fveri\u015finde bulunmas\u0131n\u0131 engelliyor.<\/p>\n

\u0130kincisi<\/strong>: Kullan\u0131c\u0131lar, bu t\u00fcr sald\u0131r\u0131lara cevap verecek kadar haz\u0131rl\u0131kl\u0131 \u2013 g\u00fc\u00e7l\u00fc de\u011fil.<\/p>\n

Ve birincisi<\/strong> (en \u00f6nemlisi): T\u00fcm deterjanlar ayn\u0131 de\u011fildir,<\/span> fidye yaz\u0131l\u0131m\u0131 \u00f6nleme teknolojileri \u2013 uzun bir s\u00fcredir \u2013 ayn\u0131 etkinlikte de\u011fildir.<\/p>\n

\u00c7o\u011fu zaman, siber g\u00fcvenlik \u00e7\u00f6z\u00fcmlerinde yer alan fidye yaz\u0131l\u0131m\u0131 \u00f6nleme teknolojilerinin etkili oldu\u011fu iddia edilir. Ancak pratikte, s\u00f6yledikleri \u015feyi tam olarak yapmazlar<\/a> ya da \u2013 yapsalar bile tutarl\u0131 bir \u015fekilde yapamazlar. Peki bu ne anlama geliyor? Kullan\u0131c\u0131lar\u0131n \u00e7ok profesyonel, teknik olarak karma\u015f\u0131k fidye yaz\u0131l\u0131m\u0131 sald\u0131r\u0131lar\u0131na kar\u015f\u0131 \u015fa\u015f\u0131rt\u0131c\u0131 d\u00fczeyde korumas\u0131z olmalar\u0131.<\/p>\n

Bunu sadece ben s\u00f6ylemiyorum. G\u00fcvenilir Alman test enstit\u00fcs\u00fcn\u00fcn \u2013 AV-TEST<\/a> \u2013 s\u00f6ylediklerine de bir bak\u0131n. Siber g\u00fcvenlik \u00fcr\u00fcnlerinin fidye yaz\u0131l\u0131mlar\u0131yla m\u00fccadele etme yetene\u011fi \u00fczerine karma\u015f\u0131k bir ara\u015ft\u0131rma yay\u0131nlad\u0131lar. Testlerde pazarlama iddialar\u0131n\u0131 (\u2018Terlemeye kar\u015f\u0131 48 saat etkili deodorant\u2019 tarz\u0131) dikkate almad\u0131lar ve sadece yayg\u0131n olarak bilinen vah\u015fi fidye yaz\u0131l\u0131m\u0131 \u00f6rneklerini kullanmad\u0131lar. Ger\u00e7ek \u2018sava\u015f meydan\u0131\u2019 ko\u015fullar\u0131nda en iyi siber g\u00fcvenlik \u00e7\u00f6z\u00fcmlerinden birka\u00e7\u0131n\u0131 ku\u015fatma alt\u0131na ald\u0131lar ve bug\u00fcn ger\u00e7ekten var olan her t\u00fcrl\u00fc ger\u00e7ek fidye yaz\u0131l\u0131m\u0131 m\u00fchimmat\u0131yla bu \u00e7\u00f6z\u00fcmleri top ate\u015fine tuttular. Belirtildi\u011fi gibi, sadece vah\u015fi fidye yaz\u0131l\u0131m\u0131 \u00f6rnekleri de\u011fil, ayn\u0131 zamanda teknik olarak bir fidye yaz\u0131l\u0131m\u0131 sald\u0131r\u0131s\u0131n\u0131 daha etkili hale getirme yetene\u011fine sahip olanlar da kullan\u0131ld\u0131. Peki nas\u0131l bir sonuca ula\u015ft\u0131lar? Genel olarak \u2013 sonu\u00e7 tam anlam\u0131yla \u015fok edici ve korkutucu:<\/p>\n

\"\"<\/p>\n

\u015eimdi, her g\u00fcvenlik sa\u011flay\u0131c\u0131s\u0131n\u0131n bildi\u011fi 20 d\u00fczenli fidye yaz\u0131l\u0131m\u0131 ailesine ait yeni \u00f6rneklerle (ba\u015fka bir deyi\u015fle, siber g\u00fcvenlik sa\u011flay\u0131c\u0131lar\u0131n\u0131n veritabanlar\u0131nda zaten bulunan \u00f6rnekler) yap\u0131lan kontrollerde neredeyse t\u00fcm siber koruma \u00fcr\u00fcnler iyi bir \u015fekilde ba\u015fa \u00e7\u0131kabildi.<\/p>\n

Ancak ara\u015ft\u0131rman\u0131n amac\u0131 \u2013 m\u00fcmk\u00fcn oldu\u011funca ger\u00e7ek hayat ko\u015fullar\u0131na yak\u0131n bir \u015fekilde test ger\u00e7ekle\u015ftirmek i\u00e7in \u2013i\u015fler daha da zorla\u015ft\u0131\u011f\u0131nda ne oldu\u011funu g\u00f6rmekti. \u00dcr\u00fcnler, k\u00f6t\u00fc ama\u00e7l\u0131 fidye yaz\u0131l\u0131mlar\u0131n\u0131n yeni<\/em> sald\u0131r\u0131 y\u00f6ntemlerine nas\u0131l tepki veriyorlar? Fidye yaz\u0131l\u0131m\u0131 bir \u015firket a\u011f\u0131na gizlice girip ortal\u0131\u011f\u0131 kar\u0131\u015ft\u0131rmaya ba\u015flarsa ne olur? \u00dcr\u00fcnler, temel ilk senaryoda ba\u015far\u0131yla alg\u0131lanan ve engellenen fidye yaz\u0131l\u0131m\u0131 \u00f6rneklerini kullanan a\u011f sald\u0131r\u0131lar\u0131 da dahil olmak \u00fczere, payla\u015f\u0131lan klas\u00f6rlerdeki kullan\u0131c\u0131 dosyalar\u0131n\u0131n uzaktan \u015fifrelendi\u011fi a\u011f sald\u0131r\u0131lar\u0131n\u0131 ne kadar iyi \u00f6nl\u00fcyor?<\/p>\n

Test edilen 11 \u00fcr\u00fcnden sadece \u00fc\u00e7\u00fc (3!) bu t\u00fcr yeni, zorlu fidye yaz\u0131l\u0131m\u0131 sald\u0131r\u0131lar\u0131yla ba\u015fa \u00e7\u0131kmay\u0131 ba\u015fard\u0131. Ve bunlar\u0131n aras\u0131nda yaln\u0131zca\u00a0Kaspersky Endpoint Security Cloud<\/a> %100 sonu\u00e7la kullan\u0131c\u0131 verilerini korudu. Kullan\u0131c\u0131 verilerini ele ge\u00e7irmeye y\u00f6nelik sald\u0131r\u0131lar\u0131n hala en yayg\u0131n sald\u0131r\u0131lar aras\u0131nda oldu\u011funu ve bunlar\u0131n, proje belgeleri, m\u00fc\u015fteri bilgileri, yedekleri ve di\u011fer verileri a\u011f ba\u011flant\u0131l\u0131 konumlarda saklanan i\u015fletmeler i\u00e7in ciddi bir tehdit olu\u015fturdu\u011funu unutmay\u0131n.<\/p>\n

Fakat hepsi bu kadar da de\u011fil! S\u0131k\u0131 tutunun\u2026<\/p>\n

Test edilen g\u00fcvenlik \u00e7\u00f6z\u00fcmlerinin \u00e7o\u011fu yaln\u0131zca sald\u0131r\u0131lar\u0131 tespit etmekte ve kullan\u0131c\u0131 dosyalar\u0131n\u0131 korumakta ba\u015far\u0131s\u0131z olmakla kalmad\u0131, ayn\u0131 zamanda siber gasp\u00e7\u0131lardan gelen fidye taleplerini i\u00e7eren metin mesajlar\u0131n\u0131 da sildiler! Ancak bu mesajlarda, \u015fifrelenmi\u015f dosyalar\u0131 kurtarmak konusunda teknik bilgileri i\u00e7erme ihtimali bulunuyor! Bu bilgiler, siber g\u00fcvenlik uzmanlar\u0131 taraf\u0131ndan kurbana yard\u0131m etmeye \u00e7al\u0131\u015f\u0131rken faydalan\u0131lan \u015feylerdir: K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 tan\u0131mlama, \u015fifreleme algoritmas\u0131nda bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulmak ve de\u011ferli verileri geri almak i\u00e7in bir \u015fifre \u00e7\u00f6z\u00fcc\u00fc geli\u015ftirme veya ba\u011f\u0131ms\u0131z a\u00e7\u0131k kaynaklardan (No More Ransom gibi<\/a>) mevcut bir \u015fifre \u00e7\u00f6z\u00fcc\u00fcye ba\u015fvurulmas\u0131n\u0131 \u00f6nerme.<\/p>\n

Hen\u00fcz sandalyenizden d\u00fc\u015fmediniz mi? G\u00fczel. O halde sizi \u015fa\u015f\u0131rtabilecek birka\u00e7 bulgudan daha bahsedelim\u2026<\/p>\n

AV-TEST ayr\u0131ca, g\u00fcvenlik \u00e7\u00f6z\u00fcmlerinin, hala yetersiz \u015fekilde kullan\u0131lan ancak yak\u0131nda kullan\u0131lmaya ba\u015flayabilecekleri i\u00e7in toplum a\u00e7\u0131s\u0131ndan tehdit olu\u015fturan mevcut fidye yaz\u0131l\u0131mlar\u0131n\u0131n ve hatta APT\u2019lerin \u201ci\u00e7 yap\u0131s\u0131n\u0131\u201d inceleme konusunda ne kadar iyi oldu\u011funu kontrol etti. \u00d6rne\u011fin: Ge\u00e7erli Windows hizmetlerinin k\u00f6t\u00fcye kullan\u0131lmas\u0131, sabit<\/a> ve sembolik<\/a> ba\u011flant\u0131lar yoluyla \u015fifreleme, gecikmeli paket \u015fifreleme veya bellek e\u015flemeli dosyalar arac\u0131l\u0131\u011f\u0131yla \u015fifreleme. Toplamda 14 farkl\u0131 y\u00f6ntem. Testlerin sonucunda ne \u00e7\u0131kt\u0131 dersiniz? Yine, %100 sonu\u00e7 g\u00f6steren yaln\u0131zca\u00a0Kaspersky Endpoint Security Cloud<\/a> oldu: Her bir kullan\u0131c\u0131 dosyas\u0131 korundu ve hedef sistemdeki t\u00fcm tehditler ortadan kald\u0131r\u0131ld\u0131!<\/p>\n

Unutmadan son bir \u015fey daha: Sadece iki \u00fcr\u00fcn<\/strong>, uzaktan ger\u00e7ekle\u015ftirilen fidye yaz\u0131l\u0131m\u0131 sald\u0131r\u0131s\u0131ndan sonra<\/strong> kullan\u0131c\u0131 verilerinde yap\u0131lan de\u011fi\u015fiklikleri geri alabildi. S\u00f6ylemeye tabi ki gerek yok \u2013 bu iki \u00fcr\u00fcnden biri bizimkiydi.<\/p>\n

Genel olarak, d\u00fcnya g\u00fcc\u00fcn\u00fcn daha \u00fcst kademelerinde yer al\u0131rken, hala kimin ekonomik-jeopolitik modelinin en iyisi oldu\u011fu ve merkezleri ve \u201culusal \u00e7\u0131karlar\u0131\u201d nedeniyle \u2013 ger\u00e7ek kullan\u0131c\u0131lar a\u00e7\u0131s\u0131ndan kalitesi ve kullan\u0131\u015fl\u0131l\u0131\u011f\u0131 ne olursa olsun \u2013hangi \u00fcr\u00fcnlere izin verilece\u011fi veya yasaklanaca\u011f\u0131<\/a> konusunda tart\u0131\u015f\u0131yorlar. Neyse ki kullan\u0131c\u0131lar kendileri i\u00e7in<\/a> en iyi olan \u00e7\u00f6z\u00fcm\u00fc se\u00e7me konusunda kendi kararlar\u0131n\u0131 vermeye devam edebilirler. Buradaki \u2018En iyi\u2019; en etkili, verimli, g\u00fcvenilir ve h\u0131zl\u0131 ve nereden gelirse gelsin her t\u00fcrl\u00fc sald\u0131r\u0131y\u0131 durdurma konusunda taviz vermeyen bir yakla\u015f\u0131ma sahip anlam\u0131na geliyor.<\/p>\n

\u0130\u015fte bu. Ayr\u0131nt\u0131da gizli olan\u0131n sadece \u015feytan olmad\u0131\u011f\u0131n\u0131, ayn\u0131 zamanda ilahi bir kurtar\u0131c\u0131n\u0131n da (bu durumda ger\u00e7ekten i\u015fe yarayan fidye yaz\u0131l\u0131m\u0131 \u00f6nleme teknolojisi) oldu\u011funu g\u00f6steren k\u0131ssadan hisse.<\/p>\n

Test sonu\u00e7lar\u0131 hakk\u0131nda daha fazla bilgiye bu g\u00f6nderiden<\/a> ula\u015fabilirsiniz.<\/p>\n

Fidye Yaz\u0131l\u0131m\u0131ndan Koruma G\u00fcc\u00fc sizinle olsun!<\/p>\n\n","protected":false},"excerpt":{"rendered":"

AV-TEST’in siber g\u00fcvenlik \u00fcr\u00fcnlerinin fidye yaz\u0131l\u0131mlar\u0131yla m\u00fccadele etme becerisine ili\u015fkin ger\u00e7ekle\u015ftirdi\u011fi kapsaml\u0131 ara\u015ft\u0131rman\u0131n sonu\u00e7lar\u0131 olduk\u00e7a \u015fok edici ve korkutucu.<\/p>\n","protected":false},"author":13,"featured_media":10130,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1287],"tags":[865,591,2483,866,1035],"class_list":{"0":"post-10129","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-av-test","9":"tag-fidye-yazilimi","10":"tag-kaspersky-endpoint-security-cloud","11":"tag-oduller","12":"tag-test"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/ransomware-best-protection-2021\/10129\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/ransomware-best-protection-2021\/23470\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/ransomware-best-protection-2021\/18943\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/ransomware-best-protection-2021\/25535\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/ransomware-best-protection-2021\/23610\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/ransomware-best-protection-2021\/31577\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/ransomware-best-protection-2021\/42262\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/ransomware-best-protection-2021\/15402\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/ransomware-best-protection-2021\/24460\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/ransomware-best-protection-2021\/29822\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/ransomware-best-protection-2021\/29621\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/fidye-yazilimi\/","name":"Fidye Yaz\u0131l\u0131m\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10129","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=10129"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10129\/revisions"}],"predecessor-version":[{"id":10131,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10129\/revisions\/10131"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/10130"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=10129"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=10129"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=10129"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}