{"id":11008,"date":"2022-09-08T13:41:24","date_gmt":"2022-09-08T10:41:24","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=11008"},"modified":"2022-09-08T13:41:52","modified_gmt":"2022-09-08T10:41:52","slug":"ir-report-2021","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/ir-report-2021\/11008\/","title":{"rendered":"Yeni yay\u0131n: &#8220;Siber olaylar\u0131n do\u011fas\u0131&#8221; hakk\u0131nda yeni bir \u00e7al\u0131\u015fma"},"content":{"rendered":"<p>Kaspersky Global Acil Durum M\u00fcdahale Ekibimiz (GERT) uzmanlar\u0131m\u0131z\u0131n 2021\u2019de inceledi\u011fi olaylar\u0131 analiz ederek detayl\u0131 bir rapor haz\u0131rlad\u0131. <a href=\"https:\/\/securelist.com\/the-nature-of-cyber-incidents\/107119\/\" target=\"_blank\" rel=\"noopener\">Securelist blogumuzdaki formu<\/a> doldurarak raporun tamam\u0131na ula\u015fabilirsiniz. Bu s\u0131rada biz de m\u00fcdahale uzmanlar\u0131n\u0131n ana bulgular\u0131n\u0131 ve en iyi \u00f6nerilerini payla\u015fmak istedik.<\/p>\n<h2>\u0130lk sald\u0131r\u0131 vekt\u00f6rleri<\/h2>\n<p>2021\u2019de sald\u0131rganlar \u00e7o\u011funlukla \u015firketlerin altyap\u0131lar\u0131na yayg\u0131n uygulamalardaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 k\u00f6t\u00fcye kullanarak s\u0131zmaya \u00e7al\u0131\u015ft\u0131 (olaylar\u0131n %53,6\u2019s\u0131nda). Olaylar\u0131n %17,9\u2019unda \u00f6nceden g\u00fcvenli\u011fi ihlal edilmi\u015f giri\u015f bilgilerini, %14,3\u2019\u00fcnde ise k\u00f6t\u00fc ama\u00e7l\u0131 e-postalar\u0131 kulland\u0131lar. Bu veriler \u0131\u015f\u0131\u011f\u0131nda uzmanlar\u0131m\u0131z \u015funlar\u0131 \u00f6neriyor:<\/p>\n<ul>\n<li>G\u00fc\u00e7l\u00fc bir parola politikas\u0131 uygulay\u0131n ve \u00e7ok fakt\u00f6rl\u00fc do\u011frulama kullan\u0131n;<\/li>\n<li>bilgi sistemlerinin y\u00f6netim mekanizmalar\u0131na do\u011frudan internet eri\u015fimi olas\u0131l\u0131\u011f\u0131n\u0131 ortadan kald\u0131r\u0131n;<\/li>\n<li>herkese a\u00e7\u0131k servislere ve hizmetlere y\u00f6nelik g\u00fcncellemeleri m\u00fcmk\u00fcn oldu\u011funca \u00e7abuk y\u00fckleyin veya bunlar\u0131 koruma alt\u0131na almak i\u00e7in yeterli \u00f6nlemler geli\u015ftirin;<\/li>\n<li>d\u00fczenli aral\u0131klarla <a href=\"https:\/\/k-asap.com\/tr\/?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______&amp;utm_source=kdaily&amp;utm_medium=blog&amp;utm_campaign=tr_wpplaceholder_nv0092&amp;utm_content=link&amp;utm_term=tr_kdaily_organic_avmwswubv8qh92b\" target=\"_blank\" rel=\"noopener\">\u00e7al\u0131\u015fanlar\u0131n siber g\u00fcvenlik bilincini artt\u0131r\u0131n<\/a>.<\/li>\n<\/ul>\n<h2>Sald\u0131r\u0131larda kullan\u0131lan ara\u00e7lar<\/h2>\n<p>Sald\u0131rganlar olaylar\u0131n neredeyse %40\u2019\u0131nda tipik ara\u00e7lar kulland\u0131; bu ara\u00e7lar ya resmi i\u015fletim sistemi bile\u015fenleri ya da s\u0131zma testi yaz\u0131l\u0131mlar\u0131yd\u0131. Uzmanlar\u0131m\u0131z bu t\u00fcr sald\u0131r\u0131lara kar\u015f\u0131 \u00f6nceden haz\u0131rl\u0131k yapmay\u0131 tavsiye ediyor:<\/p>\n<ul>\n<li>M\u00fcmk\u00fcnse sald\u0131rganlar taraf\u0131ndan s\u0131kl\u0131kla k\u00f6t\u00fcye kullan\u0131lan yaz\u0131l\u0131mlar\u0131 kullanmay\u0131 b\u0131rak\u0131n;<\/li>\n<li><a href=\"https:\/\/www.kaspersky.com.tr\/enterprise-security\/endpoint-detection-response-edr?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">EDR<\/a> s\u0131n\u0131f\u0131 \u00e7\u00f6z\u00fcmler kullan\u0131n;<\/li>\n<li>sald\u0131rganlar taraf\u0131ndan en s\u0131k kullan\u0131lan ara\u00e7lar\u0131 tespit etmek i\u00e7in kurallar olu\u015fturun;<\/li>\n<li>d\u00fczenli aral\u0131klarla sald\u0131rganlar\u0131n yayg\u0131n tekniklerinin ve tektiklerinin kullan\u0131ld\u0131\u011f\u0131 s\u0131zma testleri ve siber tatbikatlar ger\u00e7ekle\u015ftirin.<\/li>\n<\/ul>\n<h2>Olaylar\u0131n etkileri<\/h2>\n<p>Sald\u0131rganlar olaylar\u0131n %51\u2019inde kurumsal verileri \u015fifrelemeye \u00e7al\u0131\u015ft\u0131. Daha da k\u00f6t\u00fcs\u00fc, sald\u0131r\u0131lar\u0131n %16\u2019s\u0131 veri s\u0131z\u0131nt\u0131s\u0131yla sonu\u00e7land\u0131. %11,1\u2019inde Active Directory g\u00fcvenli\u011fi ihlal edildi. \u0130\u015fletmenizin u\u011frayabilece\u011fi zarar\u0131 en aza indirmek i\u00e7in \u015funlar\u0131 \u00f6neriyoruz:<\/p>\n<ul>\n<li>Verilerinizi d\u00fczenli aral\u0131klarla yedekleyin;<\/li>\n<li>ki\u015fisel bilgileri i\u00e7eren sistemlerin g\u00fcvenli\u011fine \u00f6zellikle dikkat edin;<\/li>\n<li>h\u0131zl\u0131 SLA\u2019lere sahip g\u00fcvenilir bir olay m\u00fcdahale servisi sa\u011flay\u0131c\u0131s\u0131yla \u00e7al\u0131\u015f\u0131n;<\/li>\n<li>\u00f6zel e\u011fitimler ve siber egzersizlerle olay m\u00fcdahalesi ekibinizin becerilerini geli\u015ftirin ve canl\u0131 tutun.<\/li>\n<\/ul>\n<p>\u015eirket i\u00e7i olay m\u00fcdahale ve adli bili\u015fim ekiplerinin becerilerini geli\u015ftirmek ve onlar\u0131 karma\u015f\u0131k siber sald\u0131r\u0131lara kar\u015f\u0131 haz\u0131rlamak i\u00e7in Kaspersky Expert Training Windows Incident Response e\u011fitim program\u0131n\u0131 \u00f6neriyoruz. Kaspersky Global Acil Durum M\u00fcdahale Ekibinden uzmanlar\u0131n deneyimlerine ve uzmanl\u0131\u011f\u0131na dayanan bu program, uzmanlar\u0131n\u0131za olaylar\u0131 do\u011fru \u015fekilde tan\u0131mlama, kan\u0131t toplama, g\u00fcnl\u00fckleri ve a\u011flar\u0131 analiz etme ve g\u00fcvenlik ihlali belirtileri olu\u015fturman\u0131n yan\u0131 s\u0131ra bir\u00e7ok \u015fey daha \u00f6\u011fretiyor. E\u011fitim program\u0131 hakk\u0131nda daha fazla bilgiye <a href=\"https:\/\/xtraining.kaspersky.com\/courses\/windows-incident-response?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">\u00e7evrimi\u00e7i uzman e\u011fitimi sayfas\u0131ndan<\/a> ula\u015fabilirsiniz.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Kaspersky GERT ekibinin &#8220;Siber olaylar\u0131n do\u011fas\u0131&#8221; raporunda \u00f6ne \u00e7\u0131kanlar<\/p>\n","protected":false},"author":2706,"featured_media":11009,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[2485,2486],"class_list":{"0":"post-11008","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-gert","10":"tag-olay-mudahalesi"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/ir-report-2021\/11008\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/ir-report-2021\/24559\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/ir-report-2021\/20025\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/ir-report-2021\/27008\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/ir-report-2021\/24916\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/ir-report-2021\/25253\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/ir-report-2021\/27577\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/ir-report-2021\/27199\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/ir-report-2021\/33942\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/ir-report-2021\/45414\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/ir-report-2021\/19402\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/ir-report-2021\/20007\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/ir-report-2021\/29245\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/ir-report-2021\/28461\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/ir-report-2021\/25426\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/ir-report-2021\/30965\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/ir-report-2021\/30661\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/olay-mudahalesi\/","name":"Olay M\u00fcdahalesi"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11008","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=11008"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11008\/revisions"}],"predecessor-version":[{"id":11011,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11008\/revisions\/11011"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/11009"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=11008"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=11008"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=11008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}