{"id":4574,"date":"2017-12-29T20:05:11","date_gmt":"2017-12-29T17:05:11","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=4574"},"modified":"2019-11-15T14:45:05","modified_gmt":"2019-11-15T11:45:05","slug":"predictions-threat","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/predictions-threat\/4574\/","title":{"rendered":"Y\u0131l\u0131n tehdidi"},"content":{"rendered":"<p>Her y\u0131l, uzmanlar\u0131m\u0131z meydana gelen olaylar\u0131 analiz eder ve bir olay\u0131 (veya e\u011filimi) y\u0131l\u0131n hikayesi olarak se\u00e7er. Bu y\u0131l tart\u0131\u015f\u0131lacak \u00e7ok fazla husus mevcut de\u011fildi: 2017 kesinlikle fidye yaz\u0131l\u0131m\u0131 y\u0131l\u0131 oldu. \u00dc\u00e7 fidye yaz\u0131l\u0131m\u0131 (<a href=\"https:\/\/www.kaspersky.com.tr\/blog\/wannacry-for-b2b\/3191\/\" target=\"_blank\" rel=\"noopener\">WannaCry<\/a>, <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/expetr-for-b2b\/3342\/\" target=\"_blank\" rel=\"noopener\">ExPetrve<\/a> nispeten daha az \u00fcnl\u00fc olan <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/bad-rabbit-ransomware\/4326\/\" target=\"_blank\" rel=\"noopener\">Bad Rabbit<\/a>) \u00e7ok fazla dikkat \u00e7ekti ancak bunlardan sadece bir tanesi fidye yaz\u0131l\u0131m\u0131 gibi g\u00f6r\u00fcn\u00fcyor.<\/p>\n<p>Olaylar aniden geli\u015ferek bir\u00e7ok kullan\u0131c\u0131y\u0131 haz\u0131rl\u0131ks\u0131z yakalad\u0131ysa da, uzmanlar\u0131m\u0131z bu e\u011filimleri daha 2016 y\u0131l\u0131nda \u00f6ng\u00f6rm\u00fc\u015ft\u00fc. Costin Rau ve Andres Guerrero-Saade, Securelist\u2019in <a href=\"https:\/\/securelist.com\/kaspersky-security-bulletin-predictions-for-2017\/76660\/\" target=\"_blank\" rel=\"noopener\">2017 tahminlerinde<\/a>, \u201cdosyalara veya sistem eri\u015fimine engel olan veya en basitinden dosyalar\u0131 silebilen, ilgili kurban\u0131 fidye \u00f6demeye te\u015fvik eden ve kar\u015f\u0131l\u0131\u011f\u0131nda hi\u00e7bir \u015fey sa\u011flamayan\u201d fidye yaz\u0131l\u0131mlar\u0131n\u0131n ortaya \u00e7\u0131kmas\u0131n\u0131 beklediklerini belirtmi\u015fti.<\/p>\n<p>\u015eimdi bu sald\u0131r\u0131lardan \u00e7\u0131kar\u0131lan en \u00f6nemli dersleri hat\u0131rlayal\u0131m.<\/p>\n<p>K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n yanal hareketi<\/p>\n<p>Bu salg\u0131nlar\u0131n bu kadar \u00fcn kazanmas\u0131n\u0131n nedeni, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n yaln\u0131zca tek bir bilgisayar\u0131 de\u011fil, a\u011fdaki t\u00fcm makineleri \u015fifrelemesidir. Bu s\u0131zma d\u00fczeyi, Shadow Brokers bilgi havuzu taraf\u0131ndan a\u00e7\u0131klanan g\u00fcvenlik a\u00e7\u0131klar\u0131 nedeniyle m\u00fcmk\u00fcn olmu\u015ftur.<\/p>\n<p>Yay\u0131lmaya ba\u015flad\u0131klar\u0131 zamanlarda bunlar\u0131 \u00f6nleyecek yamalar halihaz\u0131rda mevcuttu, ancak \u00e7o\u011fu makinede hen\u00fcz bulunmuyordu. Ayr\u0131ca, baz\u0131 sald\u0131rganlar bu g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 bug\u00fcn bile (ne yaz\u0131k ki \u00e7ok ba\u015far\u0131l\u0131 bir \u015fekilde) kullanmaya devam ediyor.<\/p>\n<p><strong>Ders 1:<\/strong> \u00d6zellikle do\u011frudan g\u00fcvenlik ile ilgili g\u00fcncelle\u015ftirmeleri, kullan\u0131labilir olduklar\u0131 anda y\u00fckleyin.<\/p>\n<h2>Kritik olmayan sistemler<\/h2>\n<p>\u015eifreleyicilerin kurbanlar\u0131 aras\u0131nda fidye yaz\u0131l\u0131m\u0131ndan hi\u00e7bir \u015fekilde korunmayan bir\u00e7ok sistem mevcuttu, \u00e7\u00fcnk\u00fc hi\u00e7 kimse b\u00f6yle bir korumaya ihtiya\u00e7 oldu\u011funu d\u00fc\u015f\u00fcnm\u00fcyordu. Bu sistemlerin baz\u0131lar\u0131 bilgi panelleri ve sat\u0131\u015f makineleridir. A\u00e7\u0131k konu\u015fmak gerekirse, bu sistemlerde \u015fifrelenecek hi\u00e7bir \u015fey yoktur ve bunlar\u0131n \u015fifresini \u00e7\u00f6zmek i\u00e7in kimse hi\u00e7bir \u00f6deme yapmaz.<\/p>\n<p>Ancak bu durumlarda sald\u0131rganlar hedeflerini \u00f6zellikle se\u00e7erek belirlemiyordu, sadece eri\u015febildikleri her sisteme sald\u0131r\u0131yorlard\u0131. \u00c7ok b\u00fcy\u00fck bir hasar yaratt\u0131lar. Kritik olmayan makinelerin i\u015fletim sistemlerini yeniden y\u00fcklemek, hem ge\u00e7mi\u015fte hem de g\u00fcn\u00fcm\u00fczde maliyeti y\u00fcksek bir zaman kayb\u0131d\u0131r.<\/p>\n<p><strong>Ders 2<\/strong>: Bilgi altyap\u0131n\u0131z\u0131n t\u00fcm \u00f6gelerini koruyun.<\/p>\n<h2>\u015eantaj yerine Sabotaj<\/h2>\n<p>ExPetr, \u00f6zellikle belirli kurbanlar\u0131 se\u00e7ecek bir mekanizmaya sahip de\u011fildi; bu da sald\u0131rganlar\u0131n isteseler bile kurbanlara \u015fifre \u00e7\u00f6zme anahtar\u0131 veremeyece\u011fi anlam\u0131na gelmektedir. Buradan ama\u00e7lar\u0131n\u0131n m\u00fcmk\u00fcn oldu\u011funca \u00e7ok zarar vermek oldu\u011funu varsayabiliriz, onlar i\u00e7in ne kadar fidye toplasalar kar say\u0131l\u0131yordu.<\/p>\n<p>Bu, fidye \u00f6demenin g\u00fcvenilir bir veri kurtarma y\u00f6ntemi olmad\u0131\u011f\u0131n\u0131 bir kez daha do\u011frulamaktad\u0131r.<\/p>\n<p><strong>Ders 3:<\/strong> Verilerinizi kaybetmemek i\u00e7in tek ger\u00e7ek yol, onlar\u0131 yedeklemek ve koruyucu \u00e7\u00f6z\u00fcmleri proaktif bir \u015fekilde kurmakt\u0131r.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kartb2b\">\n<p>Bu derslerin gelecekte benzer sald\u0131r\u0131lardan kaynaklanan hasar\u0131 en aza indirece\u011fini umuyoruz. Sonu\u00e7ta uzmanlar\u0131m\u0131za g\u00f6re, bir sonraki y\u0131l siber su\u00e7lular, SpaCetr tarz\u0131nda k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 bilgi kayb\u0131na y\u00f6nelik siber silahlar olarak kullanmaya devam edecektir. Ara\u015ft\u0131rmac\u0131lar\u0131m\u0131z\u0131n 2018 i\u00e7in \u00f6ng\u00f6rd\u00fckleri tahminlere ili\u015fkin daha fazla ayr\u0131nt\u0131y\u0131 Securelist\u2019teki <a href=\"https:\/\/securelist.com\/ksb-threat-predictions-for-2018\/83169\/\" target=\"_blank\" rel=\"noopener\">bu blog yaz\u0131s\u0131nda<\/a> bulabilirsiniz.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Her y\u0131l, uzmanlar\u0131m\u0131z meydana gelen olaylar\u0131 analiz eder ve bir olay\u0131 (veya e\u011filimi) y\u0131l\u0131n hikayesi olarak se\u00e7er. Bu y\u0131l tart\u0131\u015f\u0131lacak \u00e7ok fazla husus mevcut de\u011fildi: 2017 kesinlikle fidye yaz\u0131l\u0131m\u0131 y\u0131l\u0131 oldu. \u00dc\u00e7 fidye yaz\u0131l\u0131m\u0131 (WannaCry, ExPetrve nispeten daha az \u00fcnl\u00fc olan Bad Rabbit) \u00e7ok fazla dikkat \u00e7ekti ancak bunlardan sadece bir tanesi fidye yaz\u0131l\u0131m\u0131 gibi g\u00f6r\u00fcn\u00fcyor.<\/p>\n","protected":false},"author":700,"featured_media":4575,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1194,1727],"tags":[1499,1262,591,447,1227],"class_list":{"0":"post-4574","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-badrabit","10":"tag-expetr","11":"tag-fidye-yazilimi","12":"tag-ransomware","13":"tag-wannacry"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/predictions-threat\/4574\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/predictions-threat\/12079\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/predictions-threat\/10050\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/predictions-threat\/14313\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/predictions-threat\/12529\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/predictions-threat\/12253\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/predictions-threat\/15063\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/predictions-threat\/14871\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/predictions-threat\/19414\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/predictions-threat\/20593\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/predictions-threat\/9869\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/predictions-threat\/9949\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/predictions-threat\/8716\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/predictions-threat\/15583\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/predictions-threat\/9070\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/predictions-threat\/19181\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/predictions-threat\/19282\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/predictions-threat\/19269\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/badrabit\/","name":"badrabit"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4574","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=4574"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4574\/revisions"}],"predecessor-version":[{"id":6984,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4574\/revisions\/6984"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/4575"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=4574"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=4574"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=4574"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}