{"id":4889,"date":"2018-05-02T11:10:05","date_gmt":"2018-05-02T08:10:05","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=4889"},"modified":"2019-11-15T14:42:05","modified_gmt":"2019-11-15T11:42:05","slug":"leaking-fish-tank","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/leaking-fish-tank\/4889\/","title":{"rendered":"S\u0131zd\u0131ran akvaryum"},"content":{"rendered":"

Konu Nesnelerin \u0130nterneti oldu\u011funda, g\u00fcvenlik h\u00e2l\u00e2 olmas\u0131 gereken noktada de\u011fil. Ba\u011flant\u0131l\u0131 ayg\u0131tlar\u0131n\u0131n da \u00e7o\u011fu pek bilinmiyor. Ayr\u0131ca, Nesnelerin \u0130nterneti\u2019ne y\u00f6nelik tehditlerin kullan\u0131c\u0131lar\u0131 deyim yerindeyse savunmas\u0131z yakalamak gibi k\u00f6t\u00fc bir huyu var. Bug\u00fcnk\u00fc g\u00fcndemimizde zarars\u0131z gibi g\u00f6r\u00fcnen ba\u015fka bir mekanizmay\u0131 ele alaca\u011f\u0131z.<\/p>\n

\u0130\u00e7 mekanda ileri teknoloji<\/h2>\n

K\u0131sa s\u00fcre \u00f6nce, ABD\u2019de bir kumarhanenin lobisine \u201cak\u0131ll\u0131\u201d akvaryum kuruldu. Bal\u0131klar\u0131n beslenme program\u0131n\u0131n yan\u0131 s\u0131ra tuz ve s\u0131cakl\u0131k d\u00fczeyleri de otomatik d\u00fczenleniyordu. Su a\u015f\u0131r\u0131 \u0131s\u0131n\u0131r ya da a\u015f\u0131r\u0131 so\u011fursa termostat kullan\u0131c\u0131y\u0131 \u00e7evrimi\u00e7i uyarabiliyordu.<\/p>\n

Bu ayg\u0131t, belli ki yabanc\u0131lar\u0131n kurcalamamas\u0131 i\u00e7in, bir VPN ard\u0131na saklanm\u0131\u015ft\u0131. Ancak bu yeterli olmad\u0131 ve masum g\u00f6r\u00fcn\u00fc\u015fl\u00fc termostat yerel a\u011fdaki di\u011fer devrelere giden bir arka kap\u0131 olu\u015fturdu.<\/p>\n

\u0130nternet casusu<\/h2>\n

Sonra anla\u015f\u0131ld\u0131 ki bu ikiy\u00fczl\u00fc akvaryum Norve\u00e7\u2019te bir yerlere 10 GB veri g\u00f6ndermi\u015fti. \u0130nternet g\u00fcvenlik personeli y\u00fczs\u00fcz korsanlar\u0131n hangi bilgileri ele ge\u00e7irdi\u011fini tespit etmeye \u00e7al\u0131\u015ft\u0131. Sorunun cevab\u0131 kumarhanedeki y\u00fcksek bahis\u00e7ilerin veri taban\u0131yd\u0131. A\u00e7\u0131k kaynaklar i\u00e7erikteki bilginin tam olarak ne oldu\u011funu ortaya koymasa da, ister sadece isimler, isterse, daha k\u00f6t\u00fcs\u00fc, irtibat bilgileri ve hatta kredi kart\u0131 numaralar\u0131 olsun, kurulu\u015fun itibar\u0131n\u0131n g\u00f6rd\u00fc\u011f\u00fc zarar\u0131n haddi hesab\u0131 yoktu. Kumarhanenin ad\u0131 a\u00e7\u0131klanmasa da olay bu s\u0131z\u0131nt\u0131n\u0131n ma\u011fdurlar\u0131na bildirilmek zorunda kal\u0131nd\u0131.<\/p>\n

Erken uyar\u0131lan erken \u00f6nlem al\u0131r<\/h2>\n

\u0130smi verilmeyen bu kumarhane gibi, m\u00fc\u015fterilerini riske atmak istemeyen firmalar\u0131n bu kurallar\u0131 ak\u0131ldan \u00e7\u0131karmamas\u0131 gerekir:<\/p>\n