{"id":5810,"date":"2019-03-27T11:57:36","date_gmt":"2019-03-27T08:57:36","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=5810"},"modified":"2022-05-05T14:25:28","modified_gmt":"2022-05-05T11:25:28","slug":"undecryptable-files","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/undecryptable-files\/5810\/","title":{"rendered":"\u015eifrelenmi\u015f kurumsal verileri hi\u00e7 kimse kurtaramaz"},"content":{"rendered":"<p>Ge\u00e7ti\u011fimiz g\u00fcnlerde <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/hydro-attacked-by-ransomware\/5803\/\" target=\"_blank\" rel=\"noopener\">Norve\u00e7li Norsk Hydro<\/a> \u015firketinin ya\u015fad\u0131\u011f\u0131 g\u00fcvenlik olay\u0131, fidye yaz\u0131l\u0131mlar\u0131n\u0131n kolay kolay yok olmayaca\u011f\u0131n\u0131 ve herkesin bu tehlike kar\u015f\u0131s\u0131nda g\u00fcvende olmad\u0131\u011f\u0131n\u0131 g\u00f6sterdi. Bu durumun olas\u0131 nedenlerinden biri, insanlar\u0131n b\u00f6yle bir olay ya\u015fad\u0131ktan sonra verilerini geri alabilece\u011fine inanmas\u0131d\u0131r; bir\u00e7ok ki\u015fi \u015firket i\u00e7indeki BT uzmanlar\u0131n\u0131n veya d\u0131\u015far\u0131dan g\u00fcvenlik uzmanlar\u0131n\u0131n yard\u0131m\u0131yla ya da en k\u00f6t\u00fc ihtimalle bizzat sald\u0131r\u0131n\u0131n sorumlular\u0131na fidye \u00f6deyerek verilerini kurtarabilece\u011fini d\u00fc\u015f\u00fcn\u00fcr. Elbette, verilerin \u015fifresini \u00e7\u00f6zebilece\u011fini iddia eden \u00e7ok say\u0131da \u015firket de vard\u0131r. Ancak bazen verileri kurtarmak i\u00e7in bu \u015firketlerle anla\u015fma yap\u0131lmas\u0131, siber su\u00e7lulara para vermekten bile k\u00f6t\u00fc sonu\u00e7lar do\u011furabilir.<\/p>\n<h2>%100 \u015fifre \u00e7\u00f6zme garantisi veren bir \u015firketle \u00e7al\u0131\u015fmak neden k\u00f6t\u00fc bir fikirdir?<\/h2>\n<p>\u015eifreleyici fidye yaz\u0131l\u0131mlar\u0131 ile ilgili bilgi aramaya ba\u015flad\u0131\u011f\u0131n\u0131zda, verilerinizi, her ko\u015fulda, geri getirece\u011fini iddia eden bir\u00e7ok \u015firket reklam\u0131 g\u00f6r\u00fcrs\u00fcn\u00fcz. Hepsinin web sitelerinde, sald\u0131rganlara neden para \u00f6dememeniz gerekti\u011fine dair uzun uzun a\u00e7\u0131klamalar ve olduk\u00e7a yarat\u0131c\u0131 bir tak\u0131m \u015fifre \u00e7\u00f6zme y\u00f6ntemleri bulunur. Bu siteler, genellikle son derece ikna edici bir g\u00f6r\u00fcn\u00fcme sahiptir. Fakat burada dikkat edilmesi gereken \u00f6nemli bir hile vard\u0131r.<\/p>\n<p>Modern \u015fifreleme algoritmalar\u0131nda herhangi bir ki\u015fi, \u00f6nemli bilgileri anlams\u0131z bir karakter k\u00fcmesine d\u00f6n\u00fc\u015ft\u00fcrebilir fakat bu bilgileri kurtarabilecek tek ki\u015fi, \u015fifre \u00e7\u00f6zme anahtar\u0131n\u0131n sahibidir. Di\u011fer bir deyi\u015fle, sald\u0131rganlar hi\u00e7bir hata yapmad\u0131ysa dosyalar\u0131n\u0131z\u0131n \u015fifrelerini onlardan ba\u015fka kimse \u00e7\u00f6zemez; ne sistem y\u00f6neticinizden ne de global BT g\u00fcvenli\u011fi sekt\u00f6r\u00fcn\u00fcn dev \u015firketlerden medet ummay\u0131n.<\/p>\n<p>Dolay\u0131s\u0131yla size \u015fifre \u00e7\u00f6zme konusunda kesin garantiler veren \u015firketler muhtemelen yalan s\u00f6yl\u00fcyordur. Ge\u00e7en y\u0131l i\u015f arkada\u015flar\u0131m\u0131z, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/company-pretends-to-decrypt-ransomware-but-just-pays-ransom\/\" target=\"_blank\" rel=\"noopener nofollow\">bu t\u00fcr bir \u015firket belirledi<\/a>. \u015eirketin \u201c\u015fifre \u00e7\u00f6zme\u201d i\u015flemleri i\u00e7in sald\u0131r\u0131ya maruz kalanlardan \u00f6nemli miktarda bir \u00fccret talep ederken, ayn\u0131 zamanda \u015fifreleme anahtarlar\u0131n\u0131 indirimli bir \u015fekilde sat\u0131n almak i\u00e7in sald\u0131rganlarla pazarl\u0131k etti\u011fi ortaya \u00e7\u0131kt\u0131. Bu pazarl\u0131k sonucunda sald\u0131r\u0131n\u0131n kurbanlar\u0131, hem sald\u0131rgana para vermi\u015f oldu hem de bu \u00fc\u00e7\u00fcnc\u00fc taraf doland\u0131r\u0131c\u0131lara \u00fccret \u00f6demek zorunda kald\u0131.<\/p>\n<h2>Neden \u00f6deme yapmamal\u0131s\u0131n\u0131z?<\/h2>\n<p>Gasp\u00e7\u0131lara para vermek, en kolay yol gibi g\u00f6r\u00fcnebilir. Bir\u00e7ok insan bu sald\u0131rganlara para veriyor ve ger\u00e7ekten verilerini geri alabiliyor. \u00d6rne\u011fin 2016 y\u0131l\u0131nda Lock fidye yaz\u0131l\u0131m\u0131 sald\u0131r\u0131s\u0131, <a href=\"https:\/\/threatpost.com\/hollywood-hospital-pays-17k-ransom-to-decrypt-files\/116325\/\" target=\"_blank\" rel=\"noopener nofollow\">Hollywood Presbyterian Medical Center (HPMC) hastanesini adeta fel\u00e7 etti<\/a>. Bir\u00e7ok hastan\u0131n sa\u011fl\u0131\u011f\u0131, hatta hayat\u0131 \u015fifrelerin \u00e7\u00f6z\u00fclme h\u0131z\u0131na ba\u011fl\u0131 oldu\u011fu i\u00e7in hastane y\u00f6netimi, zor bir karar vererek 17.000 USD tutar\u0131nda fidye \u00f6demeyi kabul etti.<\/p>\n<p>Ancak en kolay yol, her zaman en iyi yol olmayabilir, \u00f6zellikle riske att\u0131\u011f\u0131n\u0131z \u015fey bir \u00f6l\u00fcm kal\u0131m meselesi de\u011filse\u2026 \u00d6ncelikle, \u00f6dedi\u011finiz para b\u00fcy\u00fck ihtimalle daha da geli\u015fmi\u015f k\u00f6t\u00fc ama\u00e7l\u0131 programlar geli\u015ftirmek i\u00e7in kullan\u0131lacakt\u0131r (bu yeni programlar da sizin gibi \u00f6demeyi yapmay\u0131 kabul eden ki\u015fileri hedef olarak belirleyebilir). \u0130kinci olarak, \u00f6deme yapma takti\u011fi g\u00fcvenilir de\u011fildir. Verdi\u011fimiz \u00f6rnekteki hastane \u015fansl\u0131 olabilir ancak y\u00fczlerce vakada, kurban\u0131n paras\u0131n\u0131 alan sald\u0131rganlar asla dosyalar\u0131n \u015fifrelerini \u00e7\u00f6zmediler. Bazen de \u00e7\u00f6zemediler.<\/p>\n<h2>Neden g\u00fcvenlik \u015firketleri verilerinizin \u015fifresini \u00e7\u00f6zemez?<\/h2>\n<p>Elbette, \u015fifrelenen verileri geri getirmek i\u00e7in s\u00fcrekli yeni yollar arayan \u015firketler de vard\u0131r, hatta bizim \u015firketimiz de bunlardan biri. Fakat bilgiler, yaln\u0131zca sald\u0131rganlar\u0131n normal bir algoritma uygulayacak kadar profesyonel olmad\u0131\u011f\u0131 (ya da bir yerde bir hata yapt\u0131\u011f\u0131) durumlarda geri getirilebilir. Bir \u015fifre \u00e7\u00f6zme arac\u0131 geli\u015ftirmeyi ba\u015fard\u0131\u011f\u0131m\u0131zda bunu \u00fccretsiz olarak <a href=\"https:\/\/noransom.kaspersky.com\/\" target=\"_blank\" rel=\"noopener\">https:\/\/noransom.kaspersky.com\/<\/a> adresinde payla\u015f\u0131yoruz. Ancak bu t\u00fcr durumlarla \u00e7ok nadir kar\u015f\u0131la\u015f\u0131l\u0131yor.<\/p>\n<p>Sonu\u00e7 olarak yapabilece\u011finiz en iyi \u015fey, sald\u0131r\u0131y\u0131 en ba\u015f\u0131ndan \u00f6nlemeye \u00e7al\u0131\u015fmakt\u0131r. Bunun i\u00e7in yeni g\u00fcncellenen Kaspersky Anti-Ransomware Tool for Business \u00e7\u00f6z\u00fcm\u00fcm\u00fcz\u00fc de i\u00e7eren bir ara\u00e7 setimiz var. Bu \u00e7\u00f6z\u00fcm, \u00fc\u00e7\u00fcnc\u00fc taraf g\u00fcvenlik sat\u0131c\u0131lar\u0131n\u0131n \u00fcr\u00fcnleriyle birlikte \u00e7al\u0131\u015farak i\u015f istasyonlar\u0131nda ve Windows Server ile \u00e7al\u0131\u015fan sunucularda ek koruma katman\u0131 sa\u011flar.<\/p>\n<p>G\u00fcncellenen Kaspersky Anti-Ransomware Tool for Business arac\u0131, yaln\u0131zca kurumsal cihazlar\u0131 hem bilinen hem de yeni kripto k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlardan korumakla kalmaz, ayn\u0131 zamanda ba\u015fta k\u00f6t\u00fc ama\u00e7l\u0131 madenciler, riskli programlar ve k\u00f6t\u00fc ama\u00e7l\u0131 porno yaz\u0131l\u0131mlar\u0131 dahil olmak \u00fczere di\u011fer tehditleri de tespit eder. Bu \u00fccretsiz \u00fcr\u00fcn\u00fc buradan indirebilirsiniz.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kartb2b\">\n","protected":false},"excerpt":{"rendered":"<p>Fidye yaz\u0131l\u0131mlar\u0131 taraf\u0131ndan \u015fifrelenen verilerin, kolayca geri getirilebilece\u011fini d\u00fc\u015f\u00fcnmeyin. \u00d6nceden \u00f6nleminizi almak her zaman daha iyidir.<\/p>\n","protected":false},"author":2706,"featured_media":5811,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[930,591,447,921],"class_list":{"0":"post-5810","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-dolandirici","11":"tag-fidye-yazilimi","12":"tag-ransomware","13":"tag-sifreleyici"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/undecryptable-files\/5810\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/undecryptable-files\/15441\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/undecryptable-files\/13005\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/undecryptable-files\/17386\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/undecryptable-files\/15534\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/undecryptable-files\/18072\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/undecryptable-files\/17064\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/undecryptable-files\/22614\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/undecryptable-files\/26040\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/undecryptable-files\/10496\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/undecryptable-files\/18813\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/undecryptable-files\/22846\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/undecryptable-files\/18268\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/undecryptable-files\/22315\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/undecryptable-files\/22245\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/fidye-yazilimi\/","name":"Fidye Yaz\u0131l\u0131m\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5810","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5810"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5810\/revisions"}],"predecessor-version":[{"id":6817,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5810\/revisions\/6817"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/5811"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5810"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5810"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5810"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}