{"id":5938,"date":"2019-05-16T18:18:31","date_gmt":"2019-05-16T15:18:31","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=5938"},"modified":"2019-11-15T14:29:06","modified_gmt":"2019-11-15T11:29:06","slug":"solo-starwars-cybersecurity","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/solo-starwars-cybersecurity\/5938\/","title":{"rendered":"Han Solo: Bir siber g\u00fcvenlik hikayesi"},"content":{"rendered":"

\u015eimdiye kadar LucasArts, sinematik siber ara\u015ft\u0131rmalar\u0131nda yaln\u0131zca imparatorlu\u011fun askeri \u00fcslerini g\u00f6sterdi. Bu, ilgin\u00e7 bir bak\u0131\u015f a\u00e7\u0131s\u0131 olsa da biraz monoton. Han Solo: Bir Y\u0131ld\u0131z Sava\u015flar\u0131 Hikayesi<\/em>, baz\u0131 s\u0131ra d\u0131\u015f\u0131 nesnelerin g\u00fcvenli\u011fine farkl\u0131 bir a\u00e7\u0131dan bakmam\u0131z\u0131 sa\u011fl\u0131yor: Corellia s\u0131n\u0131r kontrol\u00fc, Vandor-1 conveyex demiryolu ve \u00f6zel m\u00fclkiyete ait Kessel madencilik tesisi. Bu noktalarda ger\u00e7ekle\u015fen olaylar\u0131 tam anlam\u0131yla siber g\u00fcvenlik olaylar\u0131 olarak adland\u0131ramay\u0131z. Bu y\u00fczden siber a\u00e7\u0131dan en \u00f6nemli olaydan ba\u015flayarak di\u011fer olaylara do\u011fru ilerleyece\u011fiz.<\/p>\n

Kessel: Madencilik tesisi<\/h2>\n

Olay:<\/strong> Beckett\u2019\u0131n ekibi, Pyke Karteli\u2019nin madencilik yapt\u0131\u011f\u0131 ve ham coaxium hiper yak\u0131t\u0131n\u0131 depolad\u0131\u011f\u0131 madencilik tesisine s\u0131zar. Kontrol merkezini ele ge\u00e7irirler, droid\u2019lerin s\u0131n\u0131rlay\u0131c\u0131 cihazlar\u0131n\u0131 k\u0131rarlar (normal \u00e7al\u0131\u015fma \u015fekillerini bozarlar) ve ortaya \u00e7\u0131kan karga\u015fada coaxium\u2019u \u00e7alarlar.<\/p>\n

Analiz: <\/strong>Kontrol merkezindeki droid\u2019lerde s\u0131n\u0131rlay\u0131c\u0131 cihazlar bulunur. Bu filmle ilgili daha \u00f6nceki bilgilerimizden bu t\u00fcr cihazlar\u0131n yaln\u0131zca droid \u201ckorsan\u201d oldu\u011funda kullan\u0131ld\u0131\u011f\u0131n\u0131 biliyoruz. Yani lisanss\u0131z, \u00e7al\u0131nt\u0131 makineler kritik bir altyap\u0131 tesisinin kontrol merkezinde kullan\u0131l\u0131yor. Sadakatleri ise hacker\u2019lar\u0131n motivasyon sistemine m\u00fcdahalesi ile sa\u011flan\u0131yor.<\/p>\n

Bu sorunun Y\u0131ld\u0131z Sava\u015flar\u0131<\/em> evreniyle s\u0131n\u0131rl\u0131 kalmad\u0131\u011f\u0131 belirtmemiz gerekir. Ge\u00e7en y\u0131l KL ICS CERT ekibimiz, end\u00fcstriyel otomasyon sistemlerine y\u00f6nelik tehdit ortam\u0131n\u0131n analizini yay\u0131nlad\u0131<\/a>. Ekibimizin \u00f6nerilerinden biri de lisanss\u0131z, \u201ckorsan\u201d yaz\u0131l\u0131mlardan kurtulmakt\u0131. Bu t\u00fcr yaz\u0131l\u0131mlar, arka kap\u0131lar i\u00e7erebilir ya da programa k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar bula\u015fm\u0131\u015f olabilir. Yani \u00fc\u00e7\u00fcnc\u00fc bir ki\u015fi bu yaz\u0131l\u0131mlar\u0131 kontrol edebilir. Tipik bir siber fiziksel cihaz olan droid\u2019ler de end\u00fcstriyel bir tesiste kullan\u0131lan korsan yaz\u0131l\u0131mlardan farks\u0131zd\u0131r.<\/p>\n

Bununla birlikte, maden y\u00f6neticisi d\u0131\u015far\u0131dan gelen ki\u015filerin tesis kontrol merkezinde bulunan ofisine girip g\u00fcvenlik dahil olmak \u00fczere kurulumun o k\u0131sm\u0131nda bulunan t\u00fcm sistemlerin kontrol\u00fcne eri\u015fim sa\u011flamas\u0131n\u0131 \u00f6nlese bu durum sorun olmazd\u0131. Sald\u0131rganlar, bunlar\u0131 yaparak g\u00fcvenlik kameralar\u0131na ve uzaktan kap\u0131 kontrol\u00fcne eri\u015fim sa\u011flamay\u0131 ba\u015fard\u0131lar ve droid\u2019lerin s\u0131n\u0131rlay\u0131c\u0131 cihazlar\u0131n\u0131 devre d\u0131\u015f\u0131 b\u0131rakarak isyana ve genel bir kaosa yol a\u00e7t\u0131lar.<\/p>\n

Vandor-1: Conveyex demiryolu<\/h2>\n

Olay:<\/strong> \u0130mparatorlu\u011fun iki tesisi aras\u0131nda gidip gelen iki rakip ekip bir hiper yak\u0131t konteyneri \u00e7almaya \u00e7al\u0131\u015f\u0131r. Beckett\u2019\u0131n ekibi trenin yay\u0131n\u0131n\u0131 bozar, coaxium i\u00e7eren konteynerin arkas\u0131ndaki vagonlar\u0131 trenden ay\u0131r\u0131r ve trenin geri kalan\u0131n\u0131 kanyona d\u00fc\u015f\u00fcrd\u00fckten sonra \u00e7al\u0131nt\u0131 bir imparatorluk ta\u015f\u0131t\u0131yla yak\u0131t\u0131 \u00e7almay\u0131 dener. Enfys Nest liderli\u011findeki di\u011fer ekip ise operasyona m\u00fcdahale ederek konteyneri ele ge\u00e7irmeye \u00e7al\u0131\u015f\u0131r. Bunun sonucunda konteyner d\u00fc\u015fer ve patlar.<\/p>\n

Analiz:<\/strong> Coaxium, olduk\u00e7a pahal\u0131 ve son derece patlay\u0131c\u0131 bir maddedir. Dolay\u0131s\u0131yla, imparatorluk ta\u015f\u0131mac\u0131l\u0131k altyap\u0131s\u0131n\u0131n g\u00fcvenli\u011fine b\u00fcy\u00fck \u00f6nem verir: Tren vagonlar\u0131n\u0131n birinde silahl\u0131 g\u00f6revliler bulunur ve yol \u00fczerinde, bir kaza olmas\u0131 durumunda m\u00fcdahale edecek viper droid\u2019lerin bulundu\u011fu kuleler vard\u0131r. Ayr\u0131ca demiryolu boyunca b\u00fct\u00fcnl\u00fck kontrol\u00fc \u00f6zelli\u011fiyle donat\u0131lan ek sens\u00f6rler de bulunur. Bu sens\u00f6rler sinyal iletimi i\u00e7in kablolu bir ileti\u015fim kanal\u0131 kullan\u0131r. Sens\u00f6rlerden herhangi biri zarar g\u00f6rd\u00fc\u011f\u00fcnde g\u00fcvenlik sistemi tetiklenir ve droid\u2019ler g\u00f6reve \u00e7a\u011fr\u0131l\u0131r.<\/p>\n

Elbette, daha geli\u015fmi\u015f bir g\u00fcvenlik sistemi kurmak da m\u00fcmk\u00fcnd\u00fcr. Ancak buradaki as\u0131l b\u00fcy\u00fck hata \u015fudur: Ba\u011fl\u0131 trenle ileti\u015fimin kesilmesi, alarm\u0131n \u00e7al\u0131\u015fmas\u0131 ve g\u00fcvenlik droid\u2019lerinin \u00e7a\u011fr\u0131lmas\u0131 i\u00e7in zaten tetikleyici bir etken olmal\u0131d\u0131r. Droid\u2019ler \u00e7ok etkili olmasalar bile trendeki imparatorluk askerleri ile ayn\u0131 anda hareket ederek bu su\u00e7u \u00f6nleyebilirlerdi.<\/p>\n

Corellia: S\u0131n\u0131r kontrol\u00fc<\/h2>\n

Olay:<\/strong> \u0130ki su\u00e7lu, Corellia\u2019y\u0131 belgeleri olmadan terk etmeye \u00e7al\u0131\u015f\u0131r. Uzay liman\u0131na gitmeye \u00e7al\u0131\u015f\u0131rlarken bariyere \u00e7arpar ve g\u00f6revliler taraf\u0131ndan korunan s\u0131n\u0131r kontrol noktas\u0131ndaki droid\u2019i yok ederler. Ard\u0131ndan imparatorluk g\u00f6revlisine r\u00fc\u015fvet vererek kontrol b\u00f6lgesinden ayr\u0131lmaya \u00e7al\u0131\u015f\u0131rlar. Yerel gangster\u2019ler ka\u00e7aklardan birini yakalayana kadar g\u00f6revli bu ka\u00e7ma giri\u015fimini bildirmez.<\/p>\n

Analiz:<\/strong> Genel olarak bu olay bilgi g\u00fcvenli\u011finden \u00e7ok fiziksel g\u00fcvenlikle ilgili olsa da limanda ana belge olarak bir kimlik \u00e7ipi kullan\u0131l\u0131yor ve bu \u00e7ip kesinlikle bir siber g\u00fcvenlik cihaz\u0131. Uzay liman\u0131n\u0131n s\u0131n\u0131r noktas\u0131nda s\u0131k\u0131 kurallar var: Kimlik \u00e7ipi olmayan hi\u00e7 kimse kontrol b\u00f6lgesinden \u00e7\u0131kamaz. Correllia, gemi yap\u0131m\u0131nda uzmanla\u015fan end\u00fcstriyel bir gezegen. Liman b\u00f6lgesinde imparatorluk sava\u015f gemilerinin baz\u0131 par\u00e7alar\u0131n\u0131 da g\u00f6rebilirsiniz. Buna ra\u011fmen g\u00fcvenlik sisteminde an\u0131nda g\u00f6ze \u00e7arpan iki sorun var:<\/p>\n

    \n
  1. \u0130mparatorluk g\u00f6revlileri r\u00fc\u015fvet al\u0131yor. \u0130nsanlar\u0131n sorumlu olduklar\u0131 i\u015f i\u00e7in r\u00fc\u015fvet ald\u0131klar\u0131 t\u00fcm g\u00fcvenlik sistemleri g\u00fcvenilmezdir. \u00dcstelik bu sorunun, yaln\u0131zca bir ki\u015fiye \u00f6zel olmad\u0131\u011f\u0131 da g\u00f6r\u00fcl\u00fcyor: Han ve Ki\u2019ra r\u00fc\u015fvet ald\u0131\u011f\u0131 bilinen bir memura gitmiyor, kar\u015f\u0131lar\u0131na \u00e7\u0131kan ilk memura r\u00fc\u015fvet teklif ediyor. Yani, r\u00fc\u015fvet al\u0131nd\u0131\u011f\u0131 bir s\u0131r de\u011fil; herkes imparatorluk g\u00f6revlilerinin r\u00fc\u015fvet kabul etti\u011fini biliyor. Asl\u0131nda Galaktik \u0130mparatorlu\u011fun y\u0131k\u0131lmas\u0131n\u0131n arkas\u0131ndaki neden de tam olarak bu.<\/li>\n
  2. Teoride gezegenden ayr\u0131lan herkeste bulunmas\u0131 gereken kimlik \u00e7ipi, yolcunun ger\u00e7ekte kim oldu\u011funu do\u011frulamak i\u00e7in kullan\u0131lm\u0131yor. Kontrol b\u00f6lgesindeki kap\u0131 bir g\u00f6revli taraf\u0131ndan manuel olarak a\u00e7\u0131l\u0131yor. Ancak zaten bir \u00e7ip kullan\u0131l\u0131yorsa, sisteme \u00e7ipleri tarayarak kap\u0131y\u0131 a\u00e7an bir cihaz ba\u011flanabilir. Bu sayede kap\u0131dan ge\u00e7en insan say\u0131s\u0131 kontrol edilebilir ve taranan \u00e7ipler kaydedilebilir. Elbette bu se\u00e7enek de %100 garanti sa\u011flamaz ama en az\u0131ndan r\u00fc\u015fvet yiyen g\u00f6revlilerin i\u015fini zorla\u015ft\u0131raca\u011f\u0131 kesin.<\/li>\n<\/ol>\n

    Ayr\u0131ca bariyere \u00e7arp\u0131ld\u0131\u011f\u0131nda ya da en az\u0131ndan g\u00fcvenlik droid\u2019i yok edildi\u011finde otomatik g\u00fcvenlik sistemi alarm vermeliydi.<\/p>\n

    Bu \u00fc\u00e7 olayda da, fiziksel g\u00fcvenlikle ilgili sorunlar\u0131n kusursuz bir siber g\u00fcvenlik sistemi kurmay\u0131 imkans\u0131z hale getirdi\u011finiz g\u00f6rebiliyoruz. G\u00fcvenlik hizmetleri koordine bir \u015fekilde \u00e7al\u0131\u015fmal\u0131 ve birlikte hareket etmelidir. Ancak bu \u015fekilde g\u00fcvenilir bir koruma d\u00fczeyi sa\u011flanabilir. Bu durum, \u00f6zellikle kritik altyap\u0131 tesislerinin korunmas\u0131nda b\u00fcy\u00fck \u00f6nem ta\u015f\u0131r.<\/p>\n

    <\/p>\n","protected":false},"excerpt":{"rendered":"

    Siber g\u00fcvenlik bak\u0131\u015f a\u00e7\u0131s\u0131yla “Han Solo: Bir Y\u0131ld\u0131z Sava\u015flar\u0131 Hikayesi\u201d filmi<\/p>\n","protected":false},"author":700,"featured_media":5949,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[1924,906,1600],"class_list":{"0":"post-5938","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-guc-seninle-olsun","10":"tag-ics","11":"tag-yildiz-savaslari"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/solo-starwars-cybersecurity\/5938\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/solo-starwars-cybersecurity\/15742\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/solo-starwars-cybersecurity\/13271\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/solo-starwars-cybersecurity\/17651\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/solo-starwars-cybersecurity\/15796\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/solo-starwars-cybersecurity\/14483\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/solo-starwars-cybersecurity\/18371\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/solo-starwars-cybersecurity\/17267\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/solo-starwars-cybersecurity\/26860\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/solo-starwars-cybersecurity\/11670\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/solo-starwars-cybersecurity\/11777\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/solo-starwars-cybersecurity\/10752\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/solo-starwars-cybersecurity\/19157\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/solo-starwars-cybersecurity\/23165\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/solo-starwars-cybersecurity\/22578\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/solo-starwars-cybersecurity\/22513\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/guc-seninle-olsun\/","name":"G\u00fc\u00e7 Seninle Olsun"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5938","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5938"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5938\/revisions"}],"predecessor-version":[{"id":6790,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5938\/revisions\/6790"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/5949"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5938"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5938"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5938"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}