{"id":8896,"date":"2020-10-08T18:55:01","date_gmt":"2020-10-08T15:55:01","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=8896"},"modified":"2020-10-08T18:55:01","modified_gmt":"2020-10-08T15:55:01","slug":"pied-piper-hamelin","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/pied-piper-hamelin\/8896\/","title":{"rendered":"Fareli K\u00f6y\u00fcn Kavalc\u0131s\u0131 ve siber silahlar"},"content":{"rendered":"<p>Genel kan\u0131n\u0131n aksine, peri masallar\u0131 ve nesilden nesile aktar\u0131lan hikayeler e\u011flence i\u00e7in de\u011fil, \u00e7ocuklara (ve yeti\u015fkinlere) anla\u015f\u0131lmas\u0131 kolay bir bi\u00e7imde \u00f6nemli dersler vermek i\u00e7in icat edilmi\u015ftir. \u00c7ok eskiden beri, hikaye anlat\u0131c\u0131lar\u0131 \u0130nterneti (ki bunu da \u00f6ng\u00f6rm\u00fc\u015flerdir) daha g\u00fcvenli bir yer haline getirme umuduyla, hikayelerinin i\u00e7lerine siber g\u00fcvenlik ipu\u00e7lar\u0131 dokumu\u015flard\u0131r. \u00d6rne\u011fin, <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/fairy-tales-red-hood\/6458\/\" target=\"_blank\" rel=\"noopener\">K\u0131rm\u0131z\u0131 Ba\u015fl\u0131kl\u0131 K\u0131z<\/a> hikayesi MitM (ortadaki adam) sald\u0131r\u0131lar\u0131 hakk\u0131nda bizi uyar\u0131rken, <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/snow-white-cryptominers\/7522\/\" target=\"_blank\" rel=\"noopener\">Pamuk Prenses<\/a> hikayesi de h\u00fck\u00fcmet destekli APT (Geli\u015fmi\u015f Kal\u0131c\u0131 Tehdit) kampanyalar\u0131n\u0131n habercisi say\u0131labilir. <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/tag\/gercek\/\" target=\"_blank\" rel=\"noopener\">Benzer \u00f6rneklerin listesi ise uzay\u0131p gider<\/a>.<\/p>\n<p>Maalesef ki insano\u011flu, peri masallar\u0131nda a\u00e7\u0131k\u00e7a verilen bu dersleri g\u00f6rmezden gelip \u00e7\u0131lg\u0131n bir inatla ayn\u0131 hatalar\u0131 tekrarlamaya devam ediyor. Bunlara benzer bir di\u011fer \u00e7arp\u0131c\u0131 \u00f6rnek ise Fareli K\u00f6y\u00fcn Kavalc\u0131s\u0131 hikayesi.<\/p>\n<h2>Fareli K\u00f6y\u00fcn Kavalc\u0131s\u0131<\/h2>\n<p>Y\u00fczlerce y\u0131ld\u0131r nesilden nesile aktar\u0131lan masallarda \u00e7o\u011fu zaman kar\u015f\u0131la\u015ft\u0131\u011f\u0131m\u0131z gibi, bizlere ayn\u0131 hikayenin bir\u00e7ok versiyonu sunulsa da, b\u00fct\u00fcn bu versiyonlar genellikle ortak bir temaya sahiptir. Temel olay \u00f6rg\u00fcs\u00fc yakla\u015f\u0131k olarak \u015f\u00f6yledir: Almanya\u2019daki kasabalardan biri olan Hamelin, g\u0131da stoklar\u0131n\u0131 yiyen fareler taraf\u0131ndan istila edilir. Bu fareler, insanlara ve evcil hayvanlara sald\u0131r\u0131r ve tabii ki kasaba halk\u0131n\u0131n da can\u0131n\u0131 s\u0131kan bir\u00e7ok olay\u0131n ya\u015fanmas\u0131na neden olurlar.<\/p>\n<p>Bu farelerle ba\u015fa \u00e7\u0131kamayan yetkililer, sihirli bir kaval kullanarak fareleri kasabadan \u00e7\u0131karan, onlar\u0131 kasaban\u0131n yak\u0131nlar\u0131ndaki bir nehre pe\u015finden s\u00fcr\u00fckleyerek farelerin nehirde bo\u011fulmalar\u0131n\u0131 sa\u011flayan olduk\u00e7a s\u00fcsl\u00fc giyimli bir fare yakalama uzman\u0131ndan yard\u0131m almaya karar verirler.<\/p>\n<p>Ancak sonra, pinti belediye ba\u015fkan\u0131, anla\u015fmada \u00fczerine d\u00fc\u015feni yapmay\u0131 reddedip fare yakalama uzman\u0131na, nam-\u0131 di\u011fer Fareli K\u00f6y\u00fcn Kavalc\u0131s\u0131na, anla\u015ft\u0131klar\u0131ndan \u00e7ok daha d\u00fc\u015f\u00fck bir para \u00f6der. Kavalc\u0131 bu duruma hi\u00e7bir \u015fey demez. Buna kar\u015f\u0131l\u0131k, sihirli kaval\u0131n\u0131 yeniden kullan\u0131r ve t\u0131pk\u0131 fareleri kasaban\u0131n d\u0131\u015f\u0131na \u00e7\u0131karmak i\u00e7in pe\u015finden s\u00fcr\u00fckledi\u011fi gibi, bu sefer de Hamelin kasabas\u0131n\u0131n \u00e7ocuklar\u0131n\u0131 pe\u015finden s\u00fcr\u00fckler.<\/p>\n<p>Hikayenin sonu, anlat\u0131c\u0131n\u0131n ne zaman ya\u015fad\u0131\u011f\u0131na ve ne kadar iyimser oldu\u011funa g\u00f6re de\u011fi\u015fkenlik g\u00f6steriyor (genellikle \u00e7ok iyimser de\u011filler). Ya \u00e7ocuklar da fareler gibi Weser Nehri\u2019nde bo\u011fulur, ya Koppenberg tepelerinin derinlerine g\u00f6t\u00fcr\u00fcl\u00fcrler, ya da (en yak\u0131n tarihli ve en az kasvet i\u00e7eren versiyonda) tepelerin ard\u0131ndaki uzak bir yere gidip orada bir \u015fehir bulurlar.<\/p>\n<h2>Alegorinin ard\u0131ndaki anlam<\/h2>\n<p>\u0130lgin\u00e7 bir \u015fekilde bu olay hakk\u0131nda kesin bir tarih verilir: 26 Haziran 1284. Efsanenin ilk olarak 1375 y\u0131l\u0131nda kasaba g\u00fcnl\u00fcklerine kaydedildi\u011fini g\u00f6r\u00fcyoruz. Daha sonras\u0131nda tekrar tekrar yaz\u0131l\u0131p anlat\u0131lm\u0131\u015f. Bu s\u00fcre\u00e7te de \u00fczerine ilave ayr\u0131nt\u0131lar eklenmi\u015f ve s\u00fcslemeler de yap\u0131lm\u0131\u015f. Eklenen bu ayr\u0131nt\u0131lar\u0131n \u00e7o\u011fu, bariz bir \u015fekilde politik ve dini motivasyonlara sahip. Hikayenin baz\u0131 versiyonlar\u0131 Hamelin kasabas\u0131 vatanda\u015flar\u0131n\u0131n a\u00e7g\u00f6zl\u00fcl\u00fc\u011f\u00fcne odaklan\u0131rken; baz\u0131lar\u0131 ise Kavalc\u0131 fig\u00fcr\u00fcn\u00fc a\u00e7\u0131k\u00e7a bir \u015feytan gibi g\u00f6steriyor. Bizse o g\u00fcnlerdeki oOrta\u00e7a\u011f \u00f6n yarg\u0131lar\u0131n\u0131 atlay\u0131p, hikayenin temel noktalar\u0131 \u00fczerine odaklanaca\u011f\u0131z.<\/p>\n<h3>Hamelin kasabas\u0131na yap\u0131lan sald\u0131r\u0131lar<\/h3>\n<p>Bizim bak\u0131\u015f a\u00e7\u0131m\u0131za g\u00f6re, Hamelin\u2019in altyap\u0131s\u0131n\u0131n bilinmeyen k\u00f6t\u00fc ama\u00e7l\u0131 ki\u015filer taraf\u0131ndan sald\u0131r\u0131 alt\u0131nda oldu\u011fu g\u00f6r\u00fcl\u00fcyor. Bu akt\u00f6rler, kelimenin tam anlam\u0131yla maddi varl\u0131klar\u0131 (tah\u0131l) ve bilgileri (yasal belgeler) silip s\u00fcp\u00fcr\u00fcyor ve yerel halk\u0131n sa\u011fl\u0131\u011f\u0131n\u0131 tehdit ediyor.<\/p>\n<p>Bu sald\u0131r\u0131n\u0131n ayr\u0131nt\u0131l\u0131 bir a\u00e7\u0131klamas\u0131 g\u00fcn\u00fcm\u00fcze ula\u015fmam\u0131\u015ft\u0131r; ancak bu sald\u0131rganlar\u0131n \u201crat (fare)\u201d olarak adland\u0131r\u0131lmalar\u0131n\u0131n nedeni muhtemelen onlar\u0131n da k\u0131saltmas\u0131 \u201cRAT\u201d olan bir Uzaktan Eri\u015fim Arac\u0131 (RAT) ya da bir Uzaktan Eri\u015fim Trojan\u0131 kullanm\u0131\u015f olmas\u0131d\u0131r. Genel olarak, bu gibi ara\u00e7lar\/Trojanlar sald\u0131rganlar\u0131n bir kurban\u0131n sistemine tamamen eri\u015fim sa\u011flamalar\u0131na neden olduklar\u0131 i\u00e7in her t\u00fcr pis i\u015f i\u00e7in kullan\u0131labilirler.<\/p>\n<h3>\u0130\u015fi Uzman\u0131na Yapt\u0131rmak<\/h3>\n<p>\u0130lk ba\u015fta, kasaba sakinleri u\u00e7 nokta g\u00fcvenli\u011fi i\u00e7in kedilere dayanan bir \u00e7\u00f6z\u00fcm deniyorlar. Ancak bu y\u00f6ntemin i\u015fe yaramad\u0131\u011f\u0131n\u0131 g\u00f6r\u00fcnce, sald\u0131rganlar\u0131n RAT\u2019\u0131ndaki bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 bilen \u00fc\u00e7\u00fcnc\u00fc taraf bir uzmanla ileti\u015fime ge\u00e7iyorlar. Uzman, bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 hedef alarak, RAT operat\u00f6rlerinin bilgisayarlar\u0131n\u0131 uzaktan kontrol alt\u0131na almak i\u00e7in onlar\u0131 bir t\u00fcr botnet\u2019e d\u00f6n\u00fc\u015ft\u00fcrerek g\u00fc\u00e7l\u00fc bir siber silah olu\u015fturuyor. Hepsinin sistemine s\u0131zan Kavalc\u0131, tehdidi ba\u015far\u0131yla etkisiz hale getiriyor.<\/p>\n<h3>Sivilleri hedef almak<\/h3>\n<p>RAT sald\u0131r\u0131s\u0131 ba\u015far\u0131yla atlat\u0131ld\u0131ktan sonra, yetkililer uzmanla yapt\u0131klar\u0131 s\u00f6zle\u015fmenin lay\u0131k\u0131n\u0131 yerine getirme konusunda ak\u0131ls\u0131zca davran\u0131yor. Efsanenin \u00e7o\u011fu versiyonlar\u0131nda finansal anla\u015fmazl\u0131klardan bahsedilir. Ancak tabii ki bunu do\u011frulamak m\u00fcmk\u00fcn de\u011fildir. Durum ne olursa olsun, ayn\u0131 g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n kasaban\u0131n \u00e7ocuklar\u0131n\u0131n kulland\u0131\u011f\u0131 cihazlarda da mevcut oldu\u011fu ortaya \u00e7\u0131k\u0131yor.<\/p>\n<p>Ne yaz\u0131k ki, hikaye bize ayn\u0131 tehdidin nas\u0131l hem RAT operat\u00f6rlerine hem de s\u0131radan halka kar\u015f\u0131 i\u015fe yarad\u0131\u011f\u0131n\u0131 a\u00e7\u0131klayacak teknik ayr\u0131nt\u0131lar sunmuyor. Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n, her zaman her yerde bulunan bir \u015feyde oldu\u011funu varsayal\u0131m (\u00f6rne\u011fin, a\u011f kaynaklar\u0131na uzaktan eri\u015fim i\u00e7in kullan\u0131lan baz\u0131 pop\u00fcler <a href=\"https:\/\/en.wikipedia.org\/wiki\/Server_Message_Block\" target=\"_blank\" rel=\"noopener nofollow\">uygulama d\u00fczeyinde a\u011f protokolleri<\/a> gibi).<\/p>\n<p>Hikayedeki s\u00f6zde yeti\u015fkinlerin de bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan etkilenmeme nedenini a\u00e7\u0131k\u00e7a g\u00f6steren bir \u015fey yok. Belki de hikayedeki \u201c\u00e7ocuklar\u201d s\u00f6zc\u00fc\u011f\u00fc re\u015fit olmayan kullan\u0131c\u0131lara de\u011fil, s\u00f6z konusu protokol\u00fcn ba\u015far\u0131s\u0131z bir g\u00fcncellemesinden sonra bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 geli\u015ftiren daha yeni bir i\u015fletim sistemine sahip yeni nesil ayg\u0131tlara at\u0131fta bulunuyordur.<\/p>\n<p>Her iki \u015fekilde de, hikayenin sonu olduk\u00e7a trajik: Kavalc\u0131, ayn\u0131 botnet hilesini kullan\u0131yor \u2014 ancak bu defa RAT operat\u00f6rleri \u00fczerinde de\u011fil de kasaban\u0131n gen\u00e7leri \u00fczerinde.<\/p>\n<h2>Modern zamanlarda Fareli K\u00f6y\u00fcn Kavalc\u0131s\u0131<\/h2>\n<p>Anlat\u0131lan hikaye, Shadow Brokers hacker grubunun hikayesini ve EternalBlue exploit s\u0131z\u0131nt\u0131s\u0131n\u0131 bir hayli hat\u0131rlat\u0131yor. Bu s\u0131z\u0131nt\u0131, <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/five-most-notorious-cyberattacks\/5394\/\" target=\"_blank\" rel=\"noopener\">WannaCry<\/a> ve di\u011fer bir\u00e7ok fidye yaz\u0131l\u0131m salg\u0131n\u0131na yol a\u00e7m\u0131\u015ft\u0131. E\u011fer Fareli K\u00f6y\u00fcn Kavalc\u0131s\u0131 hikayesini EternalBlue s\u0131z\u0131nt\u0131s\u0131ndan sonra okumu\u015f olsayd\u0131m, \u015f\u00fcphesiz ki hikayeyi alegorik de olsa bu olay hakk\u0131nda bir uyar\u0131 olarak alg\u0131lard\u0131m. Olay \u00f6rg\u00fcs\u00fc ger\u00e7ekten de ayn\u0131: Bir h\u00fckumet organizasyonu, g\u00fc\u00e7l\u00fc bir siber silah\u0131n geli\u015ftirilmesini istiyor, daha sonras\u0131nda bu siber silah ayn\u0131 \u00fclkenin yerel halk\u0131na kar\u015f\u0131 kullan\u0131l\u0131yor.<\/p>\n<p>Bu hat\u0131r\u0131 say\u0131l\u0131r derecede \u00f6nemli tesad\u00fcf\u00fc, tarihin sarmal bir \u015fekilde geli\u015fmesi y\u00f6n\u00fcne ba\u011flayabiliriz. A\u00e7\u0131k\u00e7a g\u00f6r\u00fcl\u00fcyor ki XVI. yy. Alman bilgi g\u00fcvenli\u011fi uzmanlar\u0131 bu sorunun zaten fark\u0131ndayd\u0131 ve sonraki nesilleri (bizi) bir g\u00fcn sivil kullan\u0131c\u0131lara kar\u015f\u0131 \u2014 k\u00f6t\u00fc sonu\u00e7lar ile \u2014 kullan\u0131labilme ihtimali olan h\u00fckumet destekli siber silah programlar\u0131n\u0131n tehlikelerine kar\u015f\u0131 uyarmaya \u00e7al\u0131\u015ft\u0131lar.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>Fareli K\u00f6y\u00fcn Kavalc\u0131s\u0131 efsanesi, bu zamana kadar ger\u00e7ek ve trajik olaylar\u0131n bir alegorisi olarak kullan\u0131ld\u0131. Bu da bizim yorumumuz.<\/p>\n","protected":false},"author":700,"featured_media":8897,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[2090,2051,2041,1753,2287],"class_list":{"0":"post-8896","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-botnetler","10":"tag-gercekler","11":"tag-peri-masallari","12":"tag-rat","13":"tag-siber-silahlar"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/pied-piper-hamelin\/8896\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/pied-piper-hamelin\/21970\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/pied-piper-hamelin\/17448\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/pied-piper-hamelin\/23414\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/pied-piper-hamelin\/21602\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/pied-piper-hamelin\/20244\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/pied-piper-hamelin\/24032\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/pied-piper-hamelin\/23023\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/pied-piper-hamelin\/29208\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/pied-piper-hamelin\/37240\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/pied-piper-hamelin\/15775\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/pied-piper-hamelin\/16229\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/pied-piper-hamelin\/25368\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/pied-piper-hamelin\/12081\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/pied-piper-hamelin\/29337\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/pied-piper-hamelin\/26190\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/pied-piper-hamelin\/22966\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/pied-piper-hamelin\/28255\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/pied-piper-hamelin\/28090\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/peri-masallari\/","name":"peri masallar\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8896","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=8896"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8896\/revisions"}],"predecessor-version":[{"id":8898,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8896\/revisions\/8898"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/8897"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=8896"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=8896"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=8896"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}