The recent cyberattack against Turkish private lenders and telecommunication companies on Oct. 27 highlighted the importance of cybersecurity at public institutions.
To reinforce the cybersecurity infrastructure of public institutions, the Digital Transformation Office is currently carrying out a project to ensure encrypted communication between related bodies through KamuNet, a server specially designed for the use of public institutions to minimize cybersecurity risks.
Digital Transformation Office head, Ali Taha Koç confirmed that two of the public agencies in the KamuNet system that engages in intense data traffic have begun to use a locally developed IP crypto device.
“We have successfully completed the tests. We aim to use this device at all 16 ministries by the next year and increase the security level by encrypting the data communication and exchange,” Koç told reporters at a meeting in Ankara on Monday.
The cyberattacks used to serve simpler purposes and only people with certain competence and skills were able to carry them out, Koç explained.
“At present, cyberattacks are carried out by states in a more automated and frequent manner. They have become more disruptive, which makes cybersecurity a requirement for national security. It has become the fifth front of war and clash after land, air, marine and space,” he added.
The transformation of cyberattacks into inter-state wars and clashes necessitates that states must protect their data and digital infrastructure in the same fashion they protect their physical territories and borders. “The endeavor to seek data security with foreign resources and means is equal to protecting borders with foreign manpower,” Koç said.
Developing the local means to deter cyberattacks, increasing the number of cybersecurity experts, early diagnosis of weak points with in-depth analysis and investing in technologies are among the correct strategy and policies that would ensure Turkey's cybersecurity, the head of the Digital Transformation Office said.
Around 85% of the cyberattacks in the world target individuals, he noted. “Even if people use the strongest and most complicated passwords, there is still the danger of phishing,” he warned.
Emphasizing that multiple authentication techniques must be made mandatory in accessing critical government systems, Koç said these techniques are used in all banking systems and they will soon bring this to the e-Devlet (e-State) application.
“When the use of new identity cards becomes more widespread in the future, we will have boosted our security by using biometric verification techniques for multiple authentications. Targeted attacks to seize or leak information from a particular system are somewhat more difficult to detect and prevent, but we have domestic and national cybersecurity solutions and cyber threat intelligence works developed for them,” Koç added.
He said local institutions would be connected through the KamuNet network, instead of through the normal Internet.
Koç said they have initiated pilot studies for the use of domestic and national IP crypto devices at two institutions, which have the most intense data traffic in KamuNet.
He noted that the tests were successful and added that they will subsequently start using it live.
Not hacker, but cyber hero
He said they have added the article “Information security and awareness training will be provided to public institutions and organizations” to the 11th Development Plan.
Koç touched on the comprehensive studies done in this scope and said: “We have been in touch with every institution since we established the Digital Transformation Office. One of the projects is ‘81 Cyber Heroes in 81 Provinces' and we currently have representatives in 23 provinces. We do not call them ‘hackers’ anymore, but ‘Cyber Heroes.’ We are working on projects that will raise awareness.”
He said they will inform young people about how to protect themselves in the digital environment. "We have initiated efforts to prepare an 'Information and Communication Security Guide,'" he said. The objective is to guide the security of information and communication in the public service systems in our country in the long term, he added.
Cyberattacks against Turkish corporations
On Sunday, Oct. 27, several Turkish companies, including private lender Garanti BBVA and Turkey’s leading telecommunication firm, Türk Telekom came under cyberattacks, crippling their services and operation for a brief period.
The DDoS (Distributed Service Blocking Attack) attack is not an unknown phenomenon as many countries in Asia, Middle East, South Africa and Latin America have faced similar attacks against their communication and finance infrastructure.
Cybersecurity expert Eyüp Çelik told the Turkish language daily, Habertürk that the attack, which was noticed as a result of loss in some operators’ overseas performance around 02.30 p.m., Sunday, Oct. 27, gave the operators, banks and end-users a hard time.
According to Çelik, attackers who fail in the infiltration process carry out DDoS in many cases to damage the corporate network. He stressed that companies must continuously conduct denial-of-service attack tests (DoS attack) to avoid and reduce the risk of DDoS.
Çelik, who is also the founder of Privia Security, said: “It has become mandatory to transfer systems of all banks and similar institutions to the cloud in the country to local data centers, by using personal data as an excuse. However, due to infrastructure shortcomings and the lack of capacity, we, unfortunately, remain vulnerable to such denial-of-service attacks. Cloud systems use DDoS Protection, CDN (Content Delivery Network), and Load Balancing to prevent denial-of-service attacks, enabling new servers to be deployed based on incoming traffic size. However, due to insufficient infrastructures, high costs and poorly-managed systems, DDoS traffic could be trapped in data centers, leaving ISPs managing traffic in the lurch. In this attack we have experienced, denial-of-service attacks were carried out with more serious spoofed IP addresses.”