After the July 15 failed coup attempt orchestrated by fugitive retired imam Fethullah Gülen, who lives in the U.S., Turkish state institutions and the country's communications and electricity infrastructure might be under threat of cyberattack by the Gülenist Terror Group (FETÖ), according to claims. "The FETÖ's next step will be a comprehensive cyberattack targeting banks, state institutions and communications infrastructure," Nurettin Veren, a former senior Gülenist said on Aug. 7. "I warn in advance that they [Gülenists] still have loyal members in key state institutions who have the capability to conduct a comprehensive cyberattack." Veren further claimed that "Gülen has placed some of his loyal followers on Twitter, in Apple and on Facebook, even infiltrating NASA."
In his sermon after the July 15 coup attempt, Gülen said: "No matter how hard it is, hang in there and be patient." Gülen hinted at an incubation period in his message to followers, asking them to be patient for 20 days. The official Twitter account of Mevlana University, which the government recently closed as being affiliated with the Gülen Movement, posted new threats, tweeting: "See you on August 14." The FETÖ's previous track record is causing increasing suspicion of their involvement in cybercrimes. IbTimes and Wired.com reported in 2013 that one woman living in the U.S. believed she was the target of a cyber-attack because of her outspoken criticism of the Gülen Movement.
Turkey has experienced several cyberattacks in recent years. According to research by Turkish defense company STM, Turkey ranks ninth on the list of countries most targeted by cyberattacks. On Dec. 14, 2015, Nearly 400,000 websites with the ".tr" domain were hacked and the international hacker group Anonymous claimed responsibility for the cyberattack. On March 31, 2015 Turkey experienced a nationwide blackout. It was rocked by a massive power outage in almost every province across the country, leaving millions without electricity for hours. The metro and trams in Istanbul and Ankara came to a halt, traffic lights stopped working and people were trapped in elevators, while some factories lacking backup power stopped production. Cellphone networks suffered disruptions as well. Even though officials said that it was a technical problem, many people suspect that it was a cyberattack and the main reason of the blackout is still unclear.
Commenting on Turkey's resistance to cyberattacks, cybersecurity expert Abdullah Çiftçi said that the types of cyberattacks vary in nature. "The attack on '.tr' domain websites was a Distributed Denial of Service (DDos) that halted DNS [activity] that exceeded the limits of the bandwidth, and this type of attack could happen again," he said. Dr. Erman Ayday from Bilkent University said that state institutions took precautions against the threat of cyberattacks from outside the country. However, he stressed that a possible cyberattack could come from inside state institutions, referring to the failed July 15coup attempt, adding: "There are some methods to prevent these kinds of attacks that could come from inside, but quite frankly, I do not know if state institutions practice these methods."
Çiftçi is also the head of the Social Media Strategy and Information Technology Association. "There have been many FETÖ members who infiltrated state institutions related to the data processing infrastructure and even after the coup attempt they could still have loyal members inside these institutions," Çiftçi said. "It is hard to defy an attack that comes from inside in terms of software vulnerability," he added.
When asked which state institutions might be a target of a possible cyberattack, Ayday said that the most critical sectors include the "electricity networks, energy distribution units, e-state system, banks, stock markets and public transportation that can be remotely controlled." Calling cyberattacks a modern war tactic of the 21st century, Çiftçi said that FETÖ members could launch a cyberattack to try to create chaos, adding: "They may target electric network, phones, the internet, banks, stock markets, land registry databases and health data to steal information."