What is a cyber attack?

• May 8, 2023June 8, 2023

Defined as any unauthorized access attempt to computer systems cyber attacks, It aims to attack computing systems, computer networks and computers with the intent to harm. These attacks aim to disable, attempt to disrupt, destroy or control systems, as well as modify, block, delete, manipulate or steal data stored in these systems.

Cyber attacks can be launched by any person or group using different attack strategies. Attackers usually cyber criminal They are classified as malicious and have malicious intentions. These may be individuals who use their computer skills to plan and carry out malicious attacks. They may also be part of criminal organizations that work with other threat actors to discover weaknesses or problems and profit from crime.

Hackers performing cyber attacks can have many different motivations. Some may attack for personal or financial gain, while others may act as "hacktivists" for social or political purposes. Also, some attacks may be part of cyber warfare operations carried out by nation-states against their rivals or the result of attacks by known terrorist groups.

A recent To research göre, katılımcıların %82’si işyerlerindeki cyber security tedbirlerinin yetersiz olduğunu düşünüyor. Özellikle küçük işletmelerde, %56’lık bir kesim henüz herhangi bir siber savunma önlemi almamış durumda. Ayrıca, küresel ölçekte, 3,5 milyon civarında siber güvenlik alanında iş açığı bulunuyor ve siber güvenlik becerileri konusunda ciddi bir eksiklik söz konusu. Bu durum, şirketlerin ve işletmelerin siber güvenlikle ilgili riskleri daha iyi anlamaları ve gerekli önlemleri almaları gerektiğini gösteriyor.

How Are Cyber Attacks Made?

Cyber attacks can be carried out in many different ways and can be quite technically complex.

Cyber attacks are usually carried out by one or more attackers. These attackers first determine their targets and prepare a plan for the attack. Targets can be any organisation, person or even a country. Attackers discover their targets' systems and networks and then look for one or more vulnerabilities to gain access to the systems or networks. These vulnerabilities can often be caused by software or hardware errors. By using these vulnerabilities, attackers access systems or networks and carry out their attacks from there.

There are many types of cyber attacks and each type can be used for a different purpose. Some attacks are carried out using malware. When malware infects a computer or network, it performs various malicious operations on the target device. These actions may include activities such as data deletion, data encryption, information theft, or control of networked devices.

What are the Types of Cyber Attacks?

While there are many different ways an attacker can carry out a cyberattack, many use very similar techniques. Some of the most common types of cyber attacks include:

1. Malware

Malware is software designed to damage electronic devices or engage in unauthorized activities. There are many types of these software that can be installed on the device without the user's consent or awareness, for example, they can infiltrate the device's operating system and corrupt the device, they can be designed to steal personal information or financial data, or they can take over devices by creating botnets.

Common targets of malware include businesses large and small, financial institutions, healthcare providers, and government agencies. Damage caused by these software can include many factors such as data loss, service interruptions, loss of reputation and material damage.

The ways to prevent and protect against malware are the use of security software, safe internet use and regular software updates.

2. Phishing Attacks

Phishing attacksis an online fraud method that aims to steal personal information. These attacks are carried out through fake e-mails, websites or messages, and images and logos of official institutions can be used to gain the trust of users. The target of these attacks is users' personal information and this information is obtained through fake websites or e-mails. Users should be careful, use reliable anti-virus and security software, and change their passwords regularly to ensure their security.

3. Man in the Middle – MITM

It is a type of attack carried out along a communication channel. In this attack, attackers can monitor, manipulate and even fake communication between the two parties.

This attack allows attackers to alter or steal the content of messages by hijacking the communication channel between the two parties. For example, a hacker could use a service such as a website or an application to perform a MITM attack to steal a user's information. The attacker can steal the user's passwords, usernames or credit card information and use this information for malicious purposes.

To protect against such attacks, security measures should be taken, such as using safe and reliable communication channels, installing reliable security software and updates, and changing passwords regularly. In addition, users should not click on fake or suspicious websites or applications and should take additional measures to verify the accuracy of communication channels.

4. Distributed Denial of Service (DDoS) Attack

It is a type of attack made to prevent the normal functioning of a service. In this type of attack, attackers take over multiple devices or computers and combine these devices into a network. These devices are usually collected in a network called a botnet and are under the control of the attackers.

DDoS attacks redirect large amounts of traffic to the targeted service, consuming the service's resources and ultimately rendering the service unavailable. The target of these attacks can be various websites, servers, cloud services, networks and other online services.

To counter DDoS attacks, it is recommended to strengthen the networks and systems of the targeted services and use traffic filtering solutions. In addition, protection tools such as security software and hardware can also defend against DDoS attacks.

5. SQL Injection

It is one of the most common attacks on a web application. In this attack, an attacker looks for vulnerabilities where the web application sends queries to the SQL database, and exploits these vulnerabilities to send whatever query the application requests to the database.

Such attacks can allow attackers to gain access to the web application's database, steal or modify user data, and in some cases even delete all data. SQL InjectionThis can be caused by insecure coding of a web application or poorly implemented security controls such as validating and filtering user data.

To protect from SQL Injection, web applications must be securely coded and security controls must be properly implemented. This means that user inputs are properly validated, filtered, and cleaned before being placed in queries. It is also important that web applications are security tested and updated regularly.

6. Zero-Day Attack

It is a type of attack that performs unwanted activities on target systems by exploiting a discovered but yet unknown vulnerability in the software or system. Attackers can use various methods to find and exploit zero-day vulnerabilities. These attacks are limited in number and target specific.

To protect against zero-day exploits, software and system providers should regularly look for vulnerabilities and release updates. Users should keep their systems up to date using security software and install security updates frequently. In addition, users should download software and files from trusted sources and limit the information they enter.

7. DNS Tunneling

It is a technique used to establish a secure communication channel within a computer network over the DNS protocol. This method can be used to transmit data to normally inaccessible destinations and can be used in a network that has restricted access to the destination or in a network that is blocked by a firewall. An agent uses DNS requests to move data that is not normally found in DNS requests. Hackers can encrypt and decrypt data using DNS Tunneling.

To counter DNS Tunneling attacks, measures should be taken, such as monitoring DNS traffic and tracking suspicious processes, updating DNS servers, and closing vulnerabilities.

8. Business Email Compromise (BEC)

A fraud method known as cyber threat is used to obtain financial or other valuable information by misleading the employees of the institution with fake e-mails or other messages. By using fake email addresses or other messages, attackers mislead employees by forging the name and signature of the business' top executives. Such cyberthreats usually aim to persuade the business to transfer funds by pretending to be a foreign supplier or customer.

To counter cyber threats, businesses need to train their employees against such attacks and make them aware that emails can be fake or misleading. It is also important to establish verification procedures, implement security procedures, ensure account information is protected, and use an effective cyber attack solution against cyber threats.

9. Cryptojacking

Cryptojacking is a type of attack in which malware is used to earn cryptocurrency without the user's knowledge or consent. These attacks can cause computers to slow down, system crashes, and increase energy costs. Attackers can infect malware in different ways, such as malicious scripts on websites, email attachments, advertisements, and other software.

Users should protect their devices using up-to-date antivirus software and avoid suspicious websites. Businesses can also prevent the installation of malware and the use of their devices for cryptojacking by training their employees on safe internet use, by taking strict security measures on their networks.

10. Drive-by Attack

A drive-by attack is a type of attack designed to download and install malware without the user's knowledge and consent while accessing the website. Such attacks can be carried out through outdated browsers or add-ons, malicious websites or advertisements. By installing malicious software on a user's computer, attackers can steal personal information, take control or damage their computer. Therefore, internet users should use up-to-date browsers and plug-ins, avoid suspicious websites, and maintain their security by using a reliable antivirus program.

11. Cross-Site Scripting (XSS) Attacks

Cross-Site Scripting (XSS) attackis a type of attack by injecting malicious code using vulnerabilities in a website. This attack can be used to steal users' information or perform malicious actions by injecting malicious code into website visitors' browsers. XSS attacks can be carried out by inserting malicious JavaScript code in an open space (for example, a search box or a comment field). This code can be loaded into the user's browser, stealing the user's information or performing malicious operations.

To protect against XSS attacks, web developers must close vulnerabilities in their websites and prevent XSS attacks by verifying the inputs. Users should also protect themselves by using up-to-date browsers and a reliable antivirus program and avoid suspicious websites.

12. Password Attack

A cyber attack in which an attacker tries to guess or crack a user's password. Among the different techniques used to crack the password Brute-Force attack, Dictionary attack, Rainbow Table attack, Credential Stuffing, Password Injection and Keylogger attack exists. These techniques are ways that attackers use to obtain the user's password. Phishing techniques are also frequently used.

Users can protect themselves from password attacks by using strong passwords, changing their passwords regularly, and implementing security measures such as two-factor authentication. It is also important to watch out for emails and links from suspicious or unknown sources, as attackers may try to trick users by using phishing techniques.

13. Listening Attack

A eavesdropping attack, also called "snooping" or "sniffing", is a cyberattack by an attacker who listens and records data traffic on a network to access or misuse sensitive information. These types of attacks are more common on insecure open networks, and attackers try to capture users' personal information. Attackers can monitor network traffic by connecting to the target network. Unencrypted network traffic can be more easily intercepted, but modern encryption protocols can provide better protection against such attacks. It is possible to protect from eavesdropping attacks by using secure protocols and not sharing sensitive information, or by using security measures such as a reliable VPN.

14. AI-Powered Attacks

Artificial Intelligence Assisted Attacks are a type of cyber attack in which artificial intelligence technologies are used. These attacks are designed to perform more sophisticated and effective attacks against the target system or network, using technologies such as artificial intelligence and machine learning.

Artificial Intelligence Supported Attacks, It is becoming more common today that cybercriminals can circumvent defensive measures using more advanced tactics and the tools and technologies used to provide cybersecurity become more sophisticated. Such attacks can be of many different types, for example, phishing attacks based on user behavior, password cracking attacks, data spoofing attacks and botnet attacks.

To protect against AI-Assisted Attacks, cybersecurity professionals must develop more advanced defense mechanisms to identify and block attacks using AI and machine learning technologies. It is also important to raise security awareness and adhere to security best practices.

15. IoT-Based Attacks

IoT (Internet of Things) based attacks refer to cyber attacks on IoT devices such as home automation systems, smartphones, security cameras and industrial devices that are connected to the internet. By exploiting device vulnerabilities, attackers can control, crash or exploit devices. For example, by infiltrating a vulnerable IoT device, attackers can intrude into homes or disable an industrial device. Securely configuring IoT devices and timely fixing of vulnerabilities by manufacturers is important to protect from attacks. In addition, monitoring devices, using strong passwords and using secure communication protocols are also necessary to protect from attacks.

What Motivates Cyber Attacks?

Understanding the goals and motivations of cyber attackers can help you identify who might target your organization. In this way, you can strengthen your defense and be prepared for any kind of attack.

1. “Hactivism” – Political or Social Motivation

Hackers perform their cyber attacks for different purposes. One of them is hacktivism, which is cyber attacks for political or social purposes. Hacktivists attack the websites or other digital assets of targeted institutions or governments to raise awareness or exert pressure on a particular political or social issue. These attacks are aimed at blocking or disrupting the operations or services of the targeted organizations. Hacktivism is done to create a change in a particular political or social issue by using cyber attacks as a tool and is often illegal.

2. Financial Gain

Hackers can carry out their cyber attacks for financial gain. Such attacks include personal or corporate information theft, ransomwareis associated with identity theft or the capture of sensitive information such as payment card information. Hackers can steal this information and use it in money laundering operations for financial gain. They can also make financial gains by using ransomware. These types of attacks can cause great harm to victims and demonstrate that cybersecurity risks pose a serious threat.

3. Recognition and Success

Hackers may carry out their cyberattacks for financial gain or political motivation, as well as seeking recognition and success. While hacktivists can promote themselves by carrying out cyberattacks related to a specific purpose, some hackers can attack challenging targets to improve their technical skills or gain expertise. Hackers can use cyberattacks as a tool to gain expertise by bypassing defense systems or to be recruited or consulted by cybersecurity companies or institutions. However, such attacks are often illegal and can have serious consequences.

4. Business Competition

hackersThey can also carry out cyber attacks with the motivation of business competition. Stealing companies' design, production or financial information, disrupting business processes or capturing customer data can create an opportunity for rival companies. However, such attacks are illegal and can have serious consequences.

5. Cyber Warfare

Cyber warfare is the use of hacking attacks between countries, groups or individuals as a war tactic. This tactic can be applied by hacking attacks against one country by another, or by hacking attacks against a country's institutions or infrastructure. Among the targets of cyber warfare, military secrets, defense systems, infrastructures, economic resources, energy resources, utilities, elections can take place. In addition to hacking attacks, hacking attacks such as spyware, malware, information theft, phishing can also be a part of cyber warfare. Among the consequences of cyber warfare, national security, national interests, economic losses, various dangers that can affect people's lives can be counted. The ethical and legal issues of cyber warfare are controversial and a serious issue that needs to be addressed within the framework of international law.

To see the worldwide cyber threats and attacks live https://cybermap.kaspersky.com/ you can visit the website. Kaspersky Cyberthreat Real-Time Map is a service offered by the cybersecurity company Kaspersky. This service provides a live map of worldwide cyber threats and attacks. The map shows different types of cyber attacks and threats in each country, with circles of different colors.

What are the methods of protection from cyber attacks?

There are many methods to protect against cyber attacks. These methods can be grouped under two main headings: Measures that can be taken individually and measures that can be taken for businesses.

Precautions That Can Be Taken Individually

There are several basic methods of individual protection from cyber attacks. First, it's important to use strong and complex passwords. It's also important to change your passwords regularly and avoid using the same password on different accounts. Second, you should install good antivirus software on your computer or other devices. This is important for detecting malware and keeping your device safe.

Also, you should not open messages, emails and files from unknown sources. Such messages can often contain malware or phishing attacks. You should stay away from websites you don't trust and be careful while surfing the internet.

Finally, you must protect your payment information. When shopping online, you should only use trusted websites and when making payments, you should always use a secure connection. By following such basic steps, it is possible to protect yourself from cyber attacks as an individual.

Precautions for Businesses

It is vital for businesses to be prepared for cyber attacks. For this reason, businesses need to strengthen their information technology infrastructure, take steps to monitor network traffic and systems and detect malicious software using security software and hardware. It's also important for businesses to regularly update and close potential vulnerabilities to keep the system up-to-date. In addition to these, preparing crisis plans and educating their personnel about these plans will also help them to be prepared against cyber attacks.

Regular backups of data can prevent the loss of this data and ensure business continuity after the attack. Using strong passwords, restricting data access and cyber security Educating on the issues is also an important step against attacks. These trainings will raise awareness of password security, phishing attacks, use of security software and information security, and will make users aware of attacks.

In addition, businesses restricting access levels increase data security. Employees should only be given access rights to the extent necessary to do their job. In this way, cyber attackers will not be able to access all the data of the enterprise.

As a result, businesses can increase their cybersecurity by taking technical measures and providing user training to protect against cyber attacks. In this way, businesses can ensure business continuity by protecting their data and systems against cyber attacks.

InfinitumIT Monitoring and Regular Inspection Services for Business Security 

Infinitum IToffers services that perform many different types of monitoring and regular checks. Some of these are listed below:

Cyber Security Check: Cyber security controls are made to detect security vulnerabilities in systems, prevent and manage threats.

Network Management and Monitoring: Along with the management and monitoring of the network infrastructure, services such as network traffic analysis and penetration tests are offered.

Application Monitoring and Control: By monitoring the performance of applications, application monitoring and control is done to detect and fix errors.

Server Monitoring and Control: Server monitoring and control is done to monitor the performance of the servers and to provide control on issues such as access management, backup and security.

Data Backup and Recovery: Regular backup and recovery operations are performed for the security and accessibility of data.

Risk management: By identifying possible risks, risk management services are provided for businesses to take precautions and minimize risks.

Thanks to these services, the information systems of the enterprises are constantly monitored and possible problems are detected and resolved as soon as possible. To review the services in more detail: https://www.infinitumit.com.tr/hizmetler/ You can visit our page.

Penalties for Cyber Attacks

Since cyber attacks pose a serious security problem for countries, serious penalties are applied to those who carry out such attacks. Persons responsible for cyber attacks can be punished as a result of legal processes. In these processes, forensic experts can provide support on issues such as identifying the source of attacks and collecting evidence.

There are also various legal sanctions against cyber attacks. For example, some countries have designed specific laws for forensic experts to collect and analyze evidence for cybercrime. These laws can enable more effective judicial action for cyber attacks and other cyber crimes. In addition, some countries may agree that other countries impose sanctions against cyber attacks.

IT Crimes and Penalties in Turkey

Cyber Crimes Regulated in the TCK

These articles constitute the part of the Turkish Penal Code that regulates cyber crimes.

TCK No. 5237 (Turkish Penal Code), It regulates all cyber crimes under the title of "Crimes Committed in the Field of Informatics" between articles 243 and 245.

The cyber crimes regulated in the TCK numbered 5237 are as follows:

• The crime of entering the information system (TCK art.243),

ARTICLE 243. – (1) Any person who illegally enters the whole or part of an information system and remains there is sentenced to imprisonment of up to one year or a judicial fine.

(2) In case the acts defined in the above paragraph are committed about systems that can be utilized for a price, the penalty to be imposed is reduced by half.

(3) If the data contained in the system is destroyed or changed due to this act, he is sentenced to imprisonment from six months to two years.

• Crime of Blocking, Destroying, Making Inaccessible, Destroying or Changing Data (TCK art.244),

ARTICLE 244. – (1) A person who hinders or disrupts the operation of an information system is punished with imprisonment from one year to five years.

(2) A person who corrupts, destroys, changes or renders inaccessible data in an information system, places data on the system, or sends existing data to another place, is sentenced to imprisonment from six months to three years.

(3) If these acts are committed on the information system of a bank or credit institution or a public institution or institution, the penalty to be imposed is increased by half.

(4) In the event that the person gaining an unfair advantage for himself or someone else by committing the acts defined in the above paragraphs does not constitute another crime, he is sentenced to imprisonment from two years to six years and a judicial fine up to five thousand days.

• The crime of misuse of a bank or credit card (TCK art.245),

ARTICLE 245. – (1) If a person who seizes or holds a bank or credit card belonging to another person, for any reason, uses it or makes someone else use it without the consent of the cardholder or the person to whom the card is to be given, he shall be sentenced to imprisonment from three years to six years. and is punished with a judicial fine.

(2) A person who benefits himself or someone else by using a bank or credit card that has been fraudulently created or forged, shall be sentenced to imprisonment from four years to seven years, unless the act constitutes another crime requiring a heavier penalty.

Known examples of cyber attacks in Turkey

Some known cases of cyber attacks in Turkey:

1. In 2016, many banks, media outlets and government institutions in Turkey were exposed to DDoS attacks. It has been claimed that these attacks stemmed from the tensions with Russia.

https://www.bbc.com/turkce/haberler-38489376

2. In 2015, many government sites in Turkey were subjected to DDoS attacks by a group supporting a website that was banned in Turkey.

https://www.independent.co.uk/tech/anonymous-declares-war-on-turkey-opsis-russia-cyberattack-erdogan-a6784026.html

Known Cyber Attack Cases in the World

1. WannaCry Attack (2017): named WannaCry ransomwarecarried out a worldwide attack in May 2017. The attack spread using vulnerabilities in Microsoft Windows operating systems, locking the computers of many organizations and demanding ransom. As a result of the attack, many organizations suffered serious financial losses and millions of computers worldwide were affected.

https://wiki-turk.com/wannacry-saldirisi/

2. Target Attack (2013): Target Corporation is a US retail chain. In November 2013, credit card information of nearly 40 million customers was stolen as a result of a cyberattack on Target's payment systems. As a result of the attack, Target suffered serious financial losses and its customers' confidence was shaken.

https://www.hurriyet.com.tr/ekonomi/40-milyon-kredi-karti-caldilar-26006225

3. Equifax Attack (2017): Equifax is a credit report provider in the USA. In 2017, the personal information of approximately 143 million customers was stolen as a result of an attack on the company's systems. This information included sensitive information such as names, social security numbers, dates of birth and addresses. As a result of the attack, Equifax suffered serious financial losses and its customers' confidence was shaken.

https://www.aa.com.tr/tr/dunya/abdli-kredi-raporlama-sirketi-700-milyon-dolar-ceza-ve-tazminat-odeyecek/1538596

4. Sony Attack (2014): Sony Pictures Entertainment is a US-based film studio. In November 2014, several company documents and movie scripts were stolen as a result of a cyberattack on the company's computer systems. As a result of the attack, Sony Pictures Entertainment suffered serious financial losses and personal information of many employees was stolen.

https://onedio.com/haber/baslangicindan-bugune-tum-detaylariyla-sony-pictures-hack-skandali-422621

5. Yahoo Attack (2013-2014): Yahoo is a US-based internet company. Between 2013 and 2014, the account information of nearly 3 million users was stolen as a result of a cyberattack on the company's systems. However, a 2016 review revealed that the attack was even bigger, with nearly 1 billion users' account information stolen. As a result of the attack, Yahoo suffered serious financial losses and the trust of its customers was shaken.

https://www.trthaber.com/haber/bilim-teknoloji/yahooda-guvenlik-skandali-288249.html

Damages Cyber Attacks May Cause Your Business

Cyber attacks can harm your business in many different ways. By compromising the security of the data in your business, theft of customer information, affecting the financial situation of your business, loss of reputation, legal problems, etc. They can cause many problems such as

First, your business data can be stolen or damaged as a result of a cyberattack. This data includes customer information, financial information, business secrets, etc. may contain sensitive information such as This can cause you to lose customer trust, damage your reputation and reduce customer satisfaction.

Also, a cyberattack could bring your business to a standstill. As a result of the attack, your systems may crash or data may be lost, which can cause your business to lose revenue. Failure to serve your customers can lead them into the hands of your competitors, which can affect your business's finances.

Cyber attacks can also negatively affect your business's reputation. Theft of your customers' data or your inability to provide your services can cause your customers to feel distrustful of doing business with you. This can result in a decrease in the number of customers and a decrease in your business volume.

Finally, you may face legal problems as a result of a cyber attack. Stealing customer information or revealing business secrets can result in lawsuits or fines for your business.

InfinitumIt Penetration Testing Service

Penetration testing is a security test performed to detect weak spots in an organization's systems and identify vulnerabilities by attempting to gain unauthorized access to the system using them. InfinitumIT uses the latest technologies to provide realistic penetration tests to its customers and reports any security vulnerabilities to its customers. This service helps customers strengthen their security measures and reduce information security risks. InfinitumIT follows best practices to protect its customers' information security and customizes penetration testing services to suit their customers' needs.