August 24, 2017
BTK President Sayan, speaking at the USOM-SOME III Consultation Meeting, said, “To benefit from the advantages of the digital economy, we must create a ‘secure’ and ‘reputable’ environment for the internet and information technologies.”
The USOM-SOME III Consultation Meeting was held at the BTK headquarters. The Consultation Meeting, organized by the National Cyber Incident Response Center (USOM), which conducts activities to detect and prevent cyber threats originating from domestic and international sources across the country, began with the opening speeches of Dr. Ömer Fatih Sayan, President of the Information Technologies and Communication Authority. The program continued with an informative presentation by Gökhan Evren, Head of the Information Technologies Department, followed by short technical training sessions.
WE MUST CREATE A “SECURE” AND “REPUTABLE” ENVIRONMENT
Beginning his speech by touching on the contributions brought by the effective use of the internet and information technologies in healthy functioning economies, BTK President Sayan said: “It is impossible to deny the conveniences brought by technology and its contributions to our business processes. However, to benefit from the advantages of the digital economy, we must create a ‘secure’ and ‘reputable’ environment for the internet and information technologies.”
Stating that establishing trust in this area depends on ensuring uninterrupted communication and enhancing cyber security, President Sayan continued: “We all experienced the most concrete example of this recently. The year we left behind was extremely difficult and sorrowful for our country. On July 15, 2016, an attempt was made against our Republic and democracy. However, thanks to the heroism of our nation, we successfully passed a great test against the terrorists dressed in military uniforms.
In these incidents, electronic communication sector infrastructures were also targeted, but thanks to the measures taken, we overcame the said attacks with minimal damage. Under the coordination of our institution and the measures taken by operators, no disruptions occurred in communication services despite intensive data and voice usage nationwide. Uninterrupted service was provided, and all news could be followed moment by moment thanks to our country's advanced communication infrastructure capabilities. In this context, our institution and the National Cyber Incident Response Center (USOM) played a significant role in the conducted studies.”
CYBER SECURITY IS STRENGTHENING
President Sayan stated that the number of Cyber Incident Response Teams (SOME) operating under the USOM umbrella has reached a total of 713, with 9 sectoral and 704 institutional: “The national cyber security organization in our country began to take shape within the hierarchy of USOM – sectoral and institutional SOMEs with the establishment of USOM in May 2013 and the formation of cyber incident response teams. It is strengthening day by day with the establishment of new SOMEs.”
NEARLY 3,000 MALICIOUS CONNECTIONS BLOCKED
BTK President Sayan noted that 2,833 malicious connections used for cyber attacks were detected and blocked. Drawing attention to the increase in the number of malicious connections intended for phishing, President Sayan said: “Among the malicious connections, there has been a %354 increase in phishing malicious connections and a %237 increase in Banking-Phishing malicious connections. The reason for this significant increase is not only the rise in the number of attackers but also the effective and rapid functioning of the reporting system. Because, as a result of reports received through USOM, our experts evaluate and substantiate according to existing criteria to determine whether the relevant connection falls into the malicious connection category.”
Sayan continued: “Backdoors were detected in the publicly accessible sources of around 300 institutions following attacks by attackers, and this was notified to the relevant institutions.
36 foreign-sourced BotNet command and control servers targeting individuals and institutions in our country were detected and taken down. As a result, information of over 5,000 mobile phone owners infected with malicious software was obtained from the cyber attackers' command and control servers, and the relevant persons were identified. This information was shared with banks through BDDK, preventing victimizations.
An operation was conducted against the command and control servers of the malicious software named LokiBotnet, one of the detected BotNets, which particularly targeted smartphone users in Turkey. After obtaining the information detected on the command servers, the said command centers belonging to LokiBotnet were taken down. Information on affected devices and persons from LokiBotnet, along with attacker information, was shared with BDDK, General Directorate of Security, and relevant institutions. Banks took necessary measures in this scope and issued warnings to their customers. Thanks to the rapid measures taken, no cases of financial loss were reported during the relevant period.”
WE HAVE NO TOLERANCE FOR ANY LOSS IN OUR CYBER DEFENSE
Looking at BotNet attacks worldwide in 2016, President Sayan, who said that Mirai, Kaiten, and Spike type BotNets were among the most commonly used in such attacks, stated: “When we look at DDoS attacks originating from BotNets worldwide, we see that 100 Gigabit/sn attacks are now frequently encountered, and attacks of 500 Gigabit/sn and above have begun to occur. According to 2017 data reported to USOM by operators in our country, a total of 50,747 DDoS attacks took place.” He added, “What you do not defend is not yours. In our Cyber Defense, which we conduct in a fully coordinated manner and must continue to do so, we have no tolerance for any loss. We aim to spread this unity across the entire country like waves, in line with the saying ‘There are no defense lines; the defense area is the entire land. And that land is the whole homeland.’”
WE ARE MARCHING TOWARDS OUR 2023 GOALS
Drawing attention to the awakening aspect of cyber attacks, President Sayan said: “Mankind can only perceive a threat directed at them when they see it concretely. Throughout history, one of the primary elements that developed civilizations has been the need for security. The poet's verse:
Oh my enemy! You are my expression and my speed
Day needs night; I also need you
expresses the truth that is the development process itself. We see where the world is going in the cyber field. We see where our friends and enemies are going. We owe nothing to any friend, and we will not bow to any enemy!.. Therefore, we are marching towards the great Turkey of the future along the 2023 goals outlined by our President, sparing no sacrifice for the security of our people, and continuing our work.”
INFORMATION FLOW MUST BE PROVIDED EFFECTIVELY AND EFFICIENTLY
Thanking the SOME representatives for their important contributions and dedicated efforts to our country's cyber defense, President Sayan reminded the importance of coordination and information flow between USOM and SOME. Speaking about the SOME Communication Platform (SİP) established to ensure more secure, effective, and fast communication between USOM and SOME: “As USOM, we are already sending our notifications to you valuable SOMEs through SİP. It is extremely important to keep the SOME communication information here up to date so that these notifications made through SİP can reach you and communication can be provided effectively. In this framework, we expect you to use SİP as an effective communication tool. Mankind has no chance against evil in any work done alone. Because what separates good from evil is boundaries; good has rules and boundaries, but evil does not. Therefore, the only way for good is to act together. It is to stand back-to-back. It is to share and benefit from mutual experiences.”
THERE IS A NEED FOR EXPERTS IN CYBER SECURITY
Stating that one of the important factors in developing national cyber security is cyber capacity building, President Sayan said: “As you know, like all over the world, there is a need and shortage of experts in Cyber Security in our country as well. Published reports show that 6 million cyber security personnel will be needed worldwide in 2019. This means tens of thousands of experts on our country's scale. We are continuing our work to meet this need by making our plans accordingly.
Our country's advantage in this regard is having a young and dynamic potential. We aim to meet the expert need by unleashing the potential in our youth who have a high aptitude for technology. For this reason, without requiring a graduation condition, we made a call to patriotic young people who say ‘I am in!’ to support our country's cyber defense in the virtual environment in technology and cyber security fields, and to participate in training and camp events in this area. We received a large number of applications for this call. The number of applications exceeded 27 thousand, and with the 24-hour ‘CYBER STAR Capture The Flag’ competition, we took an important step in raising awareness among our young people interested in cyber security and identifying our talented experts.”
OUR TRAINING ACTIVITIES WILL CONTINUE
President Sayan spoke about the training activities conducted by USOM under the BTK umbrella: “In the scope of training activities we organized for SOME teams;
- Information Security Training to 135 participants from hospitals, municipalities, and public institutions,
- Industrial Control Systems (SCADA) Security Training to 45 participants from SOMEs in the energy sector.
In addition, within the framework of the HackTrick event hosted by our institution, a Capture The Flag competition with 8 teams participating, and in different areas of cyber security;
- From web application security to wireless network security,
- From malware analysis to digital forensics analysis,
- From Reverse Engineering to IoT security,
lessons were organized in 25 classes on various topics, and over 1,000 people participated in these lessons.
Additionally, on the occasion of our 17th anniversary, coding training was provided to the children of our institution's employees within the scope of the ‘Tomorrow Coders’ project. From now on, we will increase and continue our efforts such as cyber security drills and competitions, sector-specific trainings for capacity building, i.e., training expert personnel in cyber security.”
Drawing attention to cyber attacks becoming intertwined with our daily lives, President Sayan said: “We must gain the ability to organize in very short times and at a high tempo, and coordinate with all our friends working in the cyber field.”
BTK President Dr. Ömer Fatih Sayan concluded his speech wishing the consultation meeting and trainings to be beneficial. The meeting continued with the presentation of Gökhan Evren, Head of the Information Technologies Department, short technical trainings, and questions from participants.