Tarih: Issue 98 - April 2020
Putting its signature under important projects and domestic products in the field of cyber security in Turkey, STM's Technological Think-Tank Center "ThinkTech" announced the new Cyber Threat Status Report covering the period of October-December 2019. The report highlighted the cyber threats that occurred in 2019, and new cyber-attacks predicted for 2020.
STM Experts have been examining cyber threats and cyber incidents caused by these threats and has shared their insight with the public throughout the year. A declaration was made that the health sector will be affected the most in 2020, and that attack campaigns against critical infrastructures and industrial systems such as energy, communication and transportation will also face risks. The Cyber Threat Status Report predicts that the material size of damage will increase, and intangible damage will reach a crucial level with the threat of the disclosure of critical data such as blood values and DNA information. The report also noted that attacks on medical systems used in the healthcare industry continue be at risk because of exposure to the ransomware attack in 2019.
In the report attention is drawn to the increase in the attacks on electronic election studies, it emphasized that wireless network attacks will be seen more often due to the emergence of new threats and vulnerabilities upon the implementation of 5G technology that is expected to be introduced in 2020. While fake applications threatening mobile devices and cloud systems also remain on the agenda this year, smart devices used in daily life are becoming the new target of attacks and cyber espionage campaigns.
Turkey being targeted with e-government deceptions!
STM's new report has revealed that the use of fake e-government applications, which is a system frequently used by the citizens of the Republic of Turkey, is a new method of cyber attackers. The most striking and dangerous attack in the fake applications category during the the last quarter was a malware that imitates the “e-Government” application, where almost everyone has access to their personal information. This phishing attack which targeted Turkey took place in the Play Store for a short while in September of last year.
The rise in the number of fake applications today increases the danger. Harmful software which imitates one of the most preferred browsers Chrome and one of the popular electronic book reading applications “E-Book Reader”, in addition to the e-Government app was found to have threatened many users.
Credit card details disclosed!
More than 455,000 credit card details of Turkish banks were put up for sale on the "dark web" last year. This cyber security incidents were observed in the last quarter of 2019. The Cyber Threat Status Report analyzed the leak which occurred between October 28 and November 27, and announced that the leak was due to online service platforms, not banks, since the card details belong to different banks.
Modems in our homes at risk!
The Cyber Threat Status Report warns against Mirai malware, which contains many threats against modems as well as IoT devices. In the Mirai attack, the newly variant of the harmful Gafgyt software detected in 2019, allows the device to be hijacked and run remotely. This technique increases risk to small business and home routers. According to the report, there are more than 32,000 Wi-Fi routers in the world that are potentially vulnerable to such exploits. For protection against such malware, security updates of modems need to be made, or upgraded, if appropriate. Taking precautions against the security gaps of the Zigbee protocol, one of the most common and important wireless communication technologies used on IoT devices, is also of great importance to protect the privacy of users.
Be Cautious about smart devices leaking personal information!
It is estimated that there will be 20 billion IoT devices in the world in 2020 and there is also a big threat regarding the leak of sensitive and personal data. According to the report, data breach tests at two separate laboratories in the UK and the US revealed that some of the devices received unexpected video and audio recordings. In addition, it was observed that 56% of the devices tested in the US and 83.8% in the UK interacted with devices or applications outside their particular region.