{"id":37041,"date":"2021-12-07T09:43:01","date_gmt":"2021-12-07T06:43:01","guid":{"rendered":"https:\/\/emlaktuel.com\/?p=37041"},"modified":"2021-12-07T09:43:01","modified_gmt":"2021-12-07T06:43:01","slug":"2022de-siber-guvenlik-dunyasini-neler-bekliyor","status":"publish","type":"post","link":"https:\/\/emlaktuel.com\/?p=37041","title":{"rendered":"2022’de siber g\u00fcvenlik d\u00fcnyas\u0131n\u0131 neler bekliyor"},"content":{"rendered":"

Siber sald\u0131r\u0131larla dolu ge\u00e7en 2021 y\u0131l\u0131 sona eriyor. Bu y\u0131l bir\u00e7ok kurum siber g\u00fcvenlik alg\u0131s\u0131n\u0131 de\u011fi\u015ftirse de yeni y\u0131lda neler beklendi\u011fi merak konusu oluyor. Siber g\u00fcvenlik sekt\u00f6r\u00fcnde y\u0131l boyunca neler oldu\u011funu ve ufukta nelerin bulundu\u011funu anlamak i\u00e7in g\u00f6zlem yapan WatchGuard Technologies, 2022\u2019ye dair 6 \u00f6nemli \u00f6ng\u00f6r\u00fc payla\u015f\u0131yor.<\/strong><\/p>\n

\u00a0<\/strong><\/p>\n

2021 y\u0131l\u0131 bir\u00e7ok kurum i\u00e7in siber sald\u0131r\u0131larla dolu bir y\u0131ld\u0131. Belirsizliklerle ge\u00e7en bir y\u0131l\u0131n ard\u0131ndan ise yeni y\u0131lda neler olaca\u011f\u0131 bir\u00e7ok ki\u015finin akl\u0131n\u0131 kar\u0131\u015ft\u0131r\u0131yor. A\u011f g\u00fcvenli\u011fi ve zekas\u0131, g\u00fcvenli Wi-Fi, geli\u015fmi\u015f u\u00e7 nokta g\u00fcvenli\u011fi ve \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulaman\u0131n \u00f6nde gelen k\u00fcresel sa\u011flay\u0131c\u0131s\u0131 WatchGuard Technologies, uzayda ger\u00e7ekle\u015fecek siber sald\u0131r\u0131lardan siber sigortalara kadar uzanan 2022 y\u0131l\u0131 siber g\u00fcvenlik \u00f6ng\u00f6r\u00fclerini payla\u015f\u0131yor.<\/p>\n

 <\/p>\n

1. Devlet destekli mobil tehditler siber su\u00e7lar\u0131n yeralt\u0131 d\u00fcnyas\u0131na s\u0131zacak.<\/em><\/strong>\u00a0Mobil k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar \u00f6zellikle Android platformunda bulunsa da hen\u00fcz ayn\u0131 geleneksel masa\u00fcst\u00fc k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m \u00f6l\u00e7e\u011fine y\u00fckselmedi\u011fi g\u00f6r\u00fcl\u00fcyor. Bu durum k\u0131smen mobil cihazlar\u0131n en ba\u015ftan g\u00fcvenli bir mekanizma ile tasarland\u0131\u011f\u0131ndan ve kurban etkile\u015fimi gerektirmeyen s\u0131f\u0131r dokunu\u015f”tehditleri olu\u015fturmay\u0131 \u00e7ok daha zor hale getirmesinden kaynaklan\u0131yor ancak bu cihazlara kar\u015f\u0131 bulunmas\u0131 zor olsa da ciddi uzaktan g\u00fcvenlik a\u00e7\u0131klar\u0131 mevcut bulunuyor. Bununla birlikte, mobil cihazlar hem cihazlar\u0131n yetenekleri hem de i\u00e7erdikleri bilgiler nedeniyle devlet destekli siber ekipler i\u00e7in \u00e7ok cazip bir hedef sunuyor. \u00d6n\u00fcm\u00fczdeki y\u0131l, g\u00fcn y\u00fcz\u00fcne \u00e7\u0131kmaya ba\u015flayan devlet destekli mobil sald\u0131r\u0131lar nedeniyle sofistike siber su\u00e7lu mobil sald\u0131r\u0131lar\u0131nda bir art\u0131\u015f bekleniyor.<\/p>\n

 <\/p>\n

2. Uzay\u0131 hedefleyen hackerlerin haberleri man\u015fetlere \u00e7\u0131kacak.\u00a0<\/em><\/strong>H\u00fck\u00fcmetler ve \u00f6zel sekt\u00f6r uzay yar\u0131\u015f\u0131na odaklan\u0131yor ve son siber g\u00fcvenlik ara\u015ft\u0131rmalar\u0131n\u0131n uydu g\u00fcvenlik a\u00e7\u0131klar\u0131 \u00fczerine yo\u011funla\u015fmas\u0131yla birlikte, 2022’de uzayda hacklemenin man\u015fetlere \u00e7\u0131kaca\u011f\u0131 tahmin ediliyor. Son zamanlarda uydu korsanl\u0131\u011f\u0131, ara\u015ft\u0131rmac\u0131lar aras\u0131nda ve DEF CON gibi konferanslarda siber g\u00fcvenlik camias\u0131n\u0131n ilgisini \u00e7ekti. Uydular \u00e7o\u011fu tehdidin ula\u015famayaca\u011f\u0131 cihazlar gibi g\u00f6r\u00fcnse de ara\u015ft\u0131rmac\u0131lar, yakla\u015f\u0131k 300 dolarl\u0131k donan\u0131m kullanarak onlarla ileti\u015fim kurabileceklerini ke\u015ffettiler. Bununla birlikte, bir\u00e7ok \u00f6zel \u015firket y\u00f6r\u00fcngedeki sald\u0131r\u0131 y\u00fczeyini b\u00fcy\u00fck \u00f6l\u00e7\u00fcde art\u0131racak uzay yar\u0131\u015f\u0131na ba\u015flad\u0131. Starlink gibi \u015firketler binlerce uydu f\u0131rlat\u0131yor. Bu iki e\u011filimin yan\u0131 s\u0131ra y\u00f6r\u00fcnge sistemlerinin ulus devletler, ekonomiler ve toplum i\u00e7in h\u00fck\u00fcmetlerin siber savunma kampanyalar\u0131na \u015fimdiden uzayda sessizce ba\u015flad\u0131klar\u0131 d\u00fc\u015f\u00fcn\u00fcl\u00fcyor.<\/p>\n

 <\/p>\n

3. Mesajla\u015fma platformlar\u0131nda kimlik av\u0131 sald\u0131r\u0131lar\u0131 artacak.\u00a0<\/em><\/strong>SMS av\u0131 olarak bilinen metin tabanl\u0131 kimlik av\u0131, y\u0131llar i\u00e7inde istikrarl\u0131 bir \u015fekilde artt\u0131. E-posta sosyal m\u00fchendisli\u011fi gibi hedeflenmemi\u015f cazibeli mesajlar\u0131n b\u00fcy\u00fck kullan\u0131c\u0131 gruplar\u0131na spam olarak g\u00f6nderilmesiyle ba\u015flad\u0131. Ancak son zamanlarda belki de patronlar da dahil olmak \u00fczere tan\u0131d\u0131k birinden gelen mesajlar gibi g\u00f6r\u00fcnen daha hedefli metinlere d\u00f6n\u00fc\u015ft\u00fc. Buna paralel olarak k\u0131sa mesajlar i\u00e7in tercih edilen platformlar da geli\u015fti. Kullan\u0131c\u0131lar ve \u00f6zellikle profesyoneller NIST, \u00e7e\u015fitli operat\u00f6r ihlalleri ve Signaling System 7 (SS7) gibi operat\u00f6r standartlar\u0131ndaki zay\u0131fl\u0131klar sayesinde a\u00e7\u0131k metin SMS mesajlar\u0131n\u0131n g\u00fcvensizli\u011fini fark etti. Bu durum, bir\u00e7ok ki\u015finin i\u015f metin mesajlar\u0131n\u0131 WhatsApp, Facebook Messenger ve hatta Teams, Slack gibi alternatif uygulamalara ta\u015f\u0131mas\u0131na neden oldu. WhatsApp ve benzeri bir\u00e7ok mesajla\u015fma platformunda hedeflenen kimlik av\u0131 mesajlar\u0131n\u0131n 2022’de ikiye katlanmas\u0131n\u0131 bekleniyor.<\/p>\n

 <\/p>\n

4. Parolas\u0131z kimlik do\u011frulama, MFA olmadan uzun s\u00fcrede ba\u015far\u0131s\u0131z kalacak.\u00a0<\/em><\/strong>Windows parolas\u0131z hale geldi. Dijital do\u011frulama i\u00e7in yaln\u0131zca parolalardan uzakla\u015fmay\u0131 kutlarken, t\u00fcm tek fakt\u00f6rl\u00fc kimlik do\u011frulama mekanizmalar\u0131n\u0131n yanl\u0131\u015f se\u00e7im oldu\u011fu ve eski parola hatalar\u0131n\u0131 tekrarlad\u0131\u011f\u0131 d\u00fc\u015f\u00fcn\u00fcl\u00fcyor. Windows 10 ve 11 art\u0131k Hello (Microsoft’un biyometrisi), bir Fido donan\u0131m belirteci veya bir kerelik \u015fifreli (OTP) bir e-posta gibi se\u00e7enekleri kullanarak tamamen \u015fifresiz kimlik do\u011frulamas\u0131 ayarlaman\u0131za izin verecek. Ancak dijital kimlik do\u011frulamas\u0131 i\u00e7in \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulama \u00e7\u00f6z\u00fcmleri kullan\u0131lmal\u0131d\u0131r. Hello’yu yine de kolay bir kimlik do\u011frulama fakt\u00f6r\u00fc olarak kullanabilsek de kurulu\u015flar, kullan\u0131c\u0131lar\u0131 cep telefonunuza \u015fifreli bir kanal \u00fczerinden g\u00f6nderilen an\u0131nda iletme onay\u0131 gibi ba\u015fka bir \u00f6\u011feyle e\u015fle\u015ftirmeye te\u015fvik etmelidir. K\u0131saca 2022 y\u0131l\u0131nda Windows parolas\u0131z kimlik do\u011frulaman\u0131n ba\u015flayaca\u011f\u0131 ancak hackerlerin ve ara\u015ft\u0131rmac\u0131lar\u0131n bu \u00e7\u00f6z\u00fcm\u00fc kolayca atlayarak ge\u00e7mi\u015fteki vakalar\u0131n tekrarlanabilece\u011fi \u00f6ng\u00f6r\u00fcl\u00fcyor.<\/p>\n

 <\/p>\n

5. \u015eirketler artan maliyetlere ra\u011fmen siber sigortay\u0131 art\u0131racak.\u00a0<\/em><\/strong>2013’te ba\u015flayan fidye yaz\u0131l\u0131mlar\u0131n\u0131n astronomik ba\u015far\u0131s\u0131ndan bu yana siber g\u00fcvenlik sigortac\u0131lar\u0131, m\u00fc\u015fterileri bu tehditlere kar\u015f\u0131 korumak i\u00e7in \u00f6deme maliyetlerinin \u00f6nemli \u00f6l\u00e7\u00fcde artt\u0131\u011f\u0131n\u0131 fark etti. S&P Global’in bir raporuna g\u00f6re, siber sigortac\u0131lar\u0131n zarar oran\u0131 2020’de art arda \u00fc\u00e7\u00fcnc\u00fc y\u0131lda 25 puan k\u0131sacas\u0131 %72’den fazla artt\u0131. Bu durum, ba\u011f\u0131ms\u0131z siber sigorta poli\u00e7e primlerinin 2020’de %28,6 artarak 1,62 milyar ABD dolar\u0131na ula\u015fmas\u0131yla sonu\u00e7land\u0131. Sonu\u00e7 olarak, m\u00fc\u015fteriler i\u00e7in siber g\u00fcvenlik gereksinimlerini b\u00fcy\u00fck \u00f6l\u00e7\u00fcde art\u0131rd\u0131lar. Sadece sigorta fiyat\u0131 artmakla kalmad\u0131, ayn\u0131 zamanda sigortac\u0131lar art\u0131k siber g\u00fcvenlikle ilgili kapsama alan\u0131 sa\u011flamadan \u00f6nce m\u00fc\u015fterilerin g\u00fcvenli\u011fini aktif olarak taramaya ve denetlemeye ba\u015flad\u0131. Kurumlar 2022’de, uzaktan eri\u015fimde \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulama (MFA) dahil olmak \u00fczere uygun korumalara sahip de\u011filse siber sigortay\u0131 istedikleri fiyattan veya hi\u00e7 alamayabilirler. Di\u011fer d\u00fczenlemeler ve uyumluluk standartlar\u0131 gibi g\u00fcvenlik ve denetime odaklanan bu yeni sigorta i\u015flemleri, \u015firketlerin 2022’de savunmay\u0131 iyile\u015ftirmeye y\u00f6nelik yeni bir odak noktas\u0131 olu\u015fturacak.<\/p>\n

 <\/p>\n

6. S\u0131f\u0131r G\u00fcven yakla\u015f\u0131m\u0131 benimsenecek.\u00a0<\/em><\/strong>Ge\u00e7ti\u011fimiz y\u0131llar boyunca sald\u0131rganlar\u0131n temel g\u00fcvenlik ilkelerini takip etmeyen kurulu\u015flar\u0131 s\u00f6m\u00fcr\u00fcrken yanal olarak hareket edebilecekleri ve eri\u015fim d\u00fczeylerini y\u00fckseltebilecekleri g\u00f6r\u00fcld\u00fc. Son zamanlarda ise Zero Trust ad\u0131 alt\u0131nda \u201cmodern\u201d bir bilgi g\u00fcvenli\u011fi mimarisi pop\u00fclerlik kazand\u0131. S\u0131f\u0131r G\u00fcven yakla\u015f\u0131m\u0131 temel olarak \u201cihlalin varsay\u0131lmas\u0131\u201d anlam\u0131na gelir. Ba\u015fka bir bak\u0131\u015fla, bir sald\u0131rgan\u0131n varl\u0131klar\u0131n\u0131zdan veya kullan\u0131c\u0131lar\u0131n\u0131zdan birinin g\u00fcvenli\u011fini zaten ihlal etti\u011fini varsaymak ve a\u011f g\u00fcvenlik korumalar\u0131n\u0131z\u0131, daha kritik sistemlere yanal olarak hareket etme yeteneklerini s\u0131n\u0131rlayacak \u015fekilde tasarlamakt\u0131r. S\u0131f\u0131r g\u00fcven yakla\u015f\u0131m\u0131 hakk\u0131ndaki tart\u0131\u015fmalarda “mikro segmentasyon” ve “iddia edilen kimlik” gibi terimlerin kullan\u0131ld\u0131\u011f\u0131 g\u00f6r\u00fclecek. Ancak \u00e7o\u011fu ki\u015fi bu trend mimarinin, g\u00fc\u00e7l\u00fc kimlik do\u011frulama fikrinin mevcut, uzun s\u00fcredir devam eden g\u00fcvenlik ilkeleri \u00fczerine in\u015fa edildi\u011fini fark edecektir. 2022’de kurumlar\u0131n \u00e7o\u011funun sonunda t\u00fcm a\u011flar\u0131nda en eski g\u00fcvenlik kavramlar\u0131ndan baz\u0131lar\u0131n\u0131 hayata ge\u00e7irecek ve buna S\u0131f\u0131r G\u00fcven diyeceklerini tahmin ediliyor.<\/p>\n

 <\/p>\n

\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Siber sald\u0131r\u0131larla dolu ge\u00e7en 2021 y\u0131l\u0131 sona eriyor. Bu y\u0131l bir\u00e7ok kurum siber g\u00fcvenlik alg\u0131s\u0131n\u0131 de\u011fi\u015ftirse de yeni y\u0131lda neler beklendi\u011fi merak konusu oluyor. Siber g\u00fcvenlik sekt\u00f6r\u00fcnde y\u0131l boyunca neler oldu\u011funu ve ufukta nelerin bulundu\u011funu anlamak i\u00e7in g\u00f6zlem yapan WatchGuard Technologies, 2022\u2019ye dair 6 \u00f6nemli \u00f6ng\u00f6r\u00fc payla\u015f\u0131yor. \u00a0 2021 y\u0131l\u0131 bir\u00e7ok kurum i\u00e7in siber sald\u0131r\u0131larla […]<\/p>\n","protected":false},"author":1,"featured_media":37044,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0},"categories":[26],"tags":[15619],"_links":{"self":[{"href":"https:\/\/emlaktuel.com\/index.php?rest_route=\/wp\/v2\/posts\/37041"}],"collection":[{"href":"https:\/\/emlaktuel.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/emlaktuel.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/emlaktuel.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/emlaktuel.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=37041"}],"version-history":[{"count":1,"href":"https:\/\/emlaktuel.com\/index.php?rest_route=\/wp\/v2\/posts\/37041\/revisions"}],"predecessor-version":[{"id":37045,"href":"https:\/\/emlaktuel.com\/index.php?rest_route=\/wp\/v2\/posts\/37041\/revisions\/37045"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/emlaktuel.com\/index.php?rest_route=\/wp\/v2\/media\/37044"}],"wp:attachment":[{"href":"https:\/\/emlaktuel.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=37041"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/emlaktuel.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=37041"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/emlaktuel.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=37041"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}