The Hacktrick 2018 Cybersecurity Conference, hosted by the Information Technologies and Communication Authority, was held with intense participation. In the opening speech of the program, President Dr. Ömer Fatih Sayan emphasized that cybersecurity is an inseparable part of national security.
The Octosec team, which organized the Hacktrick 2018 Cybersecurity Conference to bring together leading figures, institutions, and companies in the cybersecurity sector with the industry, held its 5th event this year with the hosting and support of BTK. BTK President Dr. Ömer Fatih Sayan, who delivered the opening speech of the program, highlighted the importance of technology with the following words: “We know that change, transformation, and development have been continuous throughout human history. Since its existence, humanity has sought innovations that make life easier for itself across generations and pursued this curiosity. Throughout known human history, ways to make life easier with technology have been sought. As you know, communication technologies, computers, and sensors have begun to surround every part of the world at a dizzying speed. The information and communication technologies sector, which is at the center of technological developments, has not only become a sector in its own right but has also turned into the main actor of development and growth in other sectors, becoming the most important sector of the digital transformation age.”
President Sayan noted that the growth rate of the cyber world in the global economy has increased by an average of 30-40% annually in recent years, stating, “This shows us how great a potential technology holds. In light of recent trends, the issues that will continue to dominate the agenda in the coming years include: Industry 4.0, the Internet of Things (IoT), blockchain, smart cities, artificial intelligence, big data analytics, robotic applications, and cybersecurity, which cuts across all these topics horizontally.”
President Sayan shared the following predictions regarding developments in the technological field: “Projections indicate that 1.9 billion smart home devices will be in use worldwide by 2019. Considering these figures, we can say that a potential revenue of approximately 490 billion dollars will be generated. On the other hand, while 968 thousand smart clothing consumers were reached in 2015, this number is expected to rise to 24.75 billion by 2021. Various studies predict that if banks use blockchain by 2022, they could reduce their costs by 15-20 billion dollars. Meanwhile, the market volume of cryptocurrencies introduced into our lives with blockchain technology has reached 450 billion dollars, and the investments collected by blockchain-based companies in the first three months of 2018 have reached 40% of the total investments made in 2017, and we see that these investments will continue to increase.”
Cybersecurity is Now Part of National Security
Emphasizing that the more we use technology, the more dependent we become on it, Sayan stated, “Ensuring cybersecurity is no longer just a need to eliminate dangers in areas where technology is heavily used. Due to risks in social and economic life, cybersecurity has become a part of National Security and a major factor affecting the welfare of nations. Therefore, while we need to think about how new technologies will make our lives easier and how to make these technologies more accessible, we also need to consider how to ensure their security and take steps in that direction. As an institution, we are intensively continuing our work in this field in collaboration with our industry, academia, civil society organizations, and you valuable young friends.”
President Sayan explained the necessity of being aware of the harms of technology while benefiting from it with the following example: “Yesterday, Twitter issued a warning that the passwords of more than 336 million users were at risk and that all these users needed to change their passwords. It turned out that due to a ‘bug’ originating from Twitter's own software, passwords that should have been stored masked and ‘hashed’ in their systems were recorded unencrypted, in plain ‘clear text’ format readable by the eye. This example shows us how simple design and logical errors can have enormous impact potential in cybersecurity.”
USOM Has Become a Brand
Emphasizing that while BTK fulfills its regulatory duties towards the electronic communications sector in our country on one hand, it also continues its activities to ensure national cybersecurity as per its assigned duties and responsibilities, President Sayan stated in his speech, “Within the scope of the cybersecurity organization established in 2013, we continue to fulfill cybersecurity-related duties at an increasingly accelerating pace in the best way possible. As a result of these efforts, USOM is gradually becoming a brand and continues to perform important functions for the development of our country's cybersecurity ecosystem. USOM conducts alarm, warning, and announcement activities to prevent cyber threats, takes control of incidents with on-site intervention teams in critical situations, and continues its activities to provide national coordination in responding to cyber incidents. Additionally, considering that our institution regulates and supervises infrastructure operators and internet service providers, has technical integration with operators running the infrastructure where cyber attacks are carried out, and can conduct technical work with these operators, USOM's effectiveness within this structure becomes even more evident.”
Reminding that USOM has achieved significant gains in the employment and training of expert personnel equipped with malware analysis and digital forensics capabilities, Sayan said, “When we look at the developments in current cybersecurity technologies, we see that investments are being made in cyber threat detection and prevention systems using data analytics, artificial intelligence, and machine learning. In addition to these two concepts, we can say that automation stands out. The rapid prevention of cyber threats detected through artificial intelligence and machine learning on big data with automation systems constitutes an important part of a holistic cybersecurity strategy. For this reason, our institution, which houses the National Cyber Incident Response Center, uses machine learning and artificial intelligence capabilities in the projects we conduct to combat cyber threats.”
Sharing information about AVCI, AZAD, and KASIRGA, saying “They are actively used in detecting malware command and control servers, compromised systems, and systems infected with malware,” Sayan continued, “On the other hand, in our studies, important steps are being taken in detecting systems included in botnets through machine learning. As a result of these efforts, 60 foreign-sourced BotNet command and control servers targeting individuals and institutions in our country were detected and blocked. Among them, compromised information belonging to our citizens was obtained from 29 command servers. Information of over 5,000 mobile phone owners infected with malware was obtained from cyber attackers' command and control servers, the relevant persons were identified, measures were taken, and their victimization was prevented.”
Stating that accessing accurate information has become more difficult when it comes to cybersecurity, Sayan said, “In this regard, ensuring national coordination and cooperation among stakeholders, as well as establishing and developing international collaborations, is an indispensable part of the fight against cyber threats. As of the end of 2016, the total number of Cyber Incident Response Teams (SOME) was 544.
SOME Number Rises to 927
The number of teams, i.e., SOME, has currently reached 927. Within the scope of activities conducted by USOM, the SIP (SOME Communication Platform) Project, which enables secure and fast sharing of cyber threats, vulnerabilities, and attacks between USOM and SOMEs, was launched in 2017 and has started to be actively used. Currently, 2,213 cybersecurity experts in SOMEs are using the SIP system. Numerous reports from various countries reach USOM, and these are forwarded to the relevant parties to take necessary measures.”
Defining USOM's most important activities as “Forwarding threats and vulnerabilities detected by our advanced cybersecurity experts to relevant institutions along with recommended measures,” President Sayan announced the following figures: “In 2017, official cybersecurity notifications were sent to nearly 1,550 Institutions/Organizations/Enterprises. Also in 2017, 1,567 vulnerability notifications that needed to be addressed critically and urgently were sent to institutions and organizations. Additionally, over 1,500 vulnerabilities were detected in internet-facing services of institutions and organizations and forwarded to the relevant parties along with recommended measures. 17,345 malicious links (URL, IP, domain) used in malware and phishing were detected, checked, and access was blocked at the infrastructure level. This figure was 490 up to 2017, showing an approximately 16-fold increase in the number of announced malicious links in 2017 compared to the total of previous years.”
President Sayan also shared the following information about the data reported to USOM by electronic communications operators in 2017: “The total number of attacks was 99,600. While the number of attacks in 2015 was 1,489, the reported number of attacks for 2016 was 8,625. In this context, DDOS attacks in 2017 increased 11-fold compared to the previous year.”
President Sayan also mentioned our country's scanning and monitoring activities regarding the cyber domain. In this scope, in 2017, 16 million IPs in our country were scanned at various intervals to detect vulnerabilities published by product and software developers, and detections related to over 30,000 systems along with recommended measures were shared with infrastructure operators and data center providers for informing institutions and individuals. Sayan stated that within the new capabilities added to USOM in 2017, hundreds of vulnerabilities detected in services such as SCADA, VNC, ElasticSearch, MSSQL, MongoDB, and Redis were notified to relevant institutions and organizations, ensuring measures were taken.
We Have a Shortage of Human Resources in Cybersecurity
Also drawing attention to the shortage of trained human resources in cybersecurity in our country, Sayan said, “In this framework, we must quickly take the necessary steps and train qualified experts to close the cybersecurity specialist gap in our country. As BTK-USOM, we are also conducting important work in this regard and contributing to meeting the need for cybersecurity specialists in our country. We strive for our trainings organized for SOMEs from various critical sectors such as communications, public, health, energy, the CYBER STAR competition, and this year's Hacktrick event hosted in collaboration with Octosec, just like last year, to serve these goals. I would like to announce here that studies such as cybersecurity exercises and competitions, sector-specific trainings for capacity building, i.e., training expert personnel in cybersecurity, will continue to increase.”
Sayan also mentioned the works regarding the establishment of a practical cybersecurity training laboratory. Announcing that preparations for the FETİH project, fully developed with in-house resources in the training laboratory, continue uninterruptedly, Sayan said, “With the FETİH platform, we will include hundreds of our friends in these trainings every year in this practical laboratory, providing them the opportunity to conduct hands-on cybersecurity tests and develop themselves in this field.”
Reiterating that cybersecurity in today's world has become an important agenda item not only for individuals or organizations but also for states, Sayan stated, “Countries largely conduct their cybersecurity work in secrecy. The potential damage parties could inflict on each other in the event of a cyber war even frightens the most advanced countries in this field, leading to the search for greater and more powerful capabilities. In this scope, we are determined to enhance every capability and opportunity for our country's cybersecurity, coordinating with both public and private sector stakeholders and international partners.”
During the 3-day Hacktrick Cybersecurity Conference to be held at BTK, participants will attend the following events: “On the first day of the event, we will listen to valuable presentations by expert speakers on different topics. In addition to the presentations, you will have the opportunity to examine the works of our valuable researchers in ‘demo areas’ in the foyer area throughout the day. On the second day, fierce competition awaits us in the ‘Game of Pawners Capture the Flag’ competition. 20 teams and 80 participants will compete to win the grand prize. Again on the second and third days, trainings in nearly all sub-areas of cybersecurity will be completed by expert trainers in 22 different classes with over a thousand participants.”