NEWSROOM

According to Google Trends data, searches on ‘cybersecurity’ keywords have increased more than 7 times in the last 5 years.

*** This release is originally published in Turkish.
Google Translate Application translates the content you see on this page.***

ISTANBUL (TR) - After the land, sea, air and space by NATO was considered the 5th war area cybersecurity is now included in every point of everyday life. Berqnet Firewall Google Trends and field, according to data obtained from studies conducted in Turkey "cybersecurity" on internet search showed an increase of 737% since 2014. Worldwide, this rate of increase was determined as 337%. Geographically, Turkey is in "cybersecurity" on the top 3 most searched Elazig province, which is listed as Ankara and Istanbul. Elazığ has doubled Istanbul to 2 and İzmir to 4 in search volume. One of the main reasons only in the Forensic Computing Engineering Department, Firat University in Turkey.

80% of companies exposed to cyber-attack cause unconscious employees

Cybersecurity, which has become one of the most important focal points of individual users or businesses as a result of rapid digitization, also affects user behavior. Cybercriminals, who develop new methods every year, continue to pose a danger in every aspect of life. Eighty percent of cyber attacks against small, medium or large enterprises are successfully completed due to unconscious employees. The so-called social engineering, pirates, who use their mistakes and weaknesses in human behavior, put companies in a difficult position. Cyber ​​pirates exploit their mistakes by identifying the weak link between company employees. Thus, cyber hackers who have access to company systems without permission can access many confidential documents.

"The weakest link is chosen before the attack ”

Stating that cyber hackers first chose a victim in social engineering attacks, Berqnet Firewall General Manager said. A. Murat Apohan,  When selecting victims, generally the weakest link is identified as uninformed, careless users and all information about these users is collected from social media. Various methods of persuasion are used in social engineering attacks by taking advantage of employees' weaknesses. Thus, pirates can easily access the information they want to access. In these processes, many interesting arguments such as money, giveaways, and gifts are presented in exchange for information received from the victim. In order to reach the company information, all employees should be careful against the pirates who use the weaknesses of the people from the highest level to the bottom.

“Pirates trigger your feelings of fear and excitement”

Murat Apohan stated that cyber attackers are carrying out activities to trigger excitement such as gifts and sweepstakes, as well as scary disaster scenarios. Cyber ​​pirates effectively manage fear and exciting emotions against the people they target. Victims related to the events and developments in the agenda are created by the impression of an expert and studies are being carried out for social engineering. The feelings of people, especially the employees of the corporation with low level of awareness and awareness in cyber security, are triggered and triggered by mistake. Then the cyber attacker exploits this error and provides access to the systems. ”

Practical Measures Against Social Engineering Attacks

1. Physical Security Measures: For the system, physical security is one of the most important measures. Precautions against unauthorized access are the first measures taken before computer systems. Businesses should prioritize physical security in accessing sensitive data, protecting printed or other printed documents.
2. Compliance with Security Policies: Security policies established by institutions should be clear, understandable and applicable. Security policies that are inaccessible or difficult to implement are often difficult for corporate employees. Therefore, compliance with global standards brings many preventive measures.
3. Training and Sanctions: The most important point in social engineering starts with increasing the awareness level of the employees. In order to measure the awareness level of the employees and to raise awareness against cyberattacks, information security awareness training should be repeated to the employees within the scope of ISO 27001 periodically.
4. Use of Firewall and Antivirus: It is absolutely necessary to use a firewall and antivirus to control the corporate network and to protect the computers of the employees of the organization.
5. Callback: If sensitive information is transmitted, callback must be required. Particularly when sharing passwords and similar accesses, the callback method must be adopted against fake calls.
6. Password Policy: It is important that everyone, including the administration, comply with this policy by setting a password policy throughout the organization.
7. Be Skeptical: In case of doubt, uncertain or open-ended questions, or sharing, if requested, especially email and SMS access
8. Logging: In addition to controlling the internal network of the organization and the computers of the employees of the company, the internet is presented to the guests or customers.