Turkey’s cyber security: A long way to go
Burak BekdilThe awareness was there. So was the ambition to make cyber security the country’s “fifth force.” Events in a span of less than two years have shown that Turkey is still too far away from building reliable defenses against cyber threats.
Only a couple of months after a Turkish colonel publicly pledged to build the country’s “fifth [military] force,” Turkey proved to be too vulnerable to security threats from an unknown enemy.
In January 2014, the embarrassing news over the Turkish gendarmerie’s search of trucks carrying a generous cargo of weapons and ammunition bound for Syria, and accompanied by intelligence officers, fell into the public domain. After much wrangling between different state agencies, a court ruled for a complete media blackout on the incident. The gendarmerie officers who searched the trucks now stand in court for espionage.
In March 2014, unknown sources leaked the full minutes of a meeting that had gathered (then) Foreign Minister Ahmet Davutoğlu, Foreign Ministry Undersecretary Feridun Sinirlioğlu, MİT head Hakan Fidan and a top-ranking general from military HQ, Yaşar Güler. The recording undoubtedly detailed then Prime Minister Recep Tayyip Erdoğan’s Syria policy that “an attack on Syria ‘must be seen as an opportunity for us [Turkey].’” Davutoğlu’s office admitted the authenticity of the recording but claimed it was “partially manipulated” and was a “wretched attack on Turkey’s national security.” The perpetrators remain unidentified.
More recently, there were media reports of another cyber attack on Turkey. A group flagging itself as the Syrian Electronic Army (SEA) had leaked secret material that it said it had obtained by hacking the email communications of top strategic Turkish government agencies, including the offices of the president, the prime minister, the foreign and defense ministries, and the Air Force Command, from March 2009 to November 2012.
Against this backdrop, Turkey continues strengthening its capabilities against cyber threats, but cyber analysts say it has a long way to go before its defenses become “at least partially reliable from today’s totally unreliable” posture.
“There is a general agreement among military and civilian policy-makers to build better defenses, but the overall picture still gives the impression that there has been lots of effort and not much success.
This is partly to do with a lack of coordination,” said one London-based cyber security expert.
Recently, Turkey has moved on to building its national “operating system” that “will work as framework software for all future anti-cyber activity and programs.” All other individual programs in the future will be integrated into this “umbrella system,” which will have both military and commercial applications.
Meanwhile, Turkey’s defense procurement and military structures are moving ahead to build their own cyber security units. Private and government-owned software companies are working day and night to develop solutions. The Undersecretariat for Defense Industries (SSM) has full support for all cyber-related programs. In addition, Turkey’s scientific research institute, TÜBİTAK, operates a cybersecurity institute called SGE, which is in charge of most cyber security-related programs.
Last month, Turkish and foreign cyber experts gathered at a meeting of the European Cyber Security Protection Alliance (CYSPA) in Ankara hosted by the government-controlled defense systems company STM, CYSPA’s only Turkish member.
But the task is extremely challenging in a world, in the words of a government official, where “in the last two years only, mankind has produced more data than the entire history of mankind had produced; just like any attack on data is easy, a solution to prevent an attack is difficult and expensive. Everyday 1.5 million people face cyber attacks, and a cheap virus can do more harm than a fighter jet can do.”
Remember what Prime Minister Ahmet Davutoğlu said only a couple of weeks ago: “They wiretapped the president, the prime minister and now they are wiretapping me as the [new] prime minister.”