Critical infrastructures ensure that activities that are vital and important for individuals can be safely delivered to the society uninterruptedly. The damage on these critical infrastructures caused by cyber-attacks whose control is carried out through computers and network systems is very large. Cyber-attacks directly or indirectly affect companies, institutions, and organizations economically and cause great financial losses. In this chapter, two different categories, energy and finance sector, which are described as critical infrastructure, are discussed; cyber-attacks carried out on these sectors, cyber-attack weapons, and economic losses caused by these attacks are examined.
TopIntroduction
Cyber space, which is called as the fifth war zone following land, air, sea and space, is consisting of physical layer –comprised of all kinds of hardware, and users-, software layer – enabling the functioning of hardware in virtual sense-, content layer –comprised of messages, data, information etc. being in circulation over the previous two layers-, and regulatory layer – comprised of national and international legal regulations relevant to cyber space- (Meral, 2015). And the concept of cyber attack means causation of interruption by seizing the control through accessing the governments’ or corporations’ computer systems or networks, prevention of access to the systems, stealing and amending of information, and misguidance by the attackers. In cyber-attacks, it is quite difficult to identify the identity details of the attackers. Moreover, damage occurring as the result of attack is immense. In this context, the critical infrastructures of the countries are the focus of the attackers. Critical infrastructures are defense technologies, finance services, air traffic control systems, health services, telecommunication infrastructures, energy production and distribution systems, power plants, water production and distribution networks.
Capturing and managing the critical infrastructures by cyber attackers whose control is carried out through computers and network systems feeds the economy of the crime by causing great economic losses. The crime economy, which is included in the informal (unrecorded) economy, is defined as the economic income obtained as a result of the activities considered as a crime legally. The earnings obtained as a result of the activities defined as crime by law regardless of whether it is traditional or virtual constitute the crime economy (Pekkaya, Temli,Ozturk,2017).
For instance, the WannaCry virus, which affected numerous countries in 2017, and which was Ransomware type malware targeting Microsoft Windows, had caused the cessation of patient admissions except operations and emergencies by enabling collapse of the National Health Service (NHS) of England as well as causing great losses in economic aspect. Ransomware is a malware which is preventing access to data in different formats (.doc,.xls,.jpeg,.avi) in the computers by encrypting the data of computer users in 1024 bit format via Gpcode, and which is requesting ransom for opening them to access (Sarı, Biricik, Keser, Gündoğdu, 2014). As per the result of “2017 Internet Crime Report”, published by Internet Crime Complaint Center, Ransomware had caused a loss of more than 2.3 million dollars in 2017.
As another example, in 2018, Github and an anonymous USA based company had incurred a great Distributed Denial of Service (DDoS) attack. DDos attack is occupying the bandwidth of the target by sending request from many different points to the determined target(s), and as a result deactivating the target (Çetin, Gundak, Çetin, 2015). While the anonymous USA based company had incurred a data flow of 1.7 terabits per second, Github had incurred a data flow of 1.3 terabits per second, and the attack had been able to be prevented after about 10 minutes. Moreover, the attackers had also attached ransom notes to those DDoS attacks, and had requested more than 50 Monero virtual monies from the companies for ceasing the attack. Ponemon Institute, in its report of “Cyber Security on the Offense: A Study of IT Security Experts”, has disclosed that the cost of interruption period of 1 minute -caused by DDoS attacks- is varying in between 1 dollar and 100 thousand dollars Along with the presence of many known examples of cyber attacks such as these, there are many cyber attacks that are not noticed yet by the governments, companies, institutions and organizations, or that are not being disclosed due to reasons such loss of prestige.
According to the report of “Net Losses: Estimating the Global Cost of Cybercrime”, published in 2014 by The Center for Strategic and International Studies (CSIS) and McAfee, it is being observed that the cost of cyber attacks on global economy was about 400 billion dollars in 2013. Again according to the report of “The Economic Impact of Cybercrime—No Slowing Down”, published by CSIS and McAfee in 2018, it is being found out that this figure had reached to about 600 billion dollars in 2017. According to the report of 2017, the losses, that the countries incurred as the result of cyber attacks, are being shown in Table 1.