On Thursday, the non-governmental organization Nic.tr that manages IP addresses assigned to Turkish websites (the “tr” domain) confirmed that the Turkish Internet servers are suffering a powerful cyber attack that appeared to be from threat actors outside the country.
The attack appears to be managed by an “organized sources” outside Turkey and it is slowing banking services in the country.
Experts working in the Banking industry confirmed that the attack has created serious problems to the many banks causing the disruption of transactions.
The “tr” domain is used by websites belonging to Turkish ministries, financial institutions, and commercial enterprises.
The Transport and Communications Minister Binali Yildirim confirmed that a “serious” cyber attack hit the systems of the country.and asked an Ankara-based university to beef up security measures, saying they were “insufficient”.
Who is behind the attack?
Intelligence experts believe that Russian hackers linked to the Kremlin are targeting the Turkish systems in response to the tension between the countries. In the past, Russian nation-state actors targeted systems of other countries in response to the military tension with the Russian Government. Last digital retaliation occurred in the peninsula of the Crimea, the scene of clashes between militias Ukrainian and Russian
Some newspapers also reported that the attack could have originated in Russia in retaliation in response to the shot down of the Russian fighter jet last month on the Syrian border.
Turkish systems are also under attack by members of the Anonymous collective that is accusing the Government of Ankara for supporting “supporting the Islamic State by buying their oil and tending to their injured fighters.”
(Security Affairs – Information Warfare, Turkish systems hacking)