Turkey flag

Turkish officials announced plans to hire computer experts to serve as white-hat hackers and help protect the country's infrastructure against cyber-security threats.

The Information and Communication Technologies Authority (BTK), Turkey's national telecommunications regulatory and inspection authority, is in charge of the hiring process.

According to Turkish newspaper Daily Sabah, the white-hat hackers stand to make between 6,000 and 10,000 Turkish lira, which is between $1,700 and $2,800 per month.

Turkey targeted by hacktivists and hackers in the past year

Government officials said Turkey faced over 90 million cyber-attacks in the past year, varying in size and complexity, and hence the reason to create such a unit.

The government isn't exaggerating. Turkey, unlike any other country in 2016, has been the target of multiple DDoS attacks, government breaches, defacements, and hacktivism campaigns.

Most of these attacks mysteriously started after Turkish military shot down a Russian aircraft in late November 2015, albeit Russian involvement in any of these attacks is only speculation and cannot be proven.

High-profile Turkey hacks

The first major incidents started in December 2015 when huge DDoS attacks crippled Turkey's DNS infrastructure. The Anonymous hacker collective claimed the attacks, accusing Turkey of aiding ISIS fighters by providing ammunition and medical aid.

In February 2016, hacker ROR[RG] dumped 17.8GB of data from Turkish National Police (EMG) servers.

In April 2016, a group of unknown hackers leaked 6.6GB of data containing the personal details of over 50 million Turkish citizens. The hackers said they leaked the data to protest against Turkish President Recep Tayyip Erdogan.

In May 2016, Anonymous hackers leaked patient information from 33 Turkish hospitals. The hackers didn't provide any reason for their actions.

In July 2016, a hacker known as Phineas Fisher stole data from the email server of AKP, President Erdogan's political party. The hacker accused Erdogan and his party of eroding democracy in Turkey. This data was later leaked through WikiLeaks.

A few days later, Anonymous again leaked data to protest Erdogan's presidency, this time breaching energy and natural gas provider Izmir Gaz.

Turkey joins other countries with active cyber-divisions

Because of all these incidents, Turkish officials felt necessary to create this new "army of hackers" in order to test, improve, and protect the country's IT infrastructure against future attacks. Details about this new entity's role aren't public.

Turkey now joins a short list of countries with dedicated cyber divisions. The US, China, Russia, North Korea, and the UK are considered to have the most mature and experienced cyber-divisions. Turkey joins a second tier, together with Iran, India, Israel, France, on others.

Bleeping Computer spoke with Intel Security’s CTO, Steve Grobman, on Turkey's new army of hackers.

"It would be logical that this infusion of talent could help with both Turkey’s offensive and defensive capabilities," Mr. Grobman wrote in an email. "Turkey has been the target of a significant number of attacks, but groups within Turkey have also been linked to the origination of cyber activities such as ransomware.  Both of these are issues that need to be addressed."

"Offensive cyber capabilities are inherently asymmetric, allowing a nation such as Turkey to establish powerful capabilities for espionage and offensive cyber capabilities," Mr. Grobman added. "It's unlikely that Turkey would establish capabilities on-par with leading countries such as the US, China and Russia.

Dangers for internal political speech, Internet freedom

"However, as seen in 2016, espionage can be waged against not only traditional targets, but also against industry and soft-targets such as the DNC or individuals associated with political organizations," the Intel CTO added.

"Turkey has also taken controversial steps such as limiting access to social media and other information assets for its citizens indicating that it is not opposed to harsher government controls related to information exchange," Mr. Grobman adds.

And Mr. Grobman is right. Just this past month, Turkey has reconfirmed its oppressive control over the country's IT infrastructure by blocking access to Tor and starting an investigation of 10,000 social media users on the grounds of terrorism.

In past months, Turkey has also blocked access to multiple social media networks every time an embarrassing leak for the ruling political regime would surface.

It's very hard to believe that there are 10,000 terrorists living and tweeting in Turkey. Most likely, the Turkish government is abusing its power to curb free speech and online critics, in an attempt to remain in power.

Something of the sort happened to Turkish investigative journalist Barış Pehlivan, who spent 19 months in jail under accusations of "terrorism" only to find out someone had planted evidence on his hard drive.

Based on the number of cyber-attacks Turkey has suffered in the past year, the new cyber-division could play a crucial role in securing the country's IT infrastructure from future attacks, but judging Turkey by its track record, this new cyber-unit could very play a role in silencing government critics. The role of this new cyber-division remains to be seen.

Related Articles:

State-Sponsored Actors Focus Attacks on Asia

Senators Demand Voting Machine Vendor Explain Why It Dismisses Researchers Prodding Its Devices