A new wave of cyberattacks slammed into Turkey’s leading financial institutions this week, as the country’s Internet continues to buckle under the pressure of a massive DDoS attack.
On Thursday afternoon, Turkish time, worried customers filled up call centers and social media accounts of Turkish banks, including the country’s leading private bank Garanti, when they were unable to access online banking services:
— Can (@caaneken) December 24, 2015
According a popular status-checking service CurrentlyDown.com, Garanti’s website remained inaccessible for a total of six hours.
Amongst the attacked banks were Garanti Bankası with a 4h 29mins downtime and Ziraat Bankası which is still down. pic.twitter.com/Pf31nYEOTK
— Anonymous (@crymora) December 24, 2015
Later on Thursday evening, users within Turkey reported that the websites became accessible when the banking servers were “closed for connections from outside of Turkey,” effectively blocking outside attackers.
"Servers [of banks] reject requests outside of Turkey for mitigation against attacks. They are accessible within TR"https://t.co/GLcBHcmyAv
— efe kerem sözeri (@efekerem) December 24, 2015
Anonymous has claimed responsibility for the massive DDoS attack that took down the Turkish Domain Name System—its address book for the Internet—last week. The hacktivist collective had also threatened the government with further attacks, though it is believed that another group is responsible.
“Dear Government of Turkey, if you don’t stop supporting ISIS, we will continue attacking your Internet, your root DNS [the foundation of Turkey’s internet], your banks, and take your government sites down.”
Translation: “Anyone has a credit debt? ;)”
Other popular Anonymous accounts also showed support under the hashtag #OpTurkey.
The Government and Banks of Turkey is having a bad day. Happy Xmas! #OpTurkey
— Anonymous (@GroupAnon) December 24, 2015
— Anonymous (@YourAnonNews) December 24, 2015
RedHack’s message named the websites of three banks, Garanti Bank, İş Bank and Ziraat Bank, and the Turkish Ministry of Communication website, but neither the banks nor the ministry confirmed the attack.
An unnamed banking executive told daily Habertürk: “We are looking into the issues with access. We will make a statement as soon as possible.” The support accounts of Garanti, İş Bank, and Ak Bank did not respond for a comment.
Earlier on Thursday, an unnamed ministry official told daily Sözcü that the Communication Ministry website was down because of “broken cables,” however, the ministry later released a statement rejecting reports of a cyber attack, claiming that the downtime was due to a “planned network upgrade:”
— T.C. Ulaştırma ve Altyapı Bakanlığı (@UABakanligi) December 24, 2015
The only official confirmation of the attack came from Türk Telekom, the formerly state-owned telecommunications company and the largest Internet service provider in Turkey. Onur Öz, its head of communications, said in a statement: “The attacks are on a very serious level. But Türk Telekom is not the target, popularly used banks and the websites of government institutions are being targeted. … We provide internet access to most of these institutions, therefore we do the defense.”
Illustration by Max Fleishman