After flurry of activity in February, events on the ground keep #OpTurkey on the radar
Target: Organizations within and doing business with the Turkish administration.
Attack Vector: DDoS attacks, doxing, data leaks.
Summary: February 2018 was the busiest month observed for #OpTurkey in over 12 months with, on average, at least one incident per day. This coincided with events on the ground as the Turkish-Kurdish conflict continued, in addition to indicators of increased cooperation between Ankara and the EU which triggered further attacks. Now in March, the number of attacks are significantly less than previously observed, however there remains a steady flow of incidents. More worringly, recent events on the ground may trigger further attacks.
Risk assessment summary: The threat is assessed as 3d MODERATE. Historically, events on the ground do dictate events in the cybersphere. The capture of Afrin in Syria is a major event in the Turkish-Kurdish conflict and is likely to antagonise hacktivist groups such as @AnonymousKurdistan. This group in particular have shown themselves to have the capability to leak data and cause downtime against government, financial and medical organisations. The EU issue is also one steadily ticking away and while it continues, Turkey cannot expect attacks from Anonymous and allied groups to relent.