The development and widespread use of technology and the increase in computer and internet use have led to an increase in cyber crimes. Cyber crimes are crimes that can only be committed using an information system and target information system security or data. For this reason, cyber crimes are referred to as computer and internet-specific crimes.
The difference between cyber crimes and other crimes is that they can only be committed using an information system. In terms of the cybercrime convention and legal regulations, the action defined as cybercrime may include unauthorized and unlawful entry into an information system and any subsequent action taken. The target of this crime can be a person, property or a system.
For example, actions such as deleting, encrypting or capturing data by unauthorized entry through an information system are included in the scope of cyber crimes. Likewise, preventing the use of a system, interfering with the privacy of private life, monitoring and recording communications without permission are also among cyber crimes.
As a result, cybercrime is becoming an increasing problem today and legal regulations are being made to combat these crimes. These regulations are an important tool for preventing cybercrimes and punishing criminals.
What are Cyber Crimes?
1. Hacking
Hacking is a crime committed with the aim of gaining unauthorized access to computer systems, also called computer hacking, and can cause serious consequences by damaging information systems and data. Hacking can be used for theft of personal information, ransomware attacks, hijacking and crashing of networks, identity theft, fraudulent transactions and many other illegal activities. Hacking is against the law in many countries and can have serious legal consequences.
2. Crimes Against Data
Data crimes involve acts such as stealing, altering, deleting or manipulating data by gaining unauthorized access to a computer system or network. These crimes generally fall into the category of cybercrime and can be committed in many different ways. For example, personal information can be stolen using methods such as phishing or data can be accessed through ransomware. Such crimes can seriously affect the reputation and financial situation of an individual or company. Data crimes can also be committed against the information systems of governments or state institutions and pose a serious threat to national security. Data crimes are defined as crimes in countries' laws and can have serious legal consequences.
3. Botnet / DDos Attacks
A botnet attack is a network created by bringing together many computers under the control of malicious software. This network is used to send spam emails, steal credentials, attack websites, or conduct DDoS attacks. A DDoS attack is an attack on a website or network by sending high traffic from different sources. The purpose of such attacks is to force the servers providing the service to become overloaded and unusable. These crimes are dangerous actions committed by cybercriminals for reasons such as gaining financial gain or acting for a political/ideological purpose.
4. Entering the Information System
It is the act of gaining access to a computer, network or other information system without permission. This crime is also known as hacking. Committing this type of crime can cause serious harm to both individual users and companies, government agencies and other organizations. This action can also lead to the commission of other crimes such as data theft, identity theft, fraud, espionage and sabotage.
5. Blocking, Corrupting the System, Destroying or Altering Data
Crimes of blocking, disrupting the system, destroying or changing data are actions that prevent or damage the functioning of computers and other digital systems. These crimes are often committed by cybercriminals and can cause material, physical and psychological harm. Crimes of blocking, disrupting the system, destroying or altering data can be carried out using different techniques, and such crimes may violate data protection laws. These crimes can have serious consequences and it is important that they are prevented and offenders are held accountable to justice.
6. Violation of the Confidentiality of Communications
Violating communications privacy means listening to, recording, monitoring, or disclosing a person's private communications without permission. This crime violates the freedom of communication, which is a fundamental right to protect individuals' private lives. Crimes include unauthorized access to, recording or disclosure of private communications via phone, email, messaging apps or other means of communication. Crimes can result in serious legal penalties and result in personal information being revealed and victims' reputations compromised. These crimes are becoming an increasing problem today, as technology rapidly advances, and it is important to implement effective legal measures and security protocols to protect private communications.
7. Violation of Privacy
The crime of privacy is the obtaining, disclosing or publishing information about a person's private life without permission. This crime can lead to serious consequences as a result of the violation of privacy, endangering the reputation, private life and business of the victims. This crime involves the unauthorized acquisition or disclosure of personal information, as well as photos, videos and other private content. The crime is a legal offense in many countries and those who commit the crime can face serious legal penalties. With the rapid development of technology, this crime is increasing further and it is important for individuals to implement strong security protocols and take effective legal measures to protect their personal information.
8. Recording of Personal Data
The crime of recording personal data is the collection or recording of personal data without a person's consent. This crime may lead to the seizure and misuse of private life information. The crime of recording personal data is a legal offense in many countries, and penalties may vary depending on the seriousness of the crime and the way it is committed. This crime has become more common, especially on the internet, and security measures and legal regulations need to be taken to protect personal data. This crime is an attack against a person's privacy and personal information, and therefore it is important to take effective measures to combat such actions and ensure the protection of personal data.
9. Aggravated Theft
Qualified theft is a cybercrime committed by entering a computer or computer system without permission and stealing or changing data. In order for the crime to be considered qualified, it must be committed via computer or the internet. This crime may result in the theft or disclosure of personal or business data. Penalties may vary depending on the nature of the stolen data, the manner in which the crime was committed, and the harm to the victim. In order to prevent crime, IT security protocols, legal regulations must be updated and laws must be implemented.
Penalties for Cyber Crimes
Since cybercrimes pose a serious security problem for countries, serious penalties are imposed on people who commit such crimes. People responsible for cyber crimes can be punished as a result of legal processes. During these processes, forensic computer experts can provide support on issues such as identifying the source of attacks and collecting evidence.
There are also various legal sanctions against cybercrime. For example, some countries have designed special laws for computer forensics experts to collect and analyze evidence for cybercrimes. These laws can enable more effective prosecution of cybercrimes.
IT Crimes and Penalties in Turkey
Cyber Crimes Regulated in the TCK
These articles constitute the part of the Turkish Penal Code that regulates cyber crimes.
TCK No. 5237 (Turkish Penal Code), It regulates all cyber crimes under the title of "Crimes Committed in the Field of Informatics" between articles 243 and 245.
The cyber crimes regulated in the TCK numbered 5237 are as follows:
- The crime of entering the information system (TCK art.243),
ARTICLE 243.- (1) Any person who illegally enters the whole or part of an information system and remains there is sentenced to imprisonment of up to one year or a judicial fine.
(2) In case the acts defined in the above paragraph are committed about systems that can be utilized for a price, the penalty to be imposed is reduced by half.
(3) If the data contained in the system is destroyed or changed due to this act, he is sentenced to imprisonment from six months to two years.
- Crime of Blocking, Destroying, Making Inaccessible, Destroying or Changing Data (TCK art.244),
ARTICLE 244. – (1) A person who hinders or disrupts the operation of an information system is punished with imprisonment from one year to five years.
(2) A person who corrupts, destroys, changes or renders inaccessible data in an information system, places data on the system, or sends existing data to another place, is sentenced to imprisonment from six months to three years.
(3) If these acts are committed on the information system of a bank or credit institution or a public institution or institution, the penalty to be imposed is increased by half.
(4) In the event that the person gaining an unfair advantage for himself or someone else by committing the acts defined in the above paragraphs does not constitute another crime, he is sentenced to imprisonment from two years to six years and a judicial fine up to five thousand days.
- The crime of misuse of a bank or credit card (TCK art.245),
ARTICLE 245.- (1) If a person who seizes or holds a bank or credit card belonging to another person, for any reason, uses it or makes someone else use it without the consent of the cardholder or the person to whom the card is to be given, he shall be sentenced to imprisonment from three years to six years. and is punished with a judicial fine.
(2) A person who benefits himself or someone else by using a bank or credit card that has been fraudulently created or forged, shall be sentenced to imprisonment from four years to seven years, unless the act constitutes another crime requiring a heavier penalty.
How to Make a Cyber Crime Report or Complaint?
There are several ways to report or file a cybercrime report. First, you can contact the police or prosecutorial authorities in your country. These authorities have created special units to combat cybercrime and punish those responsible. By contacting these units, you can complain about cyber crimes and request support to catch criminals.
Additionally, some countries also have special organizations or cybercrime units to combat cybercrime. By contacting these units, you can report or complain about cyber crimes. These units often use techniques and tools that require specific expertise to combat cybercrime and can therefore be more effective in combating cybercrime.
When reporting or reporting cybercrime, it is important to clearly state when the crime occurred, who committed it, and what type of damage was caused. This information will help police or prosecutorial authorities take the necessary steps to catch and punish criminals. It will also be helpful to collect as much evidence as possible. This evidence can help identify criminals and prove the crime.
Cyber Crimes Notification Petition Sample
………………… TO THE REPUBLIC PROSECUTOR'S OFFICE
CLIENT'S;
NAME AND SURNAME :
TURKISH IDENTITY NUMBER :
ADDRESS :
OF THE SUSPECT; (IF KNOWN)
NAME AND SURNAME :
TURKISH IDENTITY NUMBER :
ADDRESS :
CRIME HISTORY: …../…. /………
SUBJECT OF THE CRIME:
1- On the date of the above-mentioned crime, the website named …….. was …………. As the user named ………………, to my personal account; Again, the website in question is named ……………… and ……………. The name ……. from the account ………………………………………. An insulting electronic message was sent.
2- The mobile phone number and e-mail address specified by the suspect on the said account are…. The suspect …. It is exempt from any explanation that is related to its calculations. If the suspected user is a fake account…. from the person…. Based on the evidence, we have reasonable suspicion that he is a user.
3-I demand that the person(s) who committed the insulting action against me be punished.
LEGAL EVIDENCE:
Note:(IF THERE IS A SCREEN SHOT OR PRINTER PRINT, IT MUST BE SPECIFIED AND ADDED AS AN ADDITION TO THE PETITION, BUT SUCH EVIDENCE WILL NOT BE CONSIDERED UNLESS IT IS ESSENTIAL. E-MAIL ADDRESS, PHONE NUMBER, CONTACT INFORMATION ON THE PERSON'S PERSON ACCUSED OF THE CRIME. THIS IS IMPORTANT IN TERMS THAT THE DEFENDANT CAN BE CHARGED WITH THE CRIME. .)
CONCLUSION-I REQUEST: I request and request that the necessary investigation be carried out about the suspect and that a warrant be written to the necessary police units to detect the evidence of the crime, and that the prosecution be carried out by issuing an indictment and that the suspect be punished in accordance with the Turkish Penal Code or other legislation that suits his actions. …../…../……….
How to report or file a cybercrime complaint in Turkey?
There are different ways to report or complain about cybercrime in Turkey. First of all, as the fastest and easiest method, you can contact 155 Police Emergency line or 156 Gendarmerie Emergency line by phone and make complaints about cyber crimes. In addition, complaints can be made online via the "Cyber Crime Report Line" link on the official website of the General Directorate of Security, Department of Combating Cyber Crimes.
Another method is that there is a call center where complaints can be made via the "Alo 130 Cyber Crime Reporting Line". This line can be reached 24 hours a day, 7 days a week. When making a complaint to the cybercrime hotline, it is important to provide as much detailed information as possible, share information such as the date, time and place of the crime, and share witness information, if any.
Additionally, some private sector organizations in Turkey can also receive cybercrime notices. For example, the Banks Association of Turkey can receive complaints about cyber security violations in the banking sector through the "Cyber Security Breach Notification System".
InfinitumIT Forensic Service
computer forensics services cover the collection and processing of digital data for forensic purposes, which can generally be used as evidence in court cases.
InfinitumIT is a company that provides computer forensics services. The company offers digital evidence collection, forensic data analysis, digital forensic reporting, digital crime scene investigation, digital forensic consultancy and e-discovery services. These services may be requested by law firms, corporations, insurance companies, public institutions and private clients.
InfinitumIT is a company that provides forensic services in accordance with international standards and has a team of forensic experts. The company offers customized services tailored to its customers' needs and is committed to operating safely, accurately and honestly.
Measures You Can Take to Protect Your Business from Cyber Crimes
Businesses operate in an environment where they are likely to encounter cybercrime. Therefore, it is important for businesses to take the necessary precautions to combat cybercrime. Some measures businesses can take are:
- Staff education: Businesses should educate their staff on cyber security issues and inform them about how to protect company information and take precautions against cyber attacks. The awareness of the personnel is an important factor in the enterprise's fight against cybercrime.
- Strong Passwords: Businesses must ensure the security of the passwords their employees will use. The fact that passwords are complex and difficult to guess provides significant protection against cybercrime.
- Data Backup: By backing up their data, businesses can ensure business continues without data loss even after cyber attacks.
- Firewall and Anti-Virus Software: Businesses can protect against cybercrime by using firewalls and anti-virus software. These software help businesses continue their operations by protecting computers from viruses and malware.
- Internal Business Network Access Controls: By restricting network access, businesses can allow their employees limited access to information within the company. In this way, the risk of information falling into the wrong hands is reduced.
- Multi-factor authentication: Businesses can use multi-factor authentication to ensure users' authenticity. This method uses multiple verification factors to confirm the user's identity and prevents account theft.
- Security Policies: Businesses can protect against cybercrime by adopting a specific security policy. This policy ensures that the business operates within a certain framework and determines the necessary steps to combat cybercrime.
InfinitumIT Cyber Security Consultancy Service
InfinitumIT helps minimize risks by taking the necessary security measures to protect its customers against cyber attacks and ensure business continuity.
InfinitumIT offers its clients a range of cybersecurity consulting services. These services include:
- Cyber Security Risk Analysis: A comprehensive analysis is performed to determine the cyber security risks of the business. As a result of this analysis, the weak points of the business are identified and suggestions are made on how to eliminate these weak points.
- Cyber Security Policies and Procedures: Consultancy services are provided on creating, updating or reviewing businesses' cyber security policies and procedures.
- Cyber Security Training: By providing training on cyber security to business employees, it is aimed to raise awareness and minimize cyber security risks.
- Cyber Security Tests: The service is provided to test the cyber security systems of the business and to identify and eliminate existing weaknesses.
- Cyber Incident Management: Consultancy services are provided regarding preparation for cyber incidents that may occur within the business and how to act against these incidents.
InfinitumIT helps businesses create a safe environment regarding cyber security with these and similar services. Additionally, it aims to minimize the damages that can be caused by cyber criminals by helping businesses determine, implement and develop their cyber security strategies.
- Which unit does cybercrime belong to?Investigation and follow-up procedures regarding cyber crimes in Turkey are carried out by the Anti-Cyber Crime Branch Directorates affiliated with the Department of Combating Cyber Crimes. Cyber Crime Branch Directorates affiliated with the General Directorate of Security, located in big cities such as Istanbul, Ankara and Izmir, are units specially created to combat cyber crimes. Additionally, there is a Department of Combating Cyber Crimes within the Gendarmerie General Command. This department coordinates the investigation and follow-up operations regarding cyber crimes carried out by the gendarmerie throughout Turkey.
- How much is the penalty for cyber crimes?Punishment for cybercrime may vary depending on the type and severity of the crime. For example, less serious crimes, such as phishing or fraud, are often punishable by fines or imprisonment, while more serious crimes, such as data theft or hacking, can lead to harsher penalties. These penalties may include long prison sentences, large fines, or even life imprisonment.
- How many days does it take to detect cyber crimes?How long it takes to detect cybercrime may vary depending on the type and complexity of the crime. Some crimes, such as an attacker gaining access to a computer system or network, can be detected immediately, while other crimes, such as a phishing attack, may take longer. Cybercrime units work to identify and investigate criminals using a variety of techniques.
- In what cases does the prosecutor's office obtain an IP address?The prosecutor's office usually obtains an IP address when they think a crime has been committed. For example, when a person commits a cybercrime, the prosecution may attempt to identify that person by obtaining their IP address. The IP address is used to determine where the attacker is attacking from. Apart from IP address, the prosecution can detect criminals using other technical tools.
- Can cybercrime fines be converted into fines?Since cybercrimes usually cause material damage, loss of personal data or insecurity in society, cybercrime penalties are not usually imposed in the form of fines. However, in some cases, fines may also be imposed for material damage caused by the attacker to the victim's computer system or network.
- Where to go for cybercrime?Regarding cybercrimes, local or national police organizations or cybercrime units can be contacted. These units consist of teams specialized in the prevention, investigation and punishment of cyber crimes. Additionally, regarding cybercrime, some countries also have special cybercrime prosecutors' offices or courts.
- What are examples of cybercrime?Cyber crimes can be of many different types and their targets may vary. Some examples of cybercrime may include:
- Phishing: It is a type of attack that tries to obtain people's personal and financial information through fake websites, emails or messages.
- Data theft: It is a type of attack that aims to steal a person's or company's data. Such attacks can target data such as sensitive personal information, business secrets, or business data.
- Hacking: It is a type of attack that attempts to gain unauthorized access to a person's or company's computer system. Such attacks may be carried out for purposes such as crashing systems, deleting or stealing data, or using it for other harmful purposes.
- Cyber bullying: It is a type of attack that aims to disturb people, especially children, with cyber threats or harassment. Such attacks can be carried out through social media, messaging applications or other online platforms.
- Can the police detect cyber crimes committed with fake accounts?Cyber crimes, especially those committed through fake accounts common on social media platforms, can be a challenging task for the police to detect. However, police can use many techniques and methods to detect such crimes. First of all, police can use IP addresses to identify the person behind fake accounts. An IP address is a unique number that internet-connected devices use to communicate with each other. This number can be used to locate the device. While investigating crimes committed by fake accounts, the police can determine where the attacker is attacking from by tracking IP addresses. Police can also access social media platforms where fake accounts are used. These platforms provide different tools to track account activities and detect fake accounts. Using these tools, police can detect fake accounts and identify the person behind them. Additionally, police can use various techniques to detect fake accounts. For example, they can detect that the accounts are fake through the information of the devices used by the attackers. They also use special algorithms to detect bot accounts on social media platforms.