Skip to main content

Cyberattacks reveal Turkey’s weaknesses

Computer servers in Turkey have been the targets of a major cyberattack for the past two weeks.

Turkish media outlets report that more than 400,000 websites registered under Turkey’s Internet country top-level domain ".tr" are experiencing problems. Since Dec. 14, the computer servers of government agencies and private entities, including the country’s three largest Internet service providers, have suffered systematic cyberattacks. Most Turkish banks and their credit card terminals could not perform any transactions on Dec. 25, and as of Dec. 29 the virtual onslaught was continuing.

According to the Ankara-based Network Information Center, which administers the registry of sites under the “.tr” domain, the cyberattacks against Turkey are of the distributed denial of service (DDoS) kind. In a DDoS scenario, hackers take over multiple computers remotely, send continuous requests to overwhelm the targeted server and deny it the ability to fulfill its duty — be it providing news stories, banking services or video-streaming.

The DDoS attacks have had a noticeable effect on Turkey’s Internet speed. According to Akamai Technologies, one of the world’s leading content delivery network companies, Turkey’s average Internet connection speed was 6.2 megabits per second (Mbps) in the third quarter of 2015. While that figure pales in comparison to world leaders South Korea's and Sweden’s 20.5 Mbps and 17.4 Mbps, respectively, three Turkish technology experts told Al-Monitor that their country’s average connection speed has fallen well below 6.2 Mbps since Dec. 14. One expert who spoke to Al-Monitor on condition of anonymity stated that the attacks, which reached 220 gigabits per second, were “unique” and “unprecedented” in Turkey’s history.

As for whodunit, the international network of hackers known as Anonymous and the Russian government stand out. After Islamic State militants struck Paris on Nov. 13, Anonymous began confronting the extremist group and its supporters on the World Wide Web. In a video posted on Dec. 23, the hackers’ cooperative also issued threats against Turkey. The group claimed that "Turkey is supporting Daesh [IS] by buying oil from them and hospitalizing their fighters. We won't accept that [Turkish President Recep Tayyip] Erdogan will help [IS] any longer.” The video further warned Turkey: “If you don’t stop supporting [IS], we will continue attacking your Internet, your root DNS [Domain Name System], your banks and take your government sites down. After the root DNS, we will start to hit your airports, military assets and private state connections. We will destroy your critical banking infrastructure.”

In many respects, the cyberattacks against Turkey have been following that pattern.

Turkish newspapers such as Hurriyet and US media outlets such as Mic news argue that Anonymous may have been “duped” by Russian allegations that the Turkish government buys oil from IS.

Of course, Russia is already a suspect. Moscow showcased its capabilities in the virtual world during the 2007 confrontation with Estonia, the 2008 war with Georgia and the invasion of Ukraine in 2014-15. Past successes in cyberwar and the ongoing confrontation between Moscow and Ankara after a Turkish F-16 downed a Russian Su-24 on the Turkish-Syrian border on Nov. 24 make the Russian side a plausible suspect.

Fusun Sarp Nebil, one of Turkey’s leading telecommunications experts who has written and commented extensively on the issue, told Al-Monitor, “It is highly probably that the attacks originate from Russia because they look like an ‘attrition operation.’” Nebil added, “Because the assault usually takes place during business hours, the likely culprits are government functionaries from another country that are in the same time zone as Turkey.”

But Nebil also warned us to look beyond Turkey’s ongoing cyber headaches and focus on its structural weaknesses. “Turkey has not carried out any major investments in fiber optic cables for the past five years.” She gave an illuminating example to make her case. “Portugal’s total area is 100,000 square kilometer [38,600 square miles] and the total length of its fiber optic cables is 545,000 kilometers [338,000 miles]. Turkey, however, with nearly eight times the area of Portugal, should have had over 4.5 million kilometers of fiber optic cable, yet it currently only has 250,000 kilometers. That figure was already 150,000 kilometers in 2005.” Nebil said that because of exorbitant rates that local municipalities and the central administration charge for construction, licensing and permits, and because Turkey’s main telecommunications provider Turk Telekom still functions as a monopoly, domestic and international investors are not interested in developing the infrastructure.

Ongoing woes with the Internet are reminiscent of the major blackout that Turkey suffered March 31, when 80% of the country did not have electricity for over 10 hours. Although the national grid operator TEIAS subsequently announced that the cause of the blackout was “surge in load [from] hydro production in the eastern part of Turkey,” foreign news outlets speculated whether Turkey was the victim of a successful cyberattack. The March 31 blackout may have been an unfortunate accident, but Turkey’s current problems with the Internet prove that its government and private sector have to devise better ways to respond to cyberthreats.

Join hundreds of Middle East professionals with Al-Monitor PRO.

Business and policy professionals use PRO to monitor the regional economy and improve their reports, memos and presentations. Try it for free and cancel anytime.

Already a Member? Sign in


The Middle East's Best Newsletters

Join over 50,000 readers who access our journalists dedicated newsletters, covering the top political, security, business and tech issues across the region each week.
Delivered straight to your inbox.


What's included:
Our Expertise

Free newsletters available:

  • The Takeaway & Week in Review
  • Middle East Minute (AM)
  • Daily Briefing (PM)
  • Business & Tech Briefing
  • Security Briefing
  • Gulf Briefing
  • Israel Briefing
  • Palestine Briefing
  • Turkey Briefing
  • Iraq Briefing

Premium Membership

Join the Middle East's most notable experts for premium memos, trend reports, live video Q&A, and intimate in-person events, each detailing exclusive insights on business and geopolitical trends shaping the region.

$25.00 / month
billed annually

Become Member Start with 1-week free trial
What's included:
Our Expertise

Memos - premium analytical writing: actionable insights on markets and geopolitics.

Live Video Q&A - Hear from our top journalists and regional experts.

Special Events - Intimate in-person events with business & political VIPs.

Trend Reports - Deep dive analysis on market updates.

We also offer team plans. Please send an email to and we'll onboard your team.

Already a Member? Sign in