It is no exaggeration to say that cybersecurity is one of the 21st century’s preeminent concerns for governments and citizens alike, due, in no small part, to its idiosyncratic unpredictability and the essentially reactive gestures it forces upon private, democratic, and military institutions. True to their viral form, cyber attacks appear in many guises, from the attention grabbing hacks of Sony and Wikileaks, to probing games of Sino-American virtual chess, and the lucrative cyber-crime syndicates estimated to cost almost $1 trillion annually in damages within the EU alone. Turkey, rather uniquely, is exposed to all of these aspects as well as generating a host of further complications due to its emerging nature in the midst of complex geopolitics.
On the domestic front, computer hacking and wiretapping scandals have hit headlines, while regionally new challenges have emerged in the wake of destabilization in Syria.
Strategically, the small honey-producing town of Refahiye, in Eastern Anatolia, is of little significance, but in 2008 was the site of a massive explosion with serious ramifications for Turkeys’ security beyond sowing the seeds of internal dissent. The detonation was later revealed to be part of an elaborate cyber-attack aimed at the immensely important Baku—Tbilisi—Ceyhan pipeline, making a mere bystander of Turkish territory amid intangible international war games. More recently, a huge power cut affecting 49 of the country’s 81 provinces is being actively investigated as a cybersecurity issue. Meanwhile, both military deployments and diplomatic conversation related to the Syrian crisis have come underconcerted attack from hackers of unknown origin seeking to undermine the government’s strategy.
The multifaceted threats, and the concurrent opportunities, have not gone unnoticed by the Turkish security apparatus and its interwoven nexus of technology corporations. Attuned to the principles of cohesion, Ankara is assembling an overarching framework that will integrate all future cyber defense platforms, aptly known as the Cyber Security Operation Center. The Undersecretariat for Defense Industries (SSM) is engaging in an aggressive policy to encourage the development of a local industry geared toward supporting governmental initiatives, utilizing Turkey’s highly developed software infrastructure. National scientific research institute TUBITAK operates a cyber security institute, SGE, which is charged with building legal infrastructure, supporting legal proceedings through expertise, strengthening national cyber infrastructure, building a rapid reaction force against cyber threats, improving human resources in the field, developing local solutions, and expanding cyber defense capabilities. A National Center for Combating Cyber Threats (USOM) has been established courtesy of the National Cyber Security Strategy 2013-14 issued by the Ministry of Transportation, Maritime Affairs and Communications. Indeed, over 60 national institutions have taken part in cyber security drills to tackle what the army’s Cyber Warfare Command has termed a “fifth column.“
The heightened attention is not simply a defense matter and will also be favorable for business and the development of human capital and expertise. Government-controlled software companies are already vying for lucrative positions in what is anticipated to be a multi-billion dollar field within a matter of years. Key firms such as Havelsan, a military software specialist, and STM, the sole Turkish member of the European Cyber Security Protection Alliance (CYSPA) and defense systems company, are government controlled yet operative in an increasingly competitive marketplace. With innovative incubators such as Teknopark Istanbul spearheading local development, young graduates and embryonic enterprises are joining a knowledge-based race. The challenge is nurturing this locally derived expertise without relying extensively on the quick fix of offshore know-how. This will be a key measure in the wider strategy of consolidating a national umbrella to counteract external threats, though the arbiters of such threats must be wary of the temptation to follow other’s footsteps and internalize such powers.