BIR RISK PERSPEKTIFINDEN, YAPAY ZEKÂNIN (YZ) BT SISTEMLERINI HACKLEME VE HACKLENME POTANSIYELI

Abstract

Bu çalışma, yapay zekânın (YZ) nesnelerin interneti (IoT) ve yönetim bilişim sistemlerini (MIS) hackleme konusunda oluşturabileceği potansiyel tehlikeleri incelemektedir. YZ’nin, geleneksel güvenlik önlemlerini — örneğin, güvenlik duvarları ve antivirüs yazılımlarını — atlatmak için siber suçlular tarafından kullanılma riski ele alınmaktadır. Aynı zamanda, YZ’nin daha gelişmiş güvenlik duvarları ve tehdit tespit araçlarının geliştirilmesi gibi siber güvenliğin güçlendirilmesindeki rolü de araştırılmaktadır. Çalışma, hükümetlerin ve kurumların, YZ destekli sağlam siber savunma yeteneklerinin geliştirilmesine yatırım yapmaları gerektiğini vurgulamaktadır. Türkiye’de, gelişmiş ülkelerdeki en son yeniliklerin yanı sıra, hükümetin YZ işletmelerini desteklemek ve siber güvenlik dahil olmak üzere çeşitli sektörlerde YZ’nin kullanımını teşvik etmek için birçok girişim başlattığı belirtilmiştir. YZ sistemlerinin hacklenmesinden kaynaklanabilecek riskleri azaltmak için düzenleyiciler, kamu kurumları, özel hizmet sağlayıcılar ve girişimcilerin en iyi uygulamaları benimsemeleri ve YZ ile siber güvenlik alanında araştırma ve geliştirmeyi ilerletmek için iş birliği yapmaları gerekmektedir. Potansiyel riskleri ve güvenlik açıklarını belirlemek için YZ sistemlerine yönelik düzenli risk değerlendirmeleri ve denetimler kritik öneme sahiptir. Son olarak, YZ’nin karar verme süreçlerinde şeffaflık sağlanmasının, hesap verebilirlik ve halkın YZ güdümlü teknolojilere olan güvenini artırmak açısından önemli olduğu tespit edilmiştir. Çalışma, anahtar kelime görüntüleri üzerinde YZ araçlarıyla gerçekleştirilen hayali iterasyon tekniklerini kullanarak, geleneksel ve YZ tabanlı çözümleri içeren kapsamlı bir güvenlik yaklaşımına duyulan ihtiyacı vurgulamakta ve Türkiye’deki kilit aktörlere yönelik özel ve ihtiyatlı öneriler sunmayı amaçlamaktadır.

Keywords

• Yapay Zekâ (YZ)
• Siber Güvenlik
• Nesnelerin İnterneti (IoT)
• Hackleme
• Siber Risk Yönetimi

FROM A RISK PERSPECTIVE, HOW ARTIFICIAL INTELLIGENCE CAN HACK IT SYSTEMS AND ALSO BE HACKED?

Abstract

The study examines the potential dangers posed by artificial intelligence (AI) in hacking internet of things (IoT) and management information systems (MIS). It highlights the risk of AI being used by cyber criminals to bypass traditional security measures, including firewalls and antivirus software. The study also explores the use of AI in enhancing cybersecurity by developing more advanced firewalls and threat detection tools. It is found that Governments and organizations should invest in the development of robust AI-based cyber defense capabilities to counter the growing threat of AI-enabled hacking. In Turkey, alongside latest innovations in the developed countries, the government has launched several initiatives to support AI businesses and promote its use in various sectors, including cybersecurity. To mitigate the risks posed by hacking of AI systems, regulators, government agencies, private service providers, and entrepreneurs should adopt best practices and collaborate to advance research and development in AI and cybersecurity. Regular risk assessments and evaluations of AI systems are essential to identify potential risks and vulnerabilities. Finally, transparency in AI decision-making processes is found to be important to ensure accountability and public trust in AI-driven technologies. The study using imaginary iteration techniques with AI tools on the keyword images generally highlights the need for a comprehensive approach to security that incorporates both traditional and AI-based solutions and tries to provide specific and prudent suggestions to key actors in Türkiye.

Keywords

• Artificial intelligence (AI)
• Cybersecurity
• Internet of Things (IoT)
• Hacking
• Cyber Risk Management

References

1. AI-Hunter. (n.d.). AI-Hunter real-time cyber threat detection. Retrieved June 17, 2025, from https://www.ai-hunter.io
2. Allied Market Research. (2020). Artificial Intelligence in Cyber Security Market - Global Opportunity Analysis and Industry Forecast, 2020-2027. https://www.alliedmarketresearch.com/artificial-intelligence-in-cyber-security-market
3. Attify. (n.d.). Attify IoT security tool. Retrieved June 17, 2025, from https://www.attify.com
4. Bağış, B. (2023). The rise of blockchains: Disrupting economies and transforming societies. JSTOR.
5. Bai, J. Y. H., Zawacki-Richter, O., & Muskens, W. (2024). Re-examining the future prospects of artificial intelligence in education in light of the GDPR and ChatGPT. Turkish Online Journal of Distance Education.
6. Barreno, M., Nelson, B., Joseph, A. D., & Tygar, J. D. (2010). The security of machine learning. Machine learning, 81, 121-148.
7. Çiçek, A. E. (2025). Türkiye’nin Yapay Zeka Tabanli Siber Güvenlik Stratejisi: Ulusal Güvenliği Güçlendirmek Ve Küresel Siber Yönetişime Yön Vermek. Yönetim Bilimleri Dergisi, 23(56), 993-1012. https://doi.org/10.35408/comuybd.1584175
8. Cobalt Strike. (n.d.). Cobalt Strike penetration testing software. Retrieved June 17, 2025, from https://www.cobaltstrike.com

9. Cylance. (n.d.). Cylance AI-powered cybersecurity. Retrieved June 17, 2025, from https://www.cylance.com
10. DeepMind. (n.d.). DeepMind AI platform. Retrieved June 17, 2025, from https://deepmind.com
11. DeepSec. (n.d.). DeepSec AI-powered cybersecurity platform. Retrieved June 17, 2025, from https://deepsec.net
12. Dilek, S., Çakır, H., & Aydın, M. (2015). Applications of artificial intelligence techniques to combating cyber crimes: A review. arXiv preprint arXiv:1502.03552.
13. Eldem, T. (2020). The governance of Turkey's cyberspace: Between cyber security and information security. International Journal of Public Administration, 43(13), 1149–1161.
14. Endgame. (n.d.). Endgame AI cybersecurity platform. Retrieved June 17, 2025, from https://www.endgame.com
15. Freeness. (n.d.). Freeness AI network security tool. Retrieved June 17, 2025, from https://freeness.io
16. Garbar, D. (2020, February 4). AI-Powered Cyberattacks: Hackers Are Weaponizing Artificial Intelligence. SmartData. https://www.smartdatacollective.com/ai-powered-cyberattacks-hackers-are-weaponizing-artificial-intelligence/#google_vignette
17. Goodfellow, I. J., Shlens, J., & Szegedy, C. (2014). Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572.
18. Gormus, E. (2025). NATO's Artificial Intelligence Strategy and Interoperability Challenges: The Case of Turkey. Journal of Balkan and Near Eastern Studies, 27(2), 215–230.
19. Gültekin, M., & Şahin, M. (2024). The use of artificial intelligence in mental health services in Turkey: What do mental health professionals think? Cyberpsychology: Journal of Psychosocial Research on Cyberspace, 18(1).
20. Hacker, P., Engel, A., & Mauer, M. (2023). Regulating ChatGPT and other large generative AI models. Proceedings of the 2023 ACM Conference on AI. Retrieved from https://dl.acm.org
21. Harr, P. (2023, June 12). Defending Against AI-Based Phishing Attacks. Forbes. https://www.forbes.com/councils/forbestechcouncil/2023/08/04/defending-against-ai-based-phishing-attacks/
22. Hartmann, K., & Steup, C. (2020). Hacking the AI: The next generation of hijacked systems. 12th International Conference on Cybersecurity. Retrieved from https://ieeexplore.ieee.org
23. Hassib, B., & Ayad, F. (2023). The challenges and implications of military cyber and AI capabilities in the Middle East: The geopolitical, ethical, and technological dimensions. In The Arms Race in the Middle East: Contemporary Dynamics and Policy Responses (pp. 203–221). Springer.
24. Karabacak, B., Yildirim, S. O., & Baykal, N. (2016). Regulatory approaches for cyber security of critical infrastructures: The case of Turkey. Computer Law & Security Review, 32(3), 485–496.
25. Kasapoğlu, C., & Kırdemir, B. (2022). Rising drone power: Turkey on the eve of its military breakthrough. JSTOR. Kaspersky Lab. (2018). Artificial Intelligence in Cybersecurity: From Hype to Reality. https://www.kaspersky.co.in/enterprise-security/wiki-section/products/machine-learning-in-cybersecurity
26. Kilovaty, I. (2025). Hacking Generative AI. Loyola of Los Angeles Law Review. Retrieved from https://papers.ssrn.com
27. Kose, U. (2019). Techniques for adversarial examples threatening the safety of artificial intelligence based systems. arXiv preprint arXiv:1910.06907.
28. Lee, J. M., & Yoon, S. (2022). Ready for battle?: Legal considerations for upcoming AI hacker and vulnerability issues. The International FLAIRS Conference. Retrieved from https://journals.flvc.org
29. Market Data Forecast. (n.d.). Artificial intelligence market - growth, trends, and forecast (2023 - 2028). Retrieved June 15, 2025, from https://www.marketdataforecast.com/market-reports/artificial-intelligence-market
30. McAfee Institute. (2022). McAfee 2023 Threat Predictions: Evolution and Exploitation. McAfee Institute. https://www.mcafee.com/blogs/security-news/mcafee-2023-threat-predictions-evolution-and-exploitation/
31. Metasploit Framework. (n.d.). Metasploit open-source penetration testing platform. Retrieved June 17, 2025, from https://www.metasploit.com
32. Ministry of Industry and Technology. (2022). AI Venture Capital Program. Retrieved from https://tubitak.gov.tr/en/funds/sanayi/ulusal-destek-programlari/1514-venture-capital-funding-program-tech-investr
33. Oberhaus, D. (2023, February). Prepare for AI hackers. Harvard Magazine. https://www.harvardmagazine.com/2023/02/right-now-ai-hacking
34. Özkoçak, V., & Kırık, A. M. (2023). The impact of artificial intelligence, big data, and algorithms on election and propaganda processes: The case of the May 14, 2023 general elections in Turkey. SSRJ | Social Sciences Research Journal.
35. Salama, R., & Al-Turjman, F. (2024). Artificial intelligence, software, and information systems engineering departments. In Artificial Intelligence and Blockchain in Digital Systems (pp. xx–xx). Springer.
36. Sapkota, T. P., Kunwar, S., Bhattarai, M., & Poudel, S. (2020). Artificial intelligence that are beneficial for law. US-China Law Review, 17(5), 231–239.
37. Schneier, B. (2021). The coming AI hackers. Cyber Security Cryptography and Machine Learning Conference. Retrieved from https://springer.com
38. Shahzad, F. (2021). Uses of artificial intelligence and big data for election campaign in Turkey. ProQuest Dissertations Publishing.
39. Shwedeh, F., Malaka, S., & Rwashdeh, B. (2023). The Moderation Effect of Artificial Intelligent Hackers on the Relationship between Cyber Security Conducts and the Sustainability of Software Protection. Migration Letters. Retrieved from https://researchgate.net
40. Simson, G. (2017). Hackers Are the Real Obstacle for Self-Driving Vehicles. technologyreview. https://www.technologyreview.com/s/614409/how-hackers-can-take-control-of-autonomous-vehicles/
41. SynAck. (n.d.). SynAck vulnerability identification tool. Retrieved June 17, 2025, from https://synack.com
42. Tawalbeh, L. A., Muheidat, F., Tawalbeh, M., & Quwaider, M. (2020). IoT Privacy and security: Challenges and solutions. Applied Sciences, 10(12), 4102.
43. Turkish government. (2021). AI for Turkey. Retrieved from https://www.ai4turkey.com/
44. Urrutia Arrue, I. (2024). Can Turkey's cybersecurity governance be linked to a specific cyber governance model? An analysis of its 2020–2023 National Cyber Strategy. Charles University.
45. Valencia, L. J. (2024). Artificial intelligence as the new hacker: Developing agents for offensive security. arXiv preprint arXiv:2406.07561. Retrieved from https://arxiv.org
46. Vidgor, D. (2020). How Artificial Intelligence Will Impact The Future Of Cybersecurity. Forbes. https://www.forbes.com/councils/forbesbusinesscouncil/2023/05/18/how-could-artificial-intelligence-impact-cybersecurity/
47. Xu, A. Y. (2020, August 5). OpenAI’s GPT-3 language model is being used to generate fake news. The Medium. https://towardsdatascience.com/creating-fake-news-with-openais-language-models-368e01a698a3
48. Yücel, A. (2025). Hybrid digital authoritarianism in Turkey: the 'Censorship Law' and AI-generated disinformation strategy. Turkish Studies, 26(1), 1–20.
49. Zetter, K. (2014). An Unprecedented Look at Stuxnet, the World's First Digital Weapon. Wired. Retrieved from https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/