BIR RISK PERSPEKTIFINDEN, YAPAY ZEKÂNIN (YZ) BT SISTEMLERINI HACKLEME VE HACKLENME POTANSIYELI

Yıl 2025, Cilt: 3 Sayı: 1, 101 - 142, 14.07.2025

Ahmet Efe

Öz

Bu çalışma, yapay zekânın (YZ) nesnelerin interneti (IoT) ve yönetim bilişim sistemlerini (MIS) hackleme konusunda oluşturabileceği potansiyel tehlikeleri incelemektedir. YZ’nin, geleneksel güvenlik önlemlerini — örneğin, güvenlik duvarları ve antivirüs yazılımlarını — atlatmak için siber suçlular tarafından kullanılma riski ele alınmaktadır. Aynı zamanda, YZ’nin daha gelişmiş güvenlik duvarları ve tehdit tespit araçlarının geliştirilmesi gibi siber güvenliğin güçlendirilmesindeki rolü de araştırılmaktadır. Çalışma, hükümetlerin ve kurumların, YZ destekli sağlam siber savunma yeteneklerinin geliştirilmesine yatırım yapmaları gerektiğini vurgulamaktadır. Türkiye’de, gelişmiş ülkelerdeki en son yeniliklerin yanı sıra, hükümetin YZ işletmelerini desteklemek ve siber güvenlik dahil olmak üzere çeşitli sektörlerde YZ’nin kullanımını teşvik etmek için birçok girişim başlattığı belirtilmiştir. YZ sistemlerinin hacklenmesinden kaynaklanabilecek riskleri azaltmak için düzenleyiciler, kamu kurumları, özel hizmet sağlayıcılar ve girişimcilerin en iyi uygulamaları benimsemeleri ve YZ ile siber güvenlik alanında araştırma ve geliştirmeyi ilerletmek için iş birliği yapmaları gerekmektedir. Potansiyel riskleri ve güvenlik açıklarını belirlemek için YZ sistemlerine yönelik düzenli risk değerlendirmeleri ve denetimler kritik öneme sahiptir. Son olarak, YZ’nin karar verme süreçlerinde şeffaflık sağlanmasının, hesap verebilirlik ve halkın YZ güdümlü teknolojilere olan güvenini artırmak açısından önemli olduğu tespit edilmiştir. Çalışma, anahtar kelime görüntüleri üzerinde YZ araçlarıyla gerçekleştirilen hayali iterasyon tekniklerini kullanarak, geleneksel ve YZ tabanlı çözümleri içeren kapsamlı bir güvenlik yaklaşımına duyulan ihtiyacı vurgulamakta ve Türkiye’deki kilit aktörlere yönelik özel ve ihtiyatlı öneriler sunmayı amaçlamaktadır.

Anahtar Kelimeler

Yapay Zekâ (YZ) , Siber Güvenlik , Nesnelerin İnterneti (IoT) , Hackleme , Siber Risk Yönetimi

FROM A RISK PERSPECTIVE, HOW ARTIFICIAL INTELLIGENCE CAN HACK IT SYSTEMS AND ALSO BE HACKED?

Öz

The study examines the potential dangers posed by artificial intelligence (AI) in hacking internet of things (IoT) and management information systems (MIS). It highlights the risk of AI being used by cyber criminals to bypass traditional security measures, including firewalls and antivirus software. The study also explores the use of AI in enhancing cybersecurity by developing more advanced firewalls and threat detection tools. It is found that Governments and organizations should invest in the development of robust AI-based cyber defense capabilities to counter the growing threat of AI-enabled hacking. In Turkey, alongside latest innovations in the developed countries, the government has launched several initiatives to support AI businesses and promote its use in various sectors, including cybersecurity. To mitigate the risks posed by hacking of AI systems, regulators, government agencies, private service providers, and entrepreneurs should adopt best practices and collaborate to advance research and development in AI and cybersecurity. Regular risk assessments and evaluations of AI systems are essential to identify potential risks and vulnerabilities. Finally, transparency in AI decision-making processes is found to be important to ensure accountability and public trust in AI-driven technologies. The study using imaginary iteration techniques with AI tools on the keyword images generally highlights the need for a comprehensive approach to security that incorporates both traditional and AI-based solutions and tries to provide specific and prudent suggestions to key actors in Türkiye.

Anahtar Kelimeler

Artificial intelligence (AI) , Cybersecurity , Internet of Things (IoT) , Hacking , Cyber Risk Management

Kaynakça

• AI-Hunter. (n.d.). AI-Hunter real-time cyber threat detection. Retrieved June 17, 2025, from https://www.ai-hunter.io
• Allied Market Research. (2020). Artificial Intelligence in Cyber Security Market - Global Opportunity Analysis and Industry Forecast, 2020-2027. https://www.alliedmarketresearch.com/artificial-intelligence-in-cyber-security-market
• Attify. (n.d.). Attify IoT security tool. Retrieved June 17, 2025, from https://www.attify.com
• Bağış, B. (2023). The rise of blockchains: Disrupting economies and transforming societies. JSTOR.
• Bai, J. Y. H., Zawacki-Richter, O., & Muskens, W. (2024). Re-examining the future prospects of artificial intelligence in education in light of the GDPR and ChatGPT. Turkish Online Journal of Distance Education.
• Barreno, M., Nelson, B., Joseph, A. D., & Tygar, J. D. (2010). The security of machine learning. Machine learning, 81, 121-148.
• Çiçek, A. E. (2025). Türkiye’nin Yapay Zeka Tabanli Siber Güvenlik Stratejisi: Ulusal Güvenliği Güçlendirmek Ve Küresel Siber Yönetişime Yön Vermek. Yönetim Bilimleri Dergisi, 23(56), 993-1012. https://doi.org/10.35408/comuybd.1584175
• Cobalt Strike. (n.d.). Cobalt Strike penetration testing software. Retrieved June 17, 2025, from https://www.cobaltstrike.com
• Cylance. (n.d.). Cylance AI-powered cybersecurity. Retrieved June 17, 2025, from https://www.cylance.com
• DeepMind. (n.d.). DeepMind AI platform. Retrieved June 17, 2025, from https://deepmind.com
• DeepSec. (n.d.). DeepSec AI-powered cybersecurity platform. Retrieved June 17, 2025, from https://deepsec.net
• Dilek, S., Çakır, H., & Aydın, M. (2015). Applications of artificial intelligence techniques to combating cyber crimes: A review. arXiv preprint arXiv:1502.03552.
• Eldem, T. (2020). The governance of Turkey's cyberspace: Between cyber security and information security. International Journal of Public Administration, 43(13), 1149–1161.
• Endgame. (n.d.). Endgame AI cybersecurity platform. Retrieved June 17, 2025, from https://www.endgame.com
• Freeness. (n.d.). Freeness AI network security tool. Retrieved June 17, 2025, from https://freeness.io
• Garbar, D. (2020, February 4). AI-Powered Cyberattacks: Hackers Are Weaponizing Artificial Intelligence. SmartData. https://www.smartdatacollective.com/ai-powered-cyberattacks-hackers-are-weaponizing-artificial-intelligence/#google_vignette
• Goodfellow, I. J., Shlens, J., & Szegedy, C. (2014). Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572.
• Gormus, E. (2025). NATO's Artificial Intelligence Strategy and Interoperability Challenges: The Case of Turkey. Journal of Balkan and Near Eastern Studies, 27(2), 215–230.
• Gültekin, M., & Şahin, M. (2024). The use of artificial intelligence in mental health services in Turkey: What do mental health professionals think? Cyberpsychology: Journal of Psychosocial Research on Cyberspace, 18(1).
• Hacker, P., Engel, A., & Mauer, M. (2023). Regulating ChatGPT and other large generative AI models. Proceedings of the 2023 ACM Conference on AI. Retrieved from https://dl.acm.org
• Harr, P. (2023, June 12). Defending Against AI-Based Phishing Attacks. Forbes. https://www.forbes.com/councils/forbestechcouncil/2023/08/04/defending-against-ai-based-phishing-attacks/
• Hartmann, K., & Steup, C. (2020). Hacking the AI: The next generation of hijacked systems. 12th International Conference on Cybersecurity. Retrieved from https://ieeexplore.ieee.org
• Hassib, B., & Ayad, F. (2023). The challenges and implications of military cyber and AI capabilities in the Middle East: The geopolitical, ethical, and technological dimensions. In The Arms Race in the Middle East: Contemporary Dynamics and Policy Responses (pp. 203–221). Springer.
• Karabacak, B., Yildirim, S. O., & Baykal, N. (2016). Regulatory approaches for cyber security of critical infrastructures: The case of Turkey. Computer Law & Security Review, 32(3), 485–496.
• Kasapoğlu, C., & Kırdemir, B. (2022). Rising drone power: Turkey on the eve of its military breakthrough. JSTOR. Kaspersky Lab. (2018). Artificial Intelligence in Cybersecurity: From Hype to Reality. https://www.kaspersky.co.in/enterprise-security/wiki-section/products/machine-learning-in-cybersecurity
• Kilovaty, I. (2025). Hacking Generative AI. Loyola of Los Angeles Law Review. Retrieved from https://papers.ssrn.com
• Kose, U. (2019). Techniques for adversarial examples threatening the safety of artificial intelligence based systems. arXiv preprint arXiv:1910.06907.
• Lee, J. M., & Yoon, S. (2022). Ready for battle?: Legal considerations for upcoming AI hacker and vulnerability issues. The International FLAIRS Conference. Retrieved from https://journals.flvc.org
• Market Data Forecast. (n.d.). Artificial intelligence market - growth, trends, and forecast (2023 - 2028). Retrieved June 15, 2025, from https://www.marketdataforecast.com/market-reports/artificial-intelligence-market
• McAfee Institute. (2022). McAfee 2023 Threat Predictions: Evolution and Exploitation. McAfee Institute. https://www.mcafee.com/blogs/security-news/mcafee-2023-threat-predictions-evolution-and-exploitation/
• Metasploit Framework. (n.d.). Metasploit open-source penetration testing platform. Retrieved June 17, 2025, from https://www.metasploit.com
• Ministry of Industry and Technology. (2022). AI Venture Capital Program. Retrieved from https://tubitak.gov.tr/en/funds/sanayi/ulusal-destek-programlari/1514-venture-capital-funding-program-tech-investr
• Oberhaus, D. (2023, February). Prepare for AI hackers. Harvard Magazine. https://www.harvardmagazine.com/2023/02/right-now-ai-hacking
• Özkoçak, V., & Kırık, A. M. (2023). The impact of artificial intelligence, big data, and algorithms on election and propaganda processes: The case of the May 14, 2023 general elections in Turkey. SSRJ | Social Sciences Research Journal.
• Salama, R., & Al-Turjman, F. (2024). Artificial intelligence, software, and information systems engineering departments. In Artificial Intelligence and Blockchain in Digital Systems (pp. xx–xx). Springer.
• Sapkota, T. P., Kunwar, S., Bhattarai, M., & Poudel, S. (2020). Artificial intelligence that are beneficial for law. US-China Law Review, 17(5), 231–239.
• Schneier, B. (2021). The coming AI hackers. Cyber Security Cryptography and Machine Learning Conference. Retrieved from https://springer.com
• Shahzad, F. (2021). Uses of artificial intelligence and big data for election campaign in Turkey. ProQuest Dissertations Publishing.
• Shwedeh, F., Malaka, S., & Rwashdeh, B. (2023). The Moderation Effect of Artificial Intelligent Hackers on the Relationship between Cyber Security Conducts and the Sustainability of Software Protection. Migration Letters. Retrieved from https://researchgate.net
• Simson, G. (2017). Hackers Are the Real Obstacle for Self-Driving Vehicles. technologyreview. https://www.technologyreview.com/s/614409/how-hackers-can-take-control-of-autonomous-vehicles/
• SynAck. (n.d.). SynAck vulnerability identification tool. Retrieved June 17, 2025, from https://synack.com
• Tawalbeh, L. A., Muheidat, F., Tawalbeh, M., & Quwaider, M. (2020). IoT Privacy and security: Challenges and solutions. Applied Sciences, 10(12), 4102.
• Turkish government. (2021). AI for Turkey. Retrieved from https://www.ai4turkey.com/
• Urrutia Arrue, I. (2024). Can Turkey's cybersecurity governance be linked to a specific cyber governance model? An analysis of its 2020–2023 National Cyber Strategy. Charles University.
• Valencia, L. J. (2024). Artificial intelligence as the new hacker: Developing agents for offensive security. arXiv preprint arXiv:2406.07561. Retrieved from https://arxiv.org
• Vidgor, D. (2020). How Artificial Intelligence Will Impact The Future Of Cybersecurity. Forbes. https://www.forbes.com/councils/forbesbusinesscouncil/2023/05/18/how-could-artificial-intelligence-impact-cybersecurity/
• Xu, A. Y. (2020, August 5). OpenAI’s GPT-3 language model is being used to generate fake news. The Medium. https://towardsdatascience.com/creating-fake-news-with-openais-language-models-368e01a698a3
• Yücel, A. (2025). Hybrid digital authoritarianism in Turkey: the 'Censorship Law' and AI-generated disinformation strategy. Turkish Studies, 26(1), 1–20.
• Zetter, K. (2014). An Unprecedented Look at Stuxnet, the World's First Digital Weapon. Wired. Retrieved from https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/