AC
Anasayfa Makaleler Criminal law

TCK 244 System Disruption: DDoS, Ransomware, Data Deletion

TL;DR

TCK m.244 sistem bozma; DDoS, ransomware, veri silme yaygın suçlar. Ceza 1-5 yıl, ekonomik kayıp ağırlaştırıcı.

16 Şubat 2026 Criminal law 3 dk okuma 8 görüntülenme Son güncelleme: 9 Mayıs 2026

TCK m.244 system disruption — DDoS, ransomware, data deletion common. The penalty may be 1-5 years + aggravating economic loss + IT fraud (158/1-f) as a subsidiary crime.

Elements of the crime

  • Preventing or disrupting the operation of the information system.
  • Lack of authority.
  • Intentional.

Penalties

  • Basic: 1-5 years imprisonment.
  • Bank/credit/insurance system: 3-8 years (244/2).
  • Public system: 3-8 years.
  • Data deletion: TCK 244/3 — additional 6 months - 3 years.
  • Aggravating economic loss.

DDoS file defense

  • Hard to detect IP source (botnet); Direct identification of the perpetrator is difficult.
  • The element of intent, not "personal use" but "offensive purpose", is critical.
  • Using a stresser service is a crime (helping).
  • Defense: Attack occurred via VPN/proxy, lack of expert report.

Ransomware

  • TCK 244 + 245 (bank card) + IT fraud 158/1-f.
  • Paying ransom is a subsidiary crime of TCK 245 (coercion).
  • The operational team is international; MLAT + Europol.
  • An expert report (forensic) is critical in detecting an attack.

Frequently asked questions

The old employee deleted the data; what to do?

Violation of TCK 244/3; termination of employment contract + criminal complaint + compensation. Recovering deleted data with computer forensics + damage detection is a must. External expert if the company does not have forensic capacity.

There was a DDoS attack, who is the perpetrator?

If a botnet was used, it is difficult to detect directly. C&C server + service request (stresser) + prosecution + Europol cooperation with crypto payment chain tracking. Duration: 6-18 months.

We paid Ransomware; Can it be recovered?

FBI / Europol / TR-CERT complaint + payment address tracking with on-chain forensics. Sometimes a "decryption key" can be collected; 30% success rate. It is possible to collect some of the financial loss from insurance.

The employee inside deliberately corrupted the system; Besides labor law?

Justified termination + criminal complaint + financial compensation according to Article 25/II of the Labor Law. The resulting loss must be documented (lost turnover, technical repair, customer compensation).

Cloud provider experienced system disruption; What is the responsibility?

SLA + uptime guarantee + compensation terms are contractual. With major providers like AWS, standard compensation is in the form of service credits — limited. Professional customers obtain additional SLA + insurance.

Relevant legislation

  • TCK art.243-245 — Basic articles of cyber crimes.
  • TCK art.158/1-f — Qualified fraud (information tool).
  • CMK article 134 — Search for digital evidence.
  • 5651 SK — Access blocking and content removal.
  • Budapest Cybercrime Convention — Türkiye is a party; international cooperation.
Legal notice: This article is for general information purposes; A meeting with a lawyer is required for a concrete case. Durations, rates and practice are shaped by jurisprudence; Check the current legislation before applying.

Kaynaklar ve referanslar

Kaynaklar

TCK 244 Sistem İşleyişini Bozma: DDoS, Ransomware, Veri Silme içeriği hazırlanırken resmi mevzuat ve yüksek yargı kaynakları esas alınmıştır.

Telif bildirimi This content and all related Q&A texts are protected under Turkish Copyright Law No. 5846. Unauthorized copying, reproduction, publication, adaptation, bulk extraction, or commercial use is prohibited; legal and criminal remedies are reserved in case of infringement.

Hukuki destek arıyorsanız

Bu konuda profesyonel hukuki destek için Aycan Ceylan Avukatlık Bürosu olarak yanınızdayız.

Görüşme Planla