{"id":196999,"date":"2021-03-08T18:00:38","date_gmt":"2021-03-08T15:00:38","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/the-solarwinds-hack-proves-us-cyber-defenses-are-a-mess-heres-how-to-fix-them\/"},"modified":"2021-03-08T18:00:38","modified_gmt":"2021-03-08T15:00:38","slug":"the-solarwinds-hack-proves-us-cyber-defenses-are-a-mess-heres-how-to-fix-them","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/the-solarwinds-hack-proves-us-cyber-defenses-are-a-mess-heres-how-to-fix-them\/","title":{"rendered":"#The SolarWinds hack proves US cyber defenses are a mess \u2014 here\u2019s how to fix them"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3c6ddb5f3bc\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3c6ddb5f3bc\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/the-solarwinds-hack-proves-us-cyber-defenses-are-a-mess-heres-how-to-fix-them\/#Supply_chains_sloppy_security_and_a_talent_shortage\" >Supply chains, sloppy security, and a talent shortage<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/the-solarwinds-hack-proves-us-cyber-defenses-are-a-mess-heres-how-to-fix-them\/#Fragmented_authority\" >Fragmented authority<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/the-solarwinds-hack-proves-us-cyber-defenses-are-a-mess-heres-how-to-fix-them\/#A_wicked_problem\" >A wicked problem<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/the-solarwinds-hack-proves-us-cyber-defenses-are-a-mess-heres-how-to-fix-them\/#Steps_forward\" >Steps forward<\/a><\/li><\/ul><\/nav><\/div>\n<p>&#8220;<strong>#The SolarWinds hack proves US cyber defenses are a mess \u2014 here\u2019s how to fix them<\/strong>&#8221;<br \/>\n<img decoding=\"async\" src=\"https:\/\/cdn0.tnwcdn.com\/wp-content\/blogs.dir\/1\/files\/2021\/03\/1-copy-11-796x417.jpg\" \/><\/p>\n<div>\n                            The <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.cnn.com\/2020\/12\/14\/politics\/us-agencies-hack-solar-wind-russia\/index.html\">SolarWinds hack<\/a> was more than just one of the most devastating cyberattacks in history. It was a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/theconversation.com\/the-sunburst-hack-was-massive-and-devastating-5-observations-from-a-cybersecurity-expert-152444\">major breach of national security<\/a> that revealed gaps in U.S. cyber defenses.<\/p>\n<p>These gaps include inadequate security by a major software producer, fragmented authority for government support to the private sector, and a national shortfall in software and cybersecurity skills. None of these gaps is easily bridged, but the scope and impact of the SolarWinds attack show how critical they are to U.S. national security.<\/p>\n<p>The <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/us-cert.cisa.gov\/ncas\/alerts\/aa20-352a\">SolarWinds breach<\/a>, likely carried out by a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.reuters.com\/article\/us-global-cyber-solarwinds\/solarwinds-hackers-linked-to-known-russian-spying-tools-investigators-say-idUSKBN29G0XT?mc_cid=4c17adaecd&amp;mc_eid=464227173b\">group affiliated with Russia\u2019s FSB security service<\/a>, compromised the software development supply chain used by SolarWinds to update 18,000 users of its Orion network management product. The hack, which allegedly began in early 2020, was discovered only in December when cybersecurity company <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.fireeye.com\/\">FireEye revealed<\/a> that it had been hit by the malware. More worrisome, this may have been <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.wsj.com\/articles\/suspected-russian-hack-extends-far-beyond-solarwinds-software-investigators-say-11611921601\">part of a broader attack<\/a> on government and commercial targets in the U.S.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Supply_chains_sloppy_security_and_a_talent_shortage\"><\/span>Supply chains, sloppy security, and a talent shortage<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The vulnerability of the software supply chain \u2013 the collections of software components and software development services companies use to build software products \u2013 is a well-known problem in the security field. In response to a 2017 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.whitehouse.gov\/presidential-actions\/presidential-executive-order-assessing-strengthening-manufacturing-defense-industrial-base-supply-chain-resiliency-united-states\/\">executive order<\/a>, a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/media.defense.gov\/2018\/Oct\/05\/2002048904\/-1\/-1\/1\/ASSESSING-AND-STRENGTHENING-THE-MANUFACTURING-AND-DEFENSE-INDUSTRIAL-BASE-AND-SUPPLY-CHAIN-RESILIENCY.PDF\">report by a Department of Defense-led interagency task force<\/a> identified \u201ca surprising level of foreign dependence,\u201d workforce challenges, and critical capabilities such as printed circuit board manufacturing that companies are moving offshore in pursuit of competitive pricing. All these factors came into play in the SolarWinds attack.<\/p>\n<figure><iframe loading=\"lazy\" title=\"What is a Supply Chain Attack?\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/ljT4AcCza9Q?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><figcaption\/><\/figure>\n<p>SolarWinds, driven by its growth strategy and plans to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.channelfutures.com\/business-models\/solarwinds-msp-business-spinoff-expected-by-mid-2021\">spin off its managed service provider business<\/a> in 2021, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bloomberg.com\/news\/articles\/2020-12-21\/solarwinds-adviser-warned-of-lax-security-years-before-hack\">bears much of the responsibility<\/a> for the damage, according to cybersecurity experts. I believe that the company put itself at risk by <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.nytimes.com\/2021\/01\/02\/us\/politics\/russian-hacking-government.html?searchResultPosition=1\">outsourcing its software development to Eastern Europe<\/a>, including a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.nytimes.com\/2021\/01\/06\/us\/politics\/russia-cyber-hack.html\">company in Belarus<\/a>. Russian operatives have been known to use companies in former Soviet satellite countries to insert malware into software supply chains. Russia used this technique in the 2017 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.wired.com\/story\/notpetya-cyberattack-ukraine-russia-code-crashed-the-world\/\">NotPetya attack<\/a> that cost global companies more than US$10 billion.<\/p>\n<p>SolarWinds also <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.businessinsider.com\/solarwinds-warned-weak-123-password-could-expose-firm-report-2020-12\">failed to practice basic cybersecurity hygiene<\/a>, according to a cybersecurity researcher.<br \/>Vinoth Kumar reported that the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.businessinsider.com\/solarwinds-warned-weak-123-password-could-expose-firm-report-2020-12\">password<\/a> for the software company\u2019s development server was allegedly \u201csolarwinds123,\u201d an egregious violation of fundamental standards of cybersecurity. SolarWinds\u2019 sloppy password management is ironic in light of the Password Management Solution of the Year <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.solarwindsmsp.com\/about-us\/press\/press-releases\/solarwinds-wins-password-management-solution-year-award-2019\">award the company received<\/a> in 2019 for its Passportal product.<\/p>\n<p>In a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/orangematter.solarwinds.com\/2021\/01\/11\/new-findings-from-our-investigation-of-sunburst\/\">blog post<\/a>, the company admitted that \u201cthe attackers were able to circumvent threat detection techniques employed by both SolarWinds, other private companies, and the federal government.\u201d<\/p>\n<p>The larger question is why SolarWinds, an American company, had to turn to foreign providers for software development. A Department of Defense <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/media.defense.gov\/2018\/Oct\/05\/2002048904\/-1\/-1\/1\/ASSESSING-AND-STRENGTHENING-THE-MANUFACTURING-AND-DEFENSE-INDUSTRIAL-BASE-AND-SUPPLY-CHAIN-RESILIENCY.PDF\">report about supply chains<\/a> characterizes the lack of software engineers as a crisis, partly because the education pipeline is not providing enough software engineers to meet demand in the commercial and defense sectors.<\/p>\n<p>There\u2019s also a shortage of <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.lawfareblog.com\/cyber-strategy-and-talent\">cybersecurity talent<\/a> in the U.S. Engineers, software developers and network engineers are among the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.cyberseek.org\/heatmap.html\">most needed skills across the U.S.<\/a>, and the lack of software engineers who focus on the security of software, in particular, is acute.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Fragmented_authority\"><\/span>Fragmented authority<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Though I\u2019d argue SolarWinds has much to answer for, it should not have had to defend itself against a <span style=\"background-color: rgba(46, 146, 255, 0.18);\">state-orchestrated<\/span>\u00a0cyberattack on its own. The <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/fcw.com\/articles\/2018\/09\/20\/wh-cyber-policy.aspx\">2018 National Cyber Strategy<\/a> describes how supply chain security should work. The government determines the security of federal contractors like SolarWinds by reviewing their risk management strategies, ensuring that they are informed of threats and vulnerabilities, and responding to incidents on their systems.<\/p>\n<p>However, this official strategy split these responsibilities between the DOD for defense and intelligence systems and the Department of Homeland Security for civil agencies, continuing a fragmented <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>roach to information security that <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.gao.gov\/products\/T-IMTEC-87-2\">began in the Reagan era<\/a>. Execution of the strategy relies on the DOD\u2019s <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.cybercom.mil\/\">U.S. Cyber Command<\/a> and DHS\u2019s <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.cisa.gov\/\">Cyber and Infrastructure Security Agency<\/a>. DOD\u2019s <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/media.defense.gov\/2018\/Sep\/18\/2002041658\/-1\/-1\/1\/CYBER_STRATEGY_SUMMARY_FINAL.PDF\">strategy<\/a> is to \u201cdefend forward\u201d: that is, to disrupt malicious cyber activity at its source, which proved effective in the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.washingtonpost.com\/world\/national-security\/us-cyber-command-operation-disrupted-internet-access-of-russian-troll-factory-on-day-of-2018-midterms\/2019\/02\/26\/1827fc9e-36d6-11e9-af5b-b51b7ff322e9_story.html\">runup to the 2018 midterm elections<\/a>. The Cyber and Infrastructure Security Agency, established in 2018, is responsible for providing information about threats to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.cisa.gov\/critical-infrastructure-sectors\">critical infrastructure sectors<\/a>.<\/p>\n<p>Neither agency appears to have sounded a warning or attempted to mitigate the attack on SolarWinds. The government\u2019s response came only after the attack. The Cyber and Infrastructure Security Agency issued <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/us-cert.cisa.gov\/ncas\/current-activity\/2021\/01\/06\/cisa-updates-emergency-directive-21-01-supplemental-guidance-and\">alerts and guidance<\/a>, and a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/obamawhitehouse.archives.gov\/the-press-office\/2016\/07\/26\/presidential-policy-directive-united-states-cyber-incident\">Cyber Unified Coordination Group<\/a> was formed to facilitate coordination among federal agencies.<\/p>\n<p>These tactical actions, while useful, were only a partial solution to the larger, strategic problem. The fragmentation of the authorities for national cyber defense evident in the SolarWinds hack is a strategic weakness that complicates cybersecurity for the government and private sector and invites more attacks on the software supply chain.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"A_wicked_problem\"><\/span>A wicked problem<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>National cyber defense is an example of a \u201c<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.stonybrook.edu\/commcms\/wicked-problem\/about\/What-is-a-wicked-problem\">wicked problem<\/a>,\u201d a policy problem that has no clear solution or measure of success. The <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/theconversation.com\/government-cybersecurity-commission-calls-for-international-cooperation-resilience-and-retaliation-133610\">Cyberspace Solarium Commission<\/a> identified many inadequacies of U.S. national cyber defenses. In its 2020 report, the commission noted that \u201cThere is still not a clear unity of effort or theory of victory driving the federal government\u2019s approach to protecting and securing cyberspace.\u201d<\/p>\n<p>Many of the factors that make developing a centralized national cyber defense challenging lie outside of the government\u2019s direct control. For example, economic forces push <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" data-internallinksmanager029f6b8e52c=\"4\" title=\"Technology\" target=\"_blank\" rel=\"noopener\">technology<\/a> companies to get their products to market quickly, which can lead them to take shortcuts that undermine security. Legislation along the lines of the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.congress.gov\/106\/plaws\/publ102\/PLAW-106publ102.pdf\">Gramm-Leach-Bliley Act<\/a> passed in 1999 could help deal with the need for speed in software development. The law placed security requirements on financial institutions. But software development companies are likely to push back against additional regulation and oversight.<\/p>\n<p>The Biden administration appears to be taking the challenge seriously. The president has appointed a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.politico.com\/news\/2021\/01\/06\/biden-white-house-cybersecurity-neuberger-455508\">national cybersecurity director<\/a> to coordinate related government efforts. It remains to be seen whether and how the administration will address the problem of fragmented authorities and clarify how the government will protect companies that supply critical digital infrastructure. It\u2019s unreasonable to expect any U.S. company to be able to fend for itself against a foreign nation\u2019s cyberattack.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Steps_forward\"><\/span>Steps forward<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In the meantime, software developers can apply the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.nccoe.nist.gov\/sites\/default\/files\/NIST-SSDF-Webinar.pdf\">secure software development approach<\/a> advocated by the National Institute of Standards and Technology. Government and industry can prioritize the development of artificial intelligence that can identify malware in existing systems. All this takes time, however, and hackers move quickly.<\/p>\n<p>Finally, companies need to aggressively assess their vulnerabilities, particularly by engaging in more <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/resources.infosecinstitute.com\/topic\/red-teaming-overview-assessment-methodology\/\">\u201cred teaming<\/a>\u201d activities: that is, having employees, contractors or both play the role of hackers and attack the company.<\/p>\n<p>Recognizing that hackers in the service of foreign adversaries are dedicated, thorough and bar no holds is important for anticipating their next moves and reinforcing and improving U.S. national cyber defenses. Otherwise, SolarWinds is unlikely to be the last victim of a major attack on the U.S. software supply chain.<!-- End of code. If you don't see any code above, please get new code from the Advanced tab after you click the republish button. The page counter does not collect any personal data. More info: https:\/\/theconversation.com\/republishing-guidelines --><\/p>\n<p><em>This article by\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/theconversation.com\/profiles\/terry-thompson-660173\">Terry Thompson<\/a>, Adjunct Instructor in Cybersecurity, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/theconversation.com\/institutions\/johns-hopkins-university-1256\">Johns Hopkins University<\/a> is republished from <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/theconversation.com\">The Conversation<\/a> under a Creative Commons license. Read the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/theconversation.com\/the-solarwinds-hack-was-all-but-inevitable-why-national-cyber-defense-is-a-wicked-problem-and-what-can-be-done-about-it-153084\">original article<\/a>.<\/em><\/p>\n<p class=\"post-article-read-next\">\n    <b>Read next:<\/b><\/p>\n<p>        California\u2019s Petaluma becomes first US city to ban new gas stations    <\/p><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/thenextweb.com\/security\/2021\/03\/08\/solarwinds-hack-proves-weak-cybersecurity-how-to-fix-syndication\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#The SolarWinds hack proves US cyber defenses are a mess \u2014 here\u2019s how to fix them&#8221; The SolarWinds hack was more than just one of the most devastating cyberattacks in history. It was a major breach of national security that revealed gaps in U.S. cyber defenses. These gaps include inadequate security by a major software&#8230;<\/p>\n","protected":false},"author":1,"featured_media":197000,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/img-cdn.tnwcdn.com\/image\/tnw?filter_last=1&fit=1280,640&url=https:\/\/cdn0.tnwcdn.com\/wp-content\/blogs.dir\/1\/files\/2021\/03\/1-copy-11.jpg&signature=0798d69cae59d39e05b4e3f6fd792ea7","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[75568,75136,87616,70759],"class_list":["post-196999","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-supply-chain","tag-cyber-attack","tag-law-enforcement-agency","tag-tech"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/196999","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=196999"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/196999\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/197000"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=196999"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=196999"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=196999"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}