First things first:
If you are involved in the Information Security industry in any capacity you may have a price on your head. If you are a CISSP, Certified Ethical Hacker, or CISM, you may be more valuable to our enemies if you were dead. It is time for the truth to come out and we all need to take off our rose colored glasses. We executed a brain drain against Iran killing two (2) of their top Cybersecurity specialists. We are bracing ourselves for retaliation. We are currently engaged in a full blown covert Cyberwar and the risk to our country's Cybersecurity specialists grows each day.
Lock down your servers and watch your back, you may have a target on your back. In these hostile and volatile times, when our enemies are on American soil, in American Cyberspace, challenging us to a Cyberwar, it will do us all good to remember the SERE Code of Conduct (Survive, Evade, Resist, and Escape)
SERE training is intended, above all, to provide students with the skills needed to live up to the US military code of conduct when in uncertain or hostile environments. It is recited as follows:
#1 I am an American, fighting in the forces which guard my country and our way of life. I am prepared to give my life in their defense.
#2 I will never surrender of my own free will. If in command, I will never surrender the members of my command while they still have the means to resist.
#3 If I am captured, I will continue to resist by all means available. I will make every effort to escape and to aid others to escape. I will accept neither parole nor special favors from the enemy.
#4 If I become a prisoner of war, I will keep faith with my fellow prisoners. I will give no information nor take part in any action which might be harmful to my comrades. If I am senior I will take command. If not, I will obey the lawful orders of those appointed over me and will back them up in every way.
#5 When questioned, should I become a prisoner of war, I am required to give name, rank, service number, and date of birth. I will evade answering further questions to the utmost of my ability, I will make no oral or written statements disloyal to my country and its allies or harmful to their cause.
#6 I will never forget that I am an American, fighting for freedom, responsible for my actions, and dedicated to the principles which made my country free. I will trust in my God and in the United States of America.
Now that we have that out of the way we can continue with the indoctrination process. We are at a critical point in our nations history. We are at the point where the military and the fortune 500 companies are raising their security posture making their systems more difficult to attack. The unwanted attention of the world's malicious Hackers is turning towards our country's 27 million small businesses. This is terrible news for the small business community as they do not have the resources to protect themselves. Expecting them to protect themselves in Cyberspace is equivalent to expecting them to provide their own air defense during WWII.
These smaller organizations need help. The US military does not want to be responsible for protecting private sector networks but it turns out they really have no choice. Black & Berg Cybersecurity will send a Tiger Team (Red Cell) to attack your network before the bad guys do. This is a service that was once only available to military installations and fortune 500 companies.
The nations 27 million small businesses have been identified by the Obama administration as being part of the national critical infrastructure and they will be protected as such. Consider this a federal intervention into the private sector. Black & Berg are preparing to secure the small business community with resources from the Department of Defense, NSA, NIST, and the US Department of Commerce.
We are currently engaging our enemies in a covert Cyberwar and the small businesses of the United States are the "Front Lines". As of right now Hacking into your network is so easy a child could do it. I can open a phone book and randomly choose any company and proceed to lauch a crippling Cyberattack that forces the company to close their doors forever. We can either tap directly into your operating account and empty the bank accounts or we can encrypt your backups and delete all your files then charge you a ransom for the passphrase that decrypts your backups.
These attacks are happening thousands of times a day to small businesses across the country and you never hear about any of it. There is a small set of things that you can do to prevent yourself from becoming the easy target but you have to do it. If you sit still you are gone. If you have not been targeted by Hackers yet, be patient, I make you a 100% guarantee that you will ignore this advice and be Hacked in the year 2011.
Remaining complacent is no longer acceptable. You absolutely must invest in an information security program or you will be wiped off the map. This will be the only warning you receive. You have been put on notice. Ignore this warning and you and your company will not be around to see the year 2012. Good luck.
Welcome to the world's first global Cyberwar. It is no longer covert. We have our virtual beach head. Let the Cyber attacks against the small business community grow by 1000%!
Joe Black CISSP 318019 NSA-4011 CISM Security+
Certified Ethical Hacker
Christian In Action
A US citizen with the ability to obtain a Security Clearance
Senior Cybersecurity Advisor / CEO
Black & Berg Cybersecurity Consulting, LLC