You saw Hailey’s blog on Flame Malware  (see more at C|NET “Flame malware network based on shadowy domains, fake names”)– combine that with my Blog on Advanced Persistent Threats and then read recent press in major papers such as the recent article in the Wall Street Journal titled “U.S. Team and Israel Developed Iran Worm” regarding the Stuxnet malware and recent the Washington Post article titled “With Plan X, Pentagon seeks to spread U.S. military might to cyberspace”  and you really might begin to wonder if we have just seen the first strikes in what may be a prolonged “ Cyber War”

What does all this mean to the SMB?

We all know about the “Cold War” and recent “War on Terrorism” but what about “Cyber War”.  Is it real and should it mater to the SMB? I think that the debate is still on as to whether the “Cyber War” has started and it may well be true that we are just seeing the tip of the iceberg, but regardless whether the “Cyber War” has started or not, certainly the tools for conducting the war have been developed. We also know that these tools become the focus for not only ‘White Hat” researchers (i.e., the good guys) but also organized crime and “Black Hat” hackers want to find out how they work so that they too can use them.  It did not take very long once the Stuxnet malware was discovered for the first few researchers to duplicate it and see just how sophisticated it was as malware goes.  It will not take long for the same duplication to occur for Flame.

I have said to many audiences, that people like myself and the other Bloggers on this site and knowledgeable people who work in the security space are paranoid and getting more paranoid.  It is hard not to be.  The more you learn about the vulnerabilities that exist and the ways these vulnerabilities are being exploited the more you tend to see everything through paranoid eyes. One of Intel’s most famous leaders Andy Grove had a quote “Success breeds complacency. Complacency breeds failure. Only the paranoid survive”.  I think this is especially applicable to cyber security.  If we succeed at preventing attacks the results tend to be invisible because nothing happens and this can lead to complacency.  However, I am very cautious when I speak and when I write because I also do not want to sound like Chicken Little saying the sky is falling and I want to take action about what I see.

The SMB audience I think is especially at risk.  In my last blog,  I spoke about the security triad  (CIA – Confidentiality, Integrity, Availability)  and the constrains of Scope, Time and Cost.  Even though the SMB is limited by these constraints on what they can do, they must take the time to consider the consequences of being complacent and not taking any action.  The cost for inaction can be very high and can lead to failure on many fronts.

I ran my own business for eleven (11) years and I know what it means to invest everything you have in your business idea.  I suggest that SMB’s in particular find ways through good security practices to protect those investments, because no matter how good your idea and business may be it is exactly the success of them that will draw attention to you of a nefarious and criminal nature.