Frequently Asked Questions
Who is Black Chamber Intelligence?
Is Black Chamber just another Cyber Security Company?
No, but Black Chamber will from time to time engage the top cyber security companies for those facets of policy and plan execution when necessary.
The best explanation is that Black Chamber is the lead organization providing sovereign nations and large corporate entities with the architecture, planning, and execution of cyber warfare, cyber security, intelligence, counterintelligence, UAV programmes, and, foundationally, policy institution.
What do you mean by "Policy Institution"?
Black Chamber primarily provides sovereign nations and large organizations with a "Head on the Shoulders" approach to rendering our services: we start from a solid foundation in policy-making by defining scope and regulation, then approach the broad spectrum needs with overall executable strategies.
Once defined, we then augment our Best-in-Class Leadership with similar contract providers to execute the best solutions for our clients. With our cadre of Proven Legislators, Top Executive Leadership, Academic Experts, and Legal Counsel, Black Chamber recommends new or revised public policy inherent to our skillsets focused on the defined strategies, followed through with policy implementation guidance and enforcement metric analysis.
Black Chamber will recommend or team with third party vendors that achieve the policy implementation goals.
What is the difference between Cyber Security and Cyber Warfare?
Cyber Security is the activity of fortifying against and responding to cyber threats and attacks to digital infrastructure defensively.
Cyber warfare, typically reserved for sovereign nations, is the activity of proactively pursuing bad actors that instigate cyber threats and attacks and reducing or eliminating their capabilities offensively.
Cyber Security is the wall, Cyber Warfare is the hammer, and every bad actor is a nail.
Does Black Chamber work with other Cyber Security and Intelligence Providers?
What kind of Intelligence Services do you offer?
What is HUMINT?
What is SIGINT?
What is a UAV and how does it fit?
What is a Cyber Threat, Cyber Attack, Cyber Incident, Cyber Vector, Cyber Surface and Cyber Risk?
- A Cyber Threat is a potential of a cyber attack.
- A Cyber Attack is an offensive digital operation performed by evil-intentioned actor(s) that results in access to restricted areas without authorization with malicious intent.
- A Cyber Incident is a cyber attack that does not result in a failure to protect the system.
- A Cyber Vector is the means used by an attacker to gain access to the computer system infrastructure.
- A Cyber Surface is the accumulation of all possible cyber vectors, both digital and physical, so reducing the vector surface enhances cyber security. Black Chamber calls our strategy for reducing the Cyber Surface "Black Ice", wherein the vectors used by bad actors cannot gain traction. A strategy of this magnitude requires careful planning and analysis and is an ever-changing, ever-growing effort. Nimble adaptability is the hallmark of Black Ice. The goal being to act in anticipation versus reacting to vectors in progress.
- A Cyber Risk is the probability and resulting loss from a successful cyber attack.
What are common Cyber Vectors?
Common cyber vectors include: DoS and DDoS Attacks, Virus infections, Malware, Ransomware, Trojan Horse, Phishing Campaigns, MITM Attacks, SQL Injection Attack, Password Attack, Drive-By Attacks, XSS Attacks, URL Interpretation, DNS Spoofing, Birthday Attack, Zero-Day Attacks, and many others.
- A denial-of-service (DoS) attack is designed to overwhelm the resources of a system to the point where it is unable to reply to legitimate service requests. A distributed denial-of-service (DDoS) attack is similar in that it also seeks to drain the resources of a system. A DDoS attack is initiated by a vast array of malware-infected host machines controlled by the attacker.
- Malware is a general term for malicious software, which infects a computer and changes how it functions, destroys data, or spies on the user or network traffic. Some of the many forms of malware are: ransomware, Trojan horses, phishing, MITM attacks, SQL injection, Drive-by attacks, and XSS attacks
- Ransomware causes the victim’s system to be held hostage until they agree to pay a ransom to the attacker.
- Trojan Horse is software that is hidden inside a program that appears to be legitimate.
Phishing attacks take place when a user receives an email (bait) from what appears to be a trusted and legitimate source. Also known as Whale-phishing and Spear-fishing. - Man-in-the-middle (MITM) attack refers to an attacker who is able to eavesdrop (spy) on the data sent back and forth between two people, networks, or computers.
- Structured Query Language (SQL) injection takes advantage of websites that depend on databases to serve their users to infect the databases.
- A Drive-by attack crops up when a hacker has embedded a problematic code into an insecure website.
- With XSS, or cross-site scripting, the attacker transmits malicious scripts using clickable content, often seen as a pop-up question or authorization, which is sent to the target’s browser and executed when clicked.
- With URL interpretation, attackers alter and fabricate certain URL addresses by analyzing the format of the structure and use them to gain access to the target’s personal and professional data.
- A zero-day attack occurs when hackers find and exploit a software or network vulnerability that developers don't know about yet and has not been patched yet.
What is ZTNA?
TNA is an acronym for Zero Trust Network Access. The main concept is never trust, always verify. It reduces Cyber Surface by only allowing outbound connections, so it is invisible to unauthorized users. Also known as a SDP.
SDP, an acronym for Software-Defined Perimeter, is a security strategy that disseminates permission to enter an internal digital space based on a user’s identity, but not granted access to the network.
What is the Cybersecurity Capability Maturity Model (C2M2)?
The C2M2, developed by the US Dept. of Energy (DOE), focuses on the implementation and management of cybersecurity practices associated with the information technology (IT) and operations technology (OT) assets and the environments in which they operate. The model defines four maturity indicator levels, MIL0 through MIL3, which apply independently to each domain in the model.
- MIL0 – Contains no practices for MIL0.
- MIL1 – The organization has a cybersecurity program strategy.
- MIL2 – The cybersecurity program strategy defines objectives, priorities are documented and aligned, defines oversight and governance, defines structure and is approved by senior management.
- MIL3 – The cybersecurity program strategy is updated to reflect business changes, changes in the operating environment, and changes in the threat profile.