50% of cyber attacks now use island hopping

Financial, retail and manufacturing businesses are in the firing line of this increasingly popular cyber attack method

City office buildings image with overlay of security padlocks and network showing a data breach

Island hoppingis an increasingly popular cyber attack technique where cyber criminals infiltrate smaller companies, such as HR, marketing or healthcare firms, in order to access a larger target organisation.

It's a method that has seen a steep rise in usage over the past few years, with 50% of today's attacks using island hopping, according to Carbon Black's Quarterly Incident Threat Report.

The report revealed that the industries most affected by island hopping are financial (42%), manufacturing (32%) and retail (32%), although those numbers may well be higher as it is sometimes difficult to work out the journey of an attempted cyber attack.

"At this point, [island hopping] has become part and parcel of a cybercrime conspiracy," said Tom Kellerman, Carbon Black's chief cybersecurity officer. "They're using their victim's brand against customers and partners of that company.

"They're not just, say, invading your house - they're setting up shop there, so they can invade your neighbours' houses too."

At present, there are three main forms that island hopping takes, although new forms may manifest themselves in the future:

Network-based island hopping is the most well-known variant, where an attacker leverages a victim's network to hop' onto an affiliate network. Recent hacks of managed service providers (MSPs) are an example of this, where cyber criminals have been exploiting weak account credentials to access systems installed by MSPs to launch ransomware attacks.

Websites converted into watering holes' are a growing island hopping method seen by 17% of respondents. Hackers insert malware into a smaller target website often used by a large organisation, which then infects individuals coming to use that site. Attackers are then able to use that information to get access to the target organisation.

Reverse business email compromise (BEC) is a new trend, which has been seen in the financial sector. Hackers take over the email server of the victim company, and uses email to send malware attacks to a target company from the trusted recipient.

Organisations are vulnerable to island hopping because it only takes one weak link in the chain of companies they depend on to open up systems to an attack.

There are challenges when it comes to responding to an attack as well; 44% of those surveyed said that a lack of visibility prevented them from being able to respond effectively.

In the meantime, ensuring the security policies and procedures of both your own organisation and any partners you work with are up-to-date is a good place to start with ensuring you don't fall victim to island hopping.

Similarly, ensuring you have a solid backup and disaster recovery plan in place will help your business recover quickly, should the worst happen.

Island hopping webinar

If you want to find out more about island hopping, including how security teams can guard against its use in attacks, watch IT Pro's counter-incident response webinarnow. Presented in association with Carbon Black, the webinar also covers how hackers have begun using counter-incident response tactics to maintain their hold on target networks once they're discovered by security teams.

Adam Shepherd, our moderator, speaks to industry experts, including some of Carbon Black's top strategists, to find out what this means for your security model, and how you can learn from attackers' patterns to make your business safer.

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

Watch now

A buyer’s guide to board management software

Improve your board’s performance

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

Download now


Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021

Most Popular

Google Cloud to open new office in Pune, India

Google Cloud to open new office in Pune, India

24 Jan 2022
Dell XPS 15 (2021) review: The best just got better

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022
Sony pulls out of MWC 2022
Business operations

Sony pulls out of MWC 2022

14 Jan 2022