If you are looking for the best computer security in Ashford Kent, Canterbury, Maidstone and the surrounding communities of Kennington, Willesborough, Kingsnorth, Brabourne, Sellindge, Charing, Pluckley, Ham Street, Aldington, Mersham, Wye, Hothfield, Goddington, Little Chart, Brook, Egerton, Challock, Shadoxhurst and Hythe consider Flag Computer Repair, your best choice. Affordable Computer Repair Service. Local, mobile service. Industry certified. Free Collection.
Island Hopping: Not Always a Good Thing
The phrase “island hopping” conjures up positive images. You might think of cruising beautiful sandy beaches on a tour of tropical islands. Too bad cybercriminals have given the term a new, less pleasant spin.
Island hopping is an increasingly popular method of attacking businesses. In this approach, the cybercriminal targets a business indirectly. The bad actors first go after the target’s smaller strategic partners. So, vendors or affiliates, who might not have the same level of cybersecurity, become stepping stones to hop.
Attackers might hack into smaller businesses handling the target’s HR, payroll, accounting, healthcare, or marketing. Then, they take advantage of the pre-existing relationship to access the final destination.
Humans are trusting. Cybercriminals exploit that. With island hopping, attackers leverage the trust established between strategic partners.
It’s quite simple: attackers gain access to Company A and send a counterfeit business communication to Company B. Company B, knowing the sender, is less likely to question a download link or opening an attachment.
After all, it’s not coming from a stranger; it’s a message from perfectly pleasant Jenny at Company A. You may have in the past already shared logins to various sites/portals, or passwords to unlock zip files.
The Rise of Island Hopping
This is not a brand-new form of attack. In fact, it’s named after a military strategy which the United States used in World War II to establish a stronghold in the Pacific Islands.
Perhaps the best-known island-hopping cyberattack was seen in the United States in 2013. Retail giant Target was the aptly named target of a point-of-sale system breach. Hackers stole payment information from 40 million customers. The first “island” in the planned attack was Fazio Mechanical Services. The heating and refrigeration firm suffered a malware attack shortly before Target’s breach. Fazio’s hackers stole email credentials needed to access the retailer’s networks.
As enterprises continue to strengthen their cybersecurity, it’s predicted that island hopping will gain momentum. According to Accenture’s Technology Vision 2019 report, less than a third of businesses globally know how strategic partners secure their networks. A majority (56%) rely on trust that business partners would uphold security standards.
Preventing Island Hopping
You may be one of the islands to hop or the attackers’ final destination. It depends on your business size and industry. Either way, your business is vulnerable to malware attack, infected systems, or a data breach. Plus, if you’re the stepping stone, you’re likely to lose the target company’s business, too.
How do you prevent island hopping? First, secure your own networks and systems:
- Follow best practices to detect and identify vulnerabilities and reduce risk.
- Educate your employees about the dangers of business communication scams.
- Raise awareness of phishing schemes and social engineering.
- Require two-factor user authentication.
- Change all default, generic, or predictable passwords.
- Keep security up to date (patching and system upgrades are mandatory).
- Control who can access your networks and servers.
- Protect all endpoints (including employee devices in a Bring Your Own Device workplace).
When it comes to cyber island hopping, your business doesn’t want to be a layover or the final destination. Keep your cybersecurity borders tight to avoid unwanted visitors.
Want to make your business inhospitable to island hoppers? Work with a managed service provider. They can help assess cybersecurity, provide a plan to reduce risk, and upgrade technology. Let me support your efforts to fend off unwanted tourists.
Give me a call on 07976 151148
I offer unlimited Microsoft Exchange Online, SharePoint, OneDrive and Teams data backups.
Microsoft Email security (spam filtering, anti-ransomware, anti-malware and anti-phishing).
A dark-web monitoring service. Contact me for more information.
I send out FREE computer tips and tricks updates regularly, this is an example. If you subscribe via This Link, you get access to all the articles and my bonus guide “Is your business ready for GDPR”
I can help with:
Computer Repair
PC Repair
PC Tune-up
Virus Removal and Repair
Network Repair
Computer Monitoring Service
Data Recovery
Data Backup
New Device Setup
