Mojo
  • Home
  • Services
  • IT for Business
    • Network Check Up
  • Computer Repair
  • NH Computer Support
    • Londonderry/Derry Network Support
    • Bedford NH IT Services
    • Salem NH IT Services
  • Blog
  • Computer Support MA
  • Security Cameras
  • About US
    • Testimonials

Tips, tricks,
updates and more

Island Hopping: Not Always a Good Thing

7/8/2019

2 Comments

 

Picture
 The phrase “island hopping” conjures up positive images. You might think of cruising beautiful sandy beaches on a tour of tropical islands. Too bad cybercriminals have given the term a new, less pleasant spin.
Island hopping is an increasingly popular method of attacking businesses. In this approach, the cybercriminal targets a business indirectly. The bad actors first go after the target’s smaller strategic partners. So, vendors or affiliates, who might not have the same level of cybersecurity, become stepping stones to hop.
Attackers might hack into smaller businesses handling the target’s HR, payroll, accounting, healthcare, or marketing. Then, they take advantage of the pre-existing relationship to access the final destination.
Humans are trusting. Cybercriminals exploit that. With island hopping, attackers leverage the trust established between strategic partners.
It’s quite simple: attackers gain access to Company A and send a counterfeit business communication to Company B. Company B, knowing the sender, is less likely to question a download link or opening an attachment.
After all, it’s not coming from a stranger; it’s a message from perfectly pleasant Jenny at Company A. You may have in the past already shared logins to various sites/portals, or passwords to unlock zip files.


The Rise of Island Hopping 
This is not a brand-new form of attack. In fact, it’s named after a military strategy which the United States used in World War II to establish a stronghold in the Pacific Islands.
Perhaps the best-known island-hopping cyberattack was seen in the United States in 2013. Retail giant Target was the aptly named target of a point-of-sale system breach. Hackers stole payment information from 40 million customers. The first “island” in the planned attack was Fazio Mechanical Services. The heating and refrigeration firm suffered a malware attack shortly before Target’s breach. Fazio’s hackers stole email credentials needed to access the retailer’s networks.
As enterprises continue to strengthen their cybersecurity, it’s predicted that island hopping will gain momentum. According to Accenture’s Technology Vision 2019 report, less than a third of businesses globally know how strategic partners secure their networks. A majority (56%) rely on trust that business partners would uphold security standards.
Preventing Island Hopping 
You may be one of the islands to hop or the attackers’ final destination. It depends on your business size and industry. Either way, your business is vulnerable to malware attack, infected systems, or a data breach. Plus, if you’re the stepping stone, you're likely to lose the target company’s business, too.
How do you prevent island hopping? First, secure your own networks and systems:
·  Follow best practices to detect and identify vulnerabilities and reduce risk.
·  Educate your employees about the dangers of business communication scams.
·  Raise awareness of phishing schemes and social engineering.
·  Require two-factor user authentication.
·  Change all default, generic, or predictable passwords.
·  Keep security up to date (patching and system upgrades are mandatory).
·  Control who can access your networks and servers.
·  Protect all endpoints (including employee devices in a Bring Your Own Device workplace).
When it comes to cyber island hopping, your business doesn’t want to be a layover or the final destination. Keep your cybersecurity borders tight to avoid unwanted visitors.
Want to make your business inhospitable to island hoppers? Work with a managed service provider. They can help assess cybersecurity, provide a plan to reduce risk, and upgrade technology. Let us support your efforts to fend off unwanted tourists.

​
Give us a call at 603-965-3420.
2 Comments
Myazimia link
2/21/2023 10:25:36 pm

Thanks for sharing. I found a lot of interesting information here. A really good post, very thankful and hopeful that you will write many more posts like this one. Visit <a href="https://myazimia.com">Myazimia</a> to get updated.

Reply
Marak Tyler link
2/21/2023 10:32:57 pm

Nice article! Thanks for sharing informative post Keep posting

Reply



Leave a Reply.

    Wicked Mojo IT

    Small business IT support and computer repair.
    We are always available to help with your business computer needs.

    Archives

    November 2020
    July 2019
    June 2019
    May 2019
    March 2019
    July 2017
    June 2017
    May 2017

    Categories

    All

Services

  • Networks
  • Servers
  • Computer Repair
  • Security Cameras
  • Networking
  • Wireless Networks
  • Data Cabling
  • Software support




34 Crystal Ave
Derry NH, 03038
603-965-3420
info@wickedmojoit.com
© COPYRIGHT 2017 Wicked Mojo IT.
ALL RIGHTS RESERVED.
You can find our
Privacy Policy Here

15 Constitution Drive, Suite 1A
Bedford, NH, 03038
  • Home
  • Services
  • IT for Business
    • Network Check Up
  • Computer Repair
  • NH Computer Support
    • Londonderry/Derry Network Support
    • Bedford NH IT Services
    • Salem NH IT Services
  • Blog
  • Computer Support MA
  • Security Cameras
  • About US
    • Testimonials