Island Hopping Technique in Cyber Attacks

While ‘island hopping’ might come across as a fun and tropical activity to try during your next holiday, this term carries a far more negative connotation in the realm of cyber-attacks.

Indeed, island hopping refers to a data breach technique that occurs when cyber-criminals infiltrate smaller organisations – such as human resources, marketing or health care companies – in attempts to access a larger target organisation. By first invading the larger organisation’s partner companies, cyber-criminals typically have an easier time hacking their final target.

And recent research from software experts revealed that this attack method has risen dramatically over the last couple of years. In fact, a startling 50 per cent of today’s cyber-attacks utilise the island hopping technique. Don’t let your organisation become the next victim of this growing cyber-trend. Use this guidance to review the most common forms of island hopping and implement best practices to reduce your risk of a cyber-attack.

There are three different types of island hopping:

1. Network-based – Known as the most common type of island hopping, the network-based method entails a hacker invading a victim’s organisational network and eventually ‘hopping’ onto a partner’s network.

2. Website ‘watering homes’ – This technique involves cyber-criminals inserting a form of malware on a smaller company’s website that is frequently used by a larger target organisation. From there, the malware infects any individuals that use the website. The hackers can then use the infected individual’s account information to access and attack the target organisation.

3. Business email compromise (BEC) – A popular method in the financial sector, this form of island hopping occurs when hackers infiltrate the email server of a partner company and send malware attacks to the target organisation via the email account of a trusted affiliate.

Use these tips to avoid an island-hopping attack:
  • Be sure that your organisation – and any affiliate companies – have robust cyber-security policies and procedures in place, such as routine staff training and regularly updating software with malware protection.
  • Establish a cyber incident response plan to reduce potential damages from a cyber-attack. Test this plan with staff for effectiveness.
  • Secure proper cyber insurance to ensure ultimate peace of mind against evolving cyber threats. For more information, contact TH March today.

Read our other posts

Ransomware Attacks

Ransomware Attacks

While cyber-incidents of any form are a rising concern for organisations in the UK, recent research revealed that a specific type of attack is escalating at an alarming rate: ransomware. This malicious software typically invades a victim’s device through disguised downloads or email attachments, disables the device’s anti-malware software and lays dormant until activated by […]

Does Your Security Alarm Meet Requirements For Insurance?

Does Your Security Alarm Meet Requirements For Insurance?

Combating crime seems to be a never ending battle and a good business will be constantly reviewing its security arrangements. This will often include changes to alarm systems however changes recommended by alarm companies may not be acceptable to Insurers and there have been a couple of instances where Insurance Companies have not accepted the […]

The Dangers of End of Life Software

The Dangers of End of Life Software

Microsoft, a top software provider for both individuals and businesses, recently announced plans to discontinue support to several of their major products as part of an effort to invest in newer technologies and services. This change – which will take part on 14th January 2020 – will affect the following products: Windows Server 20018 and 2008 […]

5 First Aid Tips for Common Injuries

5 First Aid Tips for Common Injuries

Although workplace injuries are extremely common, recent research found that just 45 per cent of employees receive first aid training. Review these tips for five common injuries to ensure that you’re able to provide first aid in the event of an emergency: Unresponsive or lack of breathing Check for breathing by tilting the head back, […]

Professional Indemnity in Construction

Professional Indemnity in Construction

It’s Getting Harder to Secure PI Cover in the Construction Sector: What You Can Do In the midst of various large-scale catastrophes over the past few years in the UK construction industry – including the Grenfell tragedy, Carillion’s financial collapse and a range of damaging natural disasters at the hands of climate change – a […]