Island hopping: one thing that probably comes to your mind on hearing this term is an exotic holiday, beaches, and lots of fun.
While the jargon definitely gives you #TravelGoals, the term is used in a different context these days, especially in the world of cybersecurity.
What is Island Hopping?
The term island hopping was made popular by the United States during World War II. Also called leapfrogging, island hopping was a military tactic used by the US in the Pacific. The process involved capturing easy-to-reach islands strategically and establishing military bases in their way to attack mainland Japan.
From these newly established military bases, soldiers would start the process again and capture other small islands. This process was repeated until they reached their final target.
Taking a cue from that strategy, cybercriminals are doing something similar these days to target big enterprises through smaller companies that work with them. Since smaller businesses have more vulnerable security systems, they use this to their advantage to target bigger organizations.
Once they have compromised the systems of smaller businesses, they use their shared network to reach their final target, thus keeping customer data, supply chain and everything that comes in between at high risk.
According to a report by Carbon Black, the victims that cybercriminals attack are primarily for island hopping. If the security systems used by their final target are advanced, the number of victims used in the entire process of island hopping is even larger.
The report further revealed that in addition to compromising a system with malware and others, the hackers also try to enter the organizations through Internet of Things (IoT) devices. Out of the participants that participated in the survey, 40% of them reported that their IoT devices were compromised.
Signs of a potential data breach
The sooner you understand the problem, the lesser the damage is. Thus, look out for the following signs to know if your network is compromised:
- If there are too many failed logins, and the successful ones are taking too long to happen, this might indicate that hackers are trying to take control of the network.
- If there are unknown large files that are unusual for your network, this might be an indication that hackers have stolen information from your network. Attackers often tend to store these files in their target’s system before exfiltration.
- If you notice any change in the DNS records, you must investigate to understand the root cause of the problem.
Island Hopping is not new
Island hopping is not a new threat, and you might already be familiar with such an attack. Target Corporation’s data breach in 2013 was nothing but a popular case of island hopping which affected more than 40 million individuals whose important personal details like email addresses, mailing addresses, names, and credit and debit card information were exposed.
The breach not only cost $250 million for Target, but also interfered with its reputation.
The entire security issue originated through an HVAC company that served as a contractor for various Target locations. The company had access to Target’s network. Cybercriminals used this fact to their advantage and injected malware into Target’s system through the vendor’s remote access.
Another similar case happened when Home Depot fell prey to Island Hopping. Attackers infused malware into the self-checkout systems of Home Depot by stealing the username and password of a third-party vendor. That way, they entered the Home Depot network and got access to the personal details of more than 100 million customers.
Island Hopping has definitely made things tough for small businesses who are now required to enter into a contractual agreement assuring the enterprise that they will follow a minimal standard for cybersecurity protection at their end.
Some enterprises have even included a clause in their contract that any third party responsible for the breach will, in turn, bear the expenses of the attack.
How to protect your organization from Island Hopping
As attacks are becoming more frequent, and larger organizations are focusing on the security of their third-party vendors, it is extremely important for small businesses to keep themselves safe.
Here are a few pointers which can come to your rescue:
- Enable two-factor authentication to prevent hackers from getting access to your company emails and other systems.
- Keep backing up your data periodically, and ideally to a computer placed at another location.
- Make sure that all the associated endpoints are safe and secure. It is necessary to ensure the safety and security of desktops and laptops, but also of other devices like phones and tablets of your employees. IoT devices like printers and network-connected lighting should not be ignored either. A VPN service could come to your rescue here. However, make sure that you read their reviews and have a look at the experiences of other organizations before subscribing. You can read our NordVPN review here.
- Avoid clicking links which come from unreliable and unknown sources. They might be a phishing attempt to steal your personal information. In an event when your employees have clicked on any such email, ask them to change their credentials immediately. Also, educate your employees on what kind of emails they generally receive. Ask them to raise a red flag in case they see any unusual and suspected email in their inbox.
- Keep your antivirus definitions up to date.
- Avoid granting vendors and customers access to your servers and networks until and unless absolutely necessary.
The Wrap Up
We hope this article highlighted just how important it is for the organizations, both small and big, to keep their security systems updated and follow proper security measures. One small mistake can expose data of millions of customers. The need of the hour is to equip your organization with proper security systems and resources strongly dedicated to maintaining the safety of your organization.
What is your take on this? Let us know in the comments below.