Over the years the number of cyber-attacks has increased significantly, and to stay safe, organisations across the world are embracing some of the most sophisticated strategies and tools. However, it’s not just the companies that are making the most out of technology advancements, hackers have also started to come up with strategies that can be used to compromise organisations.
One such approach is “Island Hopping” and it is not a way to spend a holiday. Also known as leapfrogging, this quirky-named cyber-attack in recent times has gained tremendous traction and today, it is one of the latest cybersecurity threats.
What Is Island Hopping Attack?
The term island hopping was basically a U.S. military strategy that was used in World War II. The prime motive was to get to mainland Japan to end the war. But the approach was different, instead of focusing completely on the ultimate target, they focused on limited Allied resources on strategically important islands such as Hawaii, Marshal island, Guam etc. that were not well defended but capable of supporting the drive to the main islands of Japan.
Hackers also use this same concept — they don’t attack the ultimate target company directly, rather they focus on infiltrating their affiliates. But why is it so? When a company is secured with high-end tools and strong white hat team, it gets tough for attackers to pwn them. So, they find other small companies with whom the prime target does business as these affiliates don’t have the security infrastructure, and are not as strong as the prime target organisation. Attacking the affiliates also helps them gain more knowledge about the operations of the prime target.
This method of hacking has seen such a rise that according to Carbon Black’s last year report, 50 per cent attacks that were launched over the past few years are island hopping.
A High-Profile Victim Of Island Hopping Attack
In late 2013, the eighth-largest retailer in the United States, Target Corporation suffered a massive data breach when its Point of Sale system was owned — payment information of 40 million customers were stolen. And this breach cost Target nearly about $300 million.
And the interesting thing about this entire event was the fact the attack didn’t start at the Target or any of its servers. The attackers intruded one of Target’s affiliates, Fazio Mechanical Services, a firm that provides Target’s heating and refrigeration. As Fazio wasn’t as strong as Target in terms of cybersecurity infrastructure, the company witnessed a malware attack shortly before Target’s breach. And the hackers stole email credentials that were later used to access Target’s networks.
What Should Organisations Do To Prevent Island Hopping Attacks
When it’s about preventing or mitigating cyber threats like island hopping, there are several best practices that every company should follow. Here are some of them:
Have A Word With Affiliates Regarding Cyber Security Infrastructure
When you are a company that deals with some of the most sensitive information, it is imperative to have serious talks about cyber security with other companies that you do business with. If any way your affiliates have access to some of the data of your company, hacking them would cost you as well. So, make sure you help them conduct a security audit or advise them how to go about it.
When it comes to securing data, no company can compromise anything on any aspect. Therefore many companies across the world have started to recommend the same cybersecurity ecosystem to the ones who want to do business with the main company. Meaning, a company would do business only when the other company to adopt the same cybersecurity infrastructure.
Check What Data Can Your Affiliates Access
Make sure your organisation get a routine check done about all the data that other small business or affiliates can access. Every time you see any of the partner company accessing any of your data, make sure that it is with prior permission. Another thing to keep in mind is whether a company should be given access to a particular form of data.
Even though passwords are important, they have become old school. Today, password hacks have become one of the easiest things for hackers. This is where multi-factor authentication such as 5-factor authentication comes into the play.
Multi-factor authentication is considered to be one of the best ways to stay safe and secure because of the combination of the factors. So, make sure your company makes the most out this form of security. In order to have a clear view of what multi-factor authentication is, you can read the article here.
Have A Strong Incident Response System
Sometimes it doesn’t matter how strong your cybersecurity defenders are, because if you are hacked, only an incident response system would save you from the aftermath. So, it is definitely imperative for companies to have a strong incident response system that follows the industry standard. We also have an article written about this; you can read it here for more information about incident response framework.
Have A Team Dedicated To Keep An Eye On Lateral Movement And Credential Harvesting
Lateral movement is basically a technique that hackers use to move through a network. The approach is to move slowly and progressively in stealth mode towards the prime target. And talking about credential harvesting, it is an act of compromising accounts and keeping them for later use to carry out an attack.
If a company successfully manage to stop these two things, they would probably be able to stop a significant amount of cyber attacks as most of the hackers today use these two methods.
It doesn’t matter how strong a company’s cybersecurity infrastructure is, if you are not alert, hackers would definitely find a way to compromise your system. Over the years, many hacking events have happened that has proved that gone are those days when a firewall or a team of cybersecurity professionals would stop a cyber attack — today, even threat actors have become sophisticated and are making the best use of technological advancements. If you want to keep your sensitive data secure, you have to consider looking at all the potential aspects that hackers can exploit and secure them.