Island hopping — How cyber criminals are capitalizing on poorly defended partners
By Tom Ammirati, Chief Revenue Officer, PlainID
In the modern technology landscape, large organizations and enterprises may have advanced cyber defenses — but do their partners? At a fiercely increasing pace, cybercriminals are entering through the doors of smaller, less defended businesses in order to ultimately gain access to the larger organization that has implemented a more robust security system.
Organizations are only as strong as their weakest link, and if a large organization has invested in its cybersecurity infrastructure without its partners doing the same, then they have opened the door to island hopping which allows criminals to bypass corporate security infrastructure via interactions within a partner network. The goal is to jump and hop from data store to data store until they reach their ultimate destination, whether that be sensitive company data or employee and customer credentials, to further their criminal deeds.
According to this cyberattack prevention survey, only half of the small businesses that participated are prepared for a cyberattack. Because smaller companies can often be stretched for resources, they often have not protected their environments adequately. The security solutions that detect threats, prevent damage and protect important company assets are usually not in place. These situations result in island hopping, which serves as a strong strategic attack for cybercriminals.
Cybercriminals often use island hopping to target third-party companies to gain access to a treasure trove of data with a national retailer, large healthcare provider, or critical infrastructure. They know the chances are great that vendors, third-party service providers, and partners may have weaker security hygiene, training, and infrastructure. Your partners are not consciously letting bad actors in freely, but adversaries are taking advantage of their limited resources — specifically targeting small businesses with minimal defenses and strong ties to large organizations.
The victims of island hopping
Island hopping is a major disruptor that has consequences that could last for years, potentially opening organizations up to ransomware attacks. A recent example includes Toyota Motor Corp., which was forced to suspend its factory operations at 14 plants in Japan after a supplier of plastic parts and electronic components was hacked last February. As a result, the company’s output was cut by nearly 13,000 cars.
Additionally, island hopping might happen on a smaller scale if you routinely order food for your staff from the same website. Island-hopping criminals can use that information to hack the restaurant’s website and use it as a watering hole to gather information they can use to target your business.
The role Zero Trust plays in a modern cybersecurity posture
Utilizing Zero Trust can be the difference between being a victim of cybercrime or thriving while protected. To take steps to prevent this risk, a Zero Trust solution can be paired with a clear single-panel view of company data so that it is easily readable and accessible to understand who has authorized access to what, and who can authenticate said access. These steps work as an authentication process to make sure the user is who they say they are and are not actually a compromised account. If compromised, the last thing an organization wants is an unchecked, adversarial user with administrative privileges.
Important to highlight is that no singular cybersecurity solution can stop an island-hopping attack with 100 percent certainty. However, authentication and authorization processes serve as key ways to isolate and prevent continual damage. The modern and future security perimeter includes much more than the on-prem environment and cloud systems; it extends to your partners’ and their suppliers’ environments. Essential security extends to everything connected within the network, no matter how loosely.
To aid partners, it would be recommended to require auditing of procedures and security policies. Providing free training, advice, or resources to prevent attacks would not only be smart security-wise, but it would also be a token of good business. This investment in time and resources can create a bond while also making items more manageable and affordable, especially if an attack were to happen.
After providing resources to educate, it is crucial to strongly advise the implementation of authorization and authentication solutions that provide a single panel view of the company’s network. You may expect an attack from state governments or cyber groups in the future, but for now, it may actually come from your underprepared partners and suppliers. The security landscape is constantly evolving, and organizational defenses must change with it.
About the author
Tom Ammirati is Chief Revenue Officer at PlainID.
DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.