Castle builders in medieval times knew that they needed a layered defense to keep marauders out. They built structures with thick walls, towers and battlements. They surrounded themselves with moats or ramparts, and had built-in attack positions.
Doors were the most difficult part of the castle to defend, so they had as few doors as possible, and they often reinforced them with metal.
None of these defenses did any good, however, when a castle occupant unknowingly opened the door to an intruder.
You might not have a stone-built castle to defend in 2019, but whether you like it or not, your responsibility to defend against cyber attacks extends not just to your own kingdom, but to the communities that you do business with.
Why? Because cyber criminals are increasingly targeting small businesses as an entryway to infiltrate larger organizations so they can net a bigger reward.
What is the Cyber Security Risk Known as 'Island Hopping?'
This tactic, known as “island hopping” isn’t anything new. It's when hackers go through another entity (typically smaller and less secure) to get to a bigger fish. Case in point: The big Target data breach in 2013. Hackers found a way to Target’s systems through their HVAC vendor.
It's clear that cyber criminals are increasing looking for unlocked doors this year.
According to Carbon Black’s “Global Incident Response Threat Report for April 2019”, 50% of all cyber attacks are initiated using the island hopping tactic.
More Unlocked Network Doors
One of the reasons why more network infiltration is happening is because there are so many more doors, or network access points, than there used to be.
Many businesses are using web-based software tools that connect with their systems. Access to these software platforms, as well as to traditional network infrastructures, is increasingly done through mobile devices. Additionally, companies are connecting more equipment to their networks through the Internet of Things (IoT) and this equipment often lacks even the most basic security measures.
How Cyber Criminals Get on the Island
Island hopping attacks can start with traditional hacker tactics such as phishing and social engineering. People are lured into clicking a link or downloading an attachment which has a malicious payload.
Often a hacker’s successful entry goes unnoticed for many weeks or months, which is a lot of time for a bad guy to be lurking around in a network.
Stop the Hop Before It Happens
Because 90% of all data breaches happen because of human error or action, cyber security awareness training for all staff is a must for organizations of all types and sizes.
When people are savvy about the tactics that cyber criminals use against them, they are better armed to recognize and respond to an attack when they see one.
Increase Network Visibility to Identify Intruders
The malware that the bad guys are using to sneak around, steal and spy is getting more and more sophisticated with artificial intelligence (AI).
That means that the countermeasures that we use to thwart malware need to become more sophisticated, too. Not every IT support company has invested in these tools, but network visibility is increasingly becoming imperative to keeping the keys to your castle -- and your crown jewels -- safe.
VC3 Offers Advanced Cyber Security Services
VC3 is one of the few managed IT service providers to offer services that provide the best protection against island hopping, and a wide array of sophisticated cyber criminal tactics. Contact us to get a cyber security assessment, and learn how you can close the gaps in your defenses.