Security researchers opined that ‘Island Hopping’ is an increasingly popular cyber-attack technique using by the cybercriminals in recent times. Island Hopping is an advanced attack method, where attackers intrude their target organization through small companies that work with the target company. In this attack, the hackers compromise the network system between the two companies and take advantage of the digital assets.
According to the cybersecurity firm Carbon Black, attackers are using Island Hopping method to infiltrate smaller companies like HR, marketing, and healthcare firms to allegedly access a larger target organization.
The Carbon Black stated the Island Hopping method has seen a rise in usage over the past few years, with 50 percent attacks were launched using the same. In its report, Carbon Black’s Quarterly Incident Threat Report, the company revealed that the industries most affected by island hopping are financial (42 percent), manufacturing (32 percent), and retail (32 percent).
“At this point, [island hopping] has become part and parcel of a cybercrime conspiracy,” said Tom Kellerman, Carbon Black’s chief cybersecurity officer. “They’re using their victim’s brand against customers and partners of that company. They’re not just, say, invading your house – they’re setting up shop there, so they can invade your neighbours’ houses too.”
A similar survey from Carbon Black stated the rate of cyber-attacks on healthcare industry appear to be increasing exponentially. In its survey report Healthcare Cyber Heists in 2019, Carbon Black has disclosed what is happening to the Personal Health Information (PHI) that was stolen by cybercriminals.
The survey, which involved 20 of the healthcare industry’s Chief Information Security Officers (CISOs), found the healthcare sector being targeted because of how lucrative PHI is when compared to other personal data like credit card numbers. It’s said that personal health information is worth three times more than other personal information since the health information never changes and can be used by cybercriminal groups for extortion or compromise.
The survey revealed that around 83% of surveyed healthcare organizations stated they’ve seen an increase in cyber-attacks over the past year and over 66% surveyed said that cyber-attacks have become more sophisticated over the past year.