50% of Attacks Leverage “Island Hopping” Says Carbon Black

50% of Attacks Leverage "Island Hopping" Says Carbon Black

Today, endpoint security solution provider Carbon Black released their “Global Incident Response Threat Report” for April 2019. Among the report’s findings, Carbon Black reveals exactly half—50%—of all cyber attacks leverage “island hopping.” Obviously, this poses an extreme risk to enterprises. 

What is Island Hopping?

To summarize, island hopping can take three distinct forms: network-based, watering hole, and Reverse Business Email compromise:

  • Network-Based Island Hopping: The most traditional form of island hopping, in which the attacker leverages your network to reach another connected network (such as a third-party or client).
  • Watering Hole: This form lures customers and partners to a victimized website.
  • Reverse Business Email Compromise: Mostly attacking financial enterprises, hackers can take over email servers and dispenses fileless malware from that point.

Regardless, these attacks allow hackers to steal both intellectual property as well as finances from enterprises.

What the Experts Say

In the report, Carbon Black’s Chief Cybersecurity Officer Tom Kellerman offers his thoughts. “Attackers are fighting back. They have no desire to leave the environment. And they don’t just want to rob you and those along your supply chain. In the parlance of the dark web, attackers these days want to ‘own’ your entire system.”

Also, Thomas Brittain—Carbon Black’s Global IR Partner Program Leader—shares his analysis. “More often than not, the adversary is going after the weakest link in the supply chain to get to their actual target. Businesses need to be mindful of companies they’re working closely with and ensure that those companies are doing due diligence around cybersecurity as well.”   

Other Findings From the Carbon Black Report

Obviously, Carbon Black reveals more than just the increased prevalence of island hopping in their Global Incident Response Threat Report. In fact, they also find:

  • 56% of incident response partners encountered counter incident response in the past 90 days.
  • 70% of all attacks attempt some kind of lateral movement.
  • 31% of attack victims suffer a destructive attack.  
  • Financial, manufacturing, and retail are the three industries most likely to suffer an island hopping attack.  

In conclusion, the key to preventing these lateral movement attacks is visibility through next-gen endpoint security. Feel free to check out the full Carbon Black “Global Incident Response Threat Report” for April 2019 here

 

Follow me

Ben Canner

Editor, Cybersecurity at Solutions Review
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner
Follow me

Leave a Reply

Your email address will not be published. Required fields are marked *