An Island Hopping Cyber Attack Is No Holiday

Summary: This 3-minute article discusses the cyber security threats posed by island hopping attacks and how to protect your SMB from them. Also, learn how to devise an appropriate IT incident response plan. Then, contact DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) or visit for a cyber risk analysis and to discuss your SMB’s cyber protections.

Outside the IT world, island hopping conjures up beautiful images of lush islands and dream vacations. However, in the cyber security universe, island hopping is a sophisticated threat that can potentially devastate businesses, their vendors and customers.

What Is An Island Hopping Cyber Attack?

You’ve probably heard the expression “moving up the food chain.” In an island hopping attack, hackers exploit the cyber vulnerabilities of small businesses to move up the food chain to large companies with robust, hard-to-breach cyber defenses. Unfortunately, because many SMB owners don’t think hackers would be interested in their companies, they don’t focus enough on protecting their data from breaches by cybercriminals. Therefore, their less-protected networks can become access points through which hackers can attack the computer networks of large companies, much higher on the “food chain,” circumventing their defenses. Historically, the most significant island hopping cyber attacks have targeted manufacturing companies, healthcare entities, financial institutions and retail sales platforms. This attack method was named island hopping because it literally hops from one third-party business to another, compromising them along the way and leading to the grand prize of breaching a larger, more protected company.

One particularly devious island hopping technique is called a supply chain cyber attack. In a supply chain attack, malicious software or viruses are spread through vendors and suppliers. For example, in an insider attack (by an employee), a well-placed USB drive can be loaded with malware to infect an entire network and spread to other business networks of vendors, customers, clients or patients. Along the way, successful hackers use credential harvesting to gain unauthorized access to user passwords, screen names, email addresses and other private data from which to launch more cyber attacks. If businesses do not know about or address their cyber vulnerabilities, it is only a matter of time before they fall victim to an attack.

Cybercriminals have successfully used island hopping attacks to steal private data and intellectual property and deploy additional malware attacks. Once in your computer system, the hacker is in control.

Preparation is Key. Start by Creating Best Practices and an IT Incident Response Plan

Using a comprehensive IT incident response plan in tandem with ongoing employee training will help keep everyone on the same page in protecting your company’s data. Many steps can be taken to significantly reduce the chances of an island hopping cyber attack:

Cyber security is a digital treadmill. SMBs have no choice but to relentlessly pursue everything they can to protect their company’s data and the data of their partners and third-party business associates. Unfortunately, small businesses are far less likely to survive cyber attacks than large corporations. More than half of cyber assaults on SMBs lead to bankruptcy. Therefore, if you don’t feel you can address all of your own security issues, it is essential to enlist cyber security professionals to help you defend against cyber attacks and plan for the possibility of network breaches in the future.