While island hopping sounds like a great way to spend a holiday in Thailand or Greece, the term also refers to an advanced cyber attack technique. Though it’s not a new phenomenon, this type of attack increased in prevalence in 2018 and will likely become more and more common.
The name ‘island hopping’ comes from a WWII military tactic used by the United States in the Pacific. Also known as leapfrogging, this involved capturing smaller, strategically located islands and establishing military bases there, as opposed to outwardly attacking mainland Japan. From these new bases, Allied soldiers would start the process again and continue until they reached their main target.
Similarly, in the cyber world, island hopping is when cyber criminals infiltrate their target organisation through smaller companies that work with the target. Since these smaller companies – such as HR and payroll, marketing or healthcare firms, for example – often have more vulnerable security systems than the larger target organisations, they’re easier for hackers to access.