New Supply Chain Attacks Using "Island Hopping"

Supply chain attacks are getting more prevalent and dangerous says the latest quarterly Global Incident Response Threat report from cybersecurity firm Carbon Black.  Half of current cyberattacks use “island hopping” as an approach, which means attackers are after not only the target network but all those along its supply chain as well, the report states.


Industries most targeted by island hopping are financial (47 per cent), manufacturing (42 per cent) and retail (32 per cent) according to Carbon Black.


Tom Kellermann, Carbon Black’s chief cybersecurity officer, said attackers are using their victim’s brand against customers and partners of that company. “They’re not just, say, invading your house – they’re setting up shop there, so they can invade your neighbours’ houses too.”


The report is based on a survey of 40 Carbon Black incident response partners and offers actionable intelligence for business and technology leaders, supported by analysis of the newest threats and advice on how to stop them.


According to the report, the main reason organisations are vulnerable to island hopping is a lack of visibility, which 44 per cent of respondents named as the top barrier to incident response, up from 10 per cent the previous quarter.


“More often than not, the adversary is going after the weakest link in the supply chain to get to their actual target,” said Thomas Brittain, who leads Carbon Black’s Global IR Partner Program. “Businesses need to be mindful of companies they’re working closely with and ensure those companies are doing due diligence around cybersecurity as well.”

more news

65000 GDPR Data Breaches In Europe To Date


European privacy authorities have received almost 65,000 data breach notifications since the EU's new privacy law went into full effect. In addition, regulators in 11 European countries have imposed $63 million in General Data Protection Regulation fines.

read more

More than half of British firms 'report cyberattacks in 2019'


The proportion of UK firms reporting a cyberattack has jumped, despite most businesses admitting they are under-prepared for breaches, according to research from Hiscox reported by the BBC. The insurer found 55 per cent had faced an attack in 2019, up from 40 per cent last year.

read more

Sloppy IT Processes Risk Cyberattacks - McAfee


McAfee this week published a report that turns familiar survey findings on their heads by reporting that most cybersecurity breaches are the result of lax IT processes rather than mistakes made by end users.

read more

Cybercrime Soaring Reports MalwareBytes


Cybercrime is accelerating at a worrying rate, reports MalwareBytes in its Q1 2019 report. Every quarter that goes by shows more alarming data as to how much cybercrime activity is going on out there, with organizations and companies being called to face and deal with an increasing amount of threats, coming literally from everywhere.

read more