The recent attacks on the New York Times; Washington Post and Federal Reserve illustrate a dangerous trend in cyber tactics. All of these institutions became victims of Island Hopping. Island Hopping has become the tactic of choice for elite hacker crews. As an information security specialist your organization is being targeted by nation states; criminals and activists alike. The recent attack on the Fed demonstrates the evolution of hacker tactics to island hop from your networks into your constituencies systems. The evolution of lateral movement and the automation of privilege escalation; local information gathering and exfiltration of data all harken a serious paradigm shift of our adversaries to colonize our ecosystems. The hacker community is targeted trusted third parties to bypass the perimeter defenses of the intended targets. As illustrated by the recent ISACA Survey on APTs more than 80% of respondents had yet to alter the terms of their SLAs to manage the system risks posed by island hopping.
Ensuring the cybersecurity of the trusted third parties whom you conduct business with is imperative. I recommend you alter your SLA’s to include the mandate of greater security controls like; network traffic analysis; file integrity monitoring; virtual patching and custom sandboxing as requirements for the managed service providers and business partner networks. Managing the systemic risk posed by these trusted external networks will be your true challenge of 2013. The cybersecurity of your network now is paramount to managing the infestation of your trusted user and customer accounts. Help thwart island hoping by embracing the tactical shifts of the underground.