Attackers will look to infiltrate target organisations through smaller companies that work with the target. The term refers to a military tactic where smaller entities are captured and leveraged in order to get to an original target.

Island Hopping is effectively a Supply Chain attack. Attackers are banking on the assumption that smaller companies will be easier to compromise, and from there they can take advantage of any shared systems and/or the trust between organisations.



Understand the security risks involved with your supply chain
Build a picture of who your suppliers are and what their security looks like. Do you know what needs to be protected and why?

Raise awareness of security with your supply chain
Communicate your needs to your suppliers, build it into your contracting processes, and meet your own security responsibilities both as a consumer and supplier. For example, the government backed Cyber Essentials scheme can be an indicator that companies have a commitment to cyber security, and have taken steps to guard themselves against the most common cyber threats. Details about the scheme can be found at

Seek continuous improvement of security within your supply chain, and build trust with your suppliers

Educate and train staff to defend against Phishing attacks
For advice on how to spot and defend against phishing, see the NCSC's guide on this at

The Take Five campaign is a national campaign encouraging people to stop and think about whether a situation is genuine. Visit the website at

Device security
As a minimum, organisations need to ensure that devices are always fully patched and have anti-malware/anti-virus software in place. This should apply to ALL of your devices, including phones/tablets/printers/routers/internet enabled cameras/IoT devices etc.

If you've been affected by this or any other type of cyber crime, report the details to Action Fraud (0300 123 2040 / Always keep an eye out for any suspicious follow up activity as well.

By using this website you agree to our use of cookies to enhance your experience. I understand

Windows 7 EOL

On January 14th 2020 Windows 7 and Windows Server 2008 (inc.variants) reached End of Life and will no longer have release updates or security patches provided by Microsoft.

These systems will still work after this date, but your business may be exposed to emerging threats of new viruses and malicious attacks.

Please don’t hesitate to contact either Julie or Darryn on 01460271055 to discuss your concerns.