Island Hopping: Mitigating Undesirable Dependencies

Island Hopping is a technique malicious users can utilize to gain access to a network. Basically, a user finds (or creates) a weak link in the environment, such as an infected desktop system, and uses that as an entry point. From there, the user hops around the network , accessing servers and other critical systems. 

In the January installment of Security Watch, Jesper Johansson discussed some interesting ways by which users can catch unsuspecting users and access this entry point.

Once the malicious user has accessed the weak system, he can then elevate his privileges relying on dependencies. In the latest installment, Jesper looks specifically at dependencies. He offers advice on how you can assess your dependencies to determine which ones are desirable and which ones are not.  And he gives guidance on how you can mitigate undesirable dependencies to better protect your environment.

Cheers,
matt