Network-based island-hopping. This the most typical form of island-hopping, in which an attacker leverages one network to “hop” onto an affiliate network. Of late, this has often taken the form of targeting an organization’s managed security services provider (MSSP) to flow through its connections.

Websites converted into a watering hole. In this method, a victim’s website is converted into a “watering hole,” a technique aimed at ensnaring a victim’s customers and partners. It’s the greatest way to hijack a brand, and as such, organizations need to make this a brand protection issue. Chief marketing officers have to have their own cybersecurity strategy in place as it relates to their digital marketing footprint.

Reverse Business Email Compromise (BEC). This is a new trend, occurring primarily in the financial sector, where attackers take over the mail server of their victim company and leverage fileless malware attacks from there to those who trust it.

At the same time, another trend in cyberattacks has less to do with money and more to do with simple destruction, as cases of what's dubbed "virtual arson" have increased by 160 percent since 2018. This is linked to a growing fear within companies of attacks led not by outside agents but by inside rogue employees and rogue vendors. While external threats remain the the highest concern for companies, fears of rogue employees grew from 14 percent last year to 18 percent, and fears of rogue vendors are completely new, going from 0 to near 6 percent in the same time period.