31. August 2019 12:10
A watering hole attack is an opportunistic cyber security attack where the attacker targets a specific group of end users, usually an organization.
What Does ‘Watering Hole Attack’ Mean?
The attack gets its name from a wildlife predatory tactic. Many predators in a forest lurk around a watering hole or an oasis to wait for their prey. As the prey comes to drink water from the oasis, the predator grabs the opportunity to attack. The cyber-attack follows a similar approach and is thus named as ‘Watering Hole Attack’.
How Is The ‘Watering Hole Attack’ Executed?
For executing the attack, hacker traps a single user to gain access to a corporation’s server. The attack is executed in a stepwise process:
- Finding The Waterhole: The attackers begin the process by finding the waterhole. They conduct thorough research and observe their target user to find out the website that is frequently visited by him. This website acts as the waterhole.
- Infecting the server: When targeted user accesses the site, a script containing the malware is automatically downloaded on the user’s system. This malware collects personal information from user’s device and sends it to the C&C server. In some cases, the malware script may allow complete access of the victim’s system to the attacker. The infection is then spread across other systems on the organization’s server.
Avoiding ‘Watering Hole Attack’
In order to increase the impact of an attack, hackers choose trusted websites for launching the infection. Also, they make use of zero-day exploits for infesting these websites. This makes it difficult for traditional tools like antivirus to detect these attacks at an early stage. Thus, employing preventive measures is the best way to keep yourself safe from Watering Hole Attacks.
- Keep your system updated with latest software patches.
- Configure firewalls & other network security protocols.
- Monitor the popular websites visited by your employees to ensure that these sites are not infested with any malware.
- Regularly monitor your organization’s websites to detect any malware at its earliest stage.
- Use browser’s private settings and VPN services to hide your online activities.
- Configure your security tools to keep users notified about compromised websites.
- Educate your employees about ‘Watering Hole Attacks’ and ways to avoid them.
For more information on Watering Hole Attack, contact Centex Technologies at (972) 375 - 9654.