Avoid the Watering Hole

Avoid the Watering Hole

Dennis Snider

263 Posts




“Watering hole” attacks are attacks that are aimed at Internet users within a particular industry or group by selecting websites that they are likely to visit, infecting them, and using them to trick them into visiting malicious websites.

This type of attack, also called strategic website compromise attack, is not generally wide-ranging, and the malicious actors do rely on luck to a certain degree, but by employing email to encourage people to visit malicious websites they can be effective.

The most basic type of watering hole attack would go for the most popular websites if the attackers are simply after financial profit. However, more sophisticated attackers will try to hit a specific industry through dedicated discussion boards, industry websites, conference websites, et cetera. This will enable them to gain information that could be of enormous value, for example in manipulating the markets in a particular industry.

Watering hole attacks are particularly difficult to detect because the malicious emails used to attract victims to websites can often be sent through the legitimate website’s servers, e.g., through automatic email notifications or newsletters. Furthermore, when such attacks are made, it is difficult to know they’ve happened, as there will be little evidence on the user’s system.

As with every type of malicious action on the Internet, the absolute key to protecting against watering hole attacks is to ensure that you have the best protection installed on your systems. Keeping everything up to date and ensuring that all relevant patches and updates are downloaded in a timely manner is essential. Furthermore, users should be looking for dynamic software protection that can examine websites in use and immediately warn users when threats are detected. As above, one of the primary mechanisms used in watering hole attacks is to use emails to try and lure users into visiting malicious sites.

To combat this, software can be installed that not only examines incoming emails for signs of suspicious behavior but that also checks if users click links in an email to see whether they are going somewhere undesirable. Finally, any chosen solution should have the capacity to offer users protection both within and outside their corporate network, otherwise they could import watering hole malware back into the company network through their devices.

7 thoughts on “Avoid the Watering Hole

  1. Rochell

    Hi there to every one, it’s truly a good for me to go to see this
    web site, it includes useful Information. adreamoftrains web hosting reviews web hosting providers

    August 11, 2020 at 9:40 pm Reply
  2. Leroy

    What’s up to every one, for the reason that I am genuinely keen of reading this webpage’s post to be
    updated regularly. It includes nice data. 2CSYEon cheap flights

    August 24, 2020 at 8:33 pm Reply
  3. Philomena

    This design is incredible! You definitely know how to
    keep a reader entertained. Between your wit and your videos, I was almost moved to start my own blog
    (well, almost…HaHa!) Excellent job. I really loved what you had to say,
    and more than that, how you presented it. Too cool!

    Feel free to surf to my webpage – best hosting

    August 25, 2020 at 9:08 am Reply
  4. Vince

    Excellent beat ! I would like to apprentice while you amend your site, how could
    i subscribe for a blog site? The account aided me a
    acceptable deal. I had been tiny bit acquainted of this your broadcast provided
    bright clear idea cheap flights y2yxvvfw

    August 25, 2020 at 11:10 am Reply
  5. Harley

    Pretty great post. I simply stumbled upon your blog and wanted to say that
    I have truly loved browsing your blog posts. After all I will be subscribing
    on your feed and I am hoping you write again very soon! cheap flights

    August 26, 2020 at 9:22 am Reply
  6. Pam

    hey there and thank you for your information – I have
    certainly picked up anything new from right here. I did however expertise a few technical issues using this web
    site, as I experienced to reload the web site lots of
    times previous to I could get it to load properly.
    I had been wondering if your web hosting is OK?
    Not that I am complaining, but sluggish loading instances times
    will sometimes affect your placement in google and can damage your high quality score
    if advertising and marketing with Adwords.

    Anyway I’m adding this RSS to my email and can look out for much more of your respective interesting content.
    Ensure that you update this again very soon.

    Also visit my site black mass

    August 28, 2020 at 5:41 am Reply
  7. Amy

    Every weekend i used to pay a visit this web hosting companies page, for the reason that
    i wish for enjoyment, for the reason that this this web page conations really
    fastidious funny data too.

    September 5, 2020 at 4:00 am Reply

Leave a Reply

Your email address will not be published. Required fields are marked *