Protecting Your Business From Watering Hole Attacks

What is a Watering Hole? 

A watering hole is a legitimate website that is hijacked by a hacker and infected with malware, without the knowledge of the site owner, in order to attempt to install it onto a victim’s device and gain access to the network at the target's workplace. This usually requires the user to perform a certain action, such as clicking on a link or downloading a file. 

Victims can range from individuals to entire organisations. Threat actors generally profile their targets to gain insight into what types of websites they frequent so that they can determine what sort of site would be a good base for an attack to lie in waiting.  

While watering hole attacks are uncommon, they pose a significant threat since they are very difficult to detect and usually target highly secure organisations through their business partners or vendors. These attacks may also breach several layers of security, making them extremely destructive. 

Preventing Watering Hole Attacks 

• Don’t allow personal use of company resources - Block access to websites that aren’t used for work, make sure employees aren’t using websites for personal communication  
• Train employees to recognise suspicious behaviour - Users may be lax about security with sites they frequent often, train employees to avoid suspicious links and not to bypass security warnings 
• Hide your online activities - Hackers plant malware on sites that you frequent regularly so to lower the risk of falling victim to a watering hole attack, hide your online activity using a Virtual Private Network (VPN) 
• Don’t add trusts to third-party sites - Some websites require additional permissions to run properly, don’t enable these permissions as they may allow a hacker to use the site to target you in the future 
• Make sure your software is up to date - Keep your software updated regularly to the latest version to make sure that the security holes are patched  

What Effect Can Watering Hole Attacks Have on businesses? 

Cybercriminals use this attack vector to infect users’ computers then gain access to a connected corporate network in order to steal personal information, intellectual property and unauthorised access to sensitive corporate systems. 

While watering hole attacks are rare, their success rate remains high due to the fact that they generally target legitimate websites that can’t be blacklisted. Threat actors also deploy zero-day exploits that antivirus scanners will not pick up, thus making watering hole attacks a significant threat to organisations and users that do not implement strong cyber security practices. 

If a business were to fall victim to an attack due to poor cyber security that would make consumers nervous about the vendors they use, meaning that customer satisfaction and trust would be considerably lower and that could seriously affect business rates if word got out that an organisation was not more cautious about their security.  

How Can Securiwiser Help Your Organisation?   

Securiwiser is a comprehensive monitoring tool that will evaluate your network for external and internal vulnerabilities to make sure that your data and devices are safe from hacks and breaches. With round the clock security and vulnerability assessments, you’ll know exactly what aspect of your security posture needs attention. You will also receive grades based on how well each part of your security is functioning. In case any suspicious activity is detected in your systems, you will receive a report with the details of the scan and be told where to get help should you need a third-party solution.