Watering Hole

What is a Watering Hole Attack?

A Watering Hole Attack involves hackers tracking websites frequented by employees of a targeted business or other organization and planting malware on a vulnerable one of those sites. The malware infects the user simply with a visit to the site (no special action by the user is required), and then remains on the computer to allow a hacker access to sensitive information about the employee’s workplace.

How to Recognize This Threat: The threat is hard to recognize, as it does not change the user experience on any given website. The only method to identify this threat is a suite of strong network security tools.

How to Prevent This Threat: As with any malware threat, the first step is to keep all software up-to-date to take advantage of the latest security patches. But to recognize and prevent watering hole attacks, an organization will need strong intrusion prevention systems (IPS) and other network security features available through a firewall with a security services subscription. And it just so happens SonicWall and Sophos are both offering their top-tier firewalls free with a three-year subscription.