Until quite recently, phishing attacks were the primary means of infecting a target computer with malware. If a hacker could convince a person to click on a link in an email, the deed was done. Unfortunately for the hackers, users have been getting increasingly more savvy about safeguarding their emails and not clicking on links from untrusted sources. Unfortunately for the users, that means that the hackers have upped their game.
What is a Watering Hole Attack?
A Internet Watering Hole is just like what it sounds like it is. A place where lots of internet denizens come for a drink, or for a daily dose of digital goodness. Really, any site that gets a lot of traffic can be considered a Watering Hole. The idea here is to attack the Watering Hole site, set a trap, infect it, and then wait for visitors to show up.
By taking root in the site, the hackers can redirect links on the site so that they install malware, rather than taking the visitor to the page as the link would normally. The thing that is especially insidious about this form of attack is that by their natures, Watering Hole sites are trusted. Their URL’s aren’t blocked and they’re not on any sort of banned list, so of course, the malware slides right into the system. To a certain extent then, your level of protection is only as good as the protection on the sites you frequent, but there are a few things you can do to protect yourself.
Part of what makes the Watering Hole attack successful is the ability of the hackers to remote track user activity. To protect yourself or your employees, identify any and all remote tracking and simply disallow it.
Most browsers have plugins that can prevent a page from redirecting you to another page. In some cases, websites have perfectly legitimate reasons for using redirects, but given that this is the way that the malware functions, shutting down this capability will go far in protecting you.
This is perhaps the simplest, but also the most easily overlooked thing you can do to minimize your exposure. Security firms and hackers are finding security loopholes in browsers all the time. These weaknesses can be, and frequently are, exploited to initiate all sorts of attacks including of course, the installation of malware on a vulnerable system. The quickest and easiest way to minimize your exposure here is to enable automatic upgrades for your browser. A second thing you can do is steer clear of Internet Explorer, which seems to have relatively more security issues than other browsers.
Watering Hole attacks are but the latest in a long line of schemes that hackers have invented to try and gain control of user systems, either to mine them for data, or enslave them to make them part of a bot net so they can be used in Denial of Service or other forms of attack. It is a never ending battle, and you’ve got to keep your guard up.