-
FIND ALL YOUR CYBER SECURITY ANSWERS ON OUR WIKI PAGE
The Cert2Connect wiki for a clear overview of terminology and the many abbreviations in the cyber, cloud and software security landscape.
“Watering Hole” Attack
“Watering Hole” Attack
A "Watering Hole" attack is a form of cyber-attack in which the attacker distributes malicious code or malware on websites likely to be visited by the intended victims. This approach focuses on infecting legitimate websites that are popular with a certain target group, so that when the targeted victims visit these websites, they are unknowingly infected with the malicious code.
The term "Watering Hole" Attack" refers to the concept of a predator loitering at a watering hole in the wilderness, where prey regularly come to drink. Similarly, an attacker targets websites that are frequently visited by the target they want to attack.Once a victim visits the infected website, the malware can be downloaded and spread on their system, which can lead to further compromise, data theft or other malicious activities.
The goal of a "Watering Hole" attack is often to steal sensitive information, such as login credentials, personal data or company information. It emphasizes the importance of vigilance when visiting even trusted websites and the importance of having up-to-date security measures to prevent such attacks.
Updated on 07 Aug, 2023