During a regular security scan of the network you find that several user laptops are infected with the same malware. After cross-referencing the laptop users with the reverse proxy logs you find that they all accessed a industry news website the day before. You believe your organization may have been specifically targeted for this malware. What type of attack would best describe this theory?
In a watering hole attack the attacker infects a website that is known to be commonly used by an organisation or industry. For example a specific industry news site to attack a business in that industry or the entire industry in general. With the knowledge that users frequent the website the attackers are able to target them with malware and if the attack is successful to install malicious software.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a watering hole attack?
Open an interactive chat with Bash
How is a watering hole attack different from phishing?
Open an interactive chat with Bash
What steps can be taken to mitigate the risk of watering hole attacks?