Stay safe from Watering Hole cyberattacks

By Peter Lambert | August 5, 2019

1908_wateringholes_i916200122

In the past cybercriminals would directly attack businesses and individuals to steal money. As security has improved to make that difficult, the focus now for cybercrime is for Personally Identifiable Information (PII).

Our login credentials are used to farm other login credentials, and our personal information such as date of birth, tax file numbers and other important information is collected and used to steal our identities or is on-sold for cash.

The attraction for cybercriminals is that so much personal information is now often stored online, be it through social media or through government and healthcare services — and these are juicy targets for criminals.

One way these criminals steal data is through "watering hole" attacks.

What are watering hole attacks?

Watering hole attacks are used to distribute malware onto victims’ computers in a similar way phishing activities are conducted. Cybercriminals infect popular websites with malware and anyone who has had the misfortune to visit will have their computers automatically loaded with malware.

The malware used in these attacks usually collects the target’s personal information and sends it back to the hacker’s server. In extreme cases, the hacker will actively take control of the infected computer.

But how does a hacker choose which websites to hack? With internet tracking tools, hackers find out which websites companies and individual users visit the most. They then attempt to find vulnerabilities in those websites and embed them with malicious software.

With such highly skilled hackers these days, virtually any website can fall victim to a watering hole attack. In fact, even high-profile websites like Twitter, Microsoft, Facebook, and Apple were compromised in 2013.

Need help with 'cyber' terms? - 9 Cybersecurity terms you should know.

Protect yourself by following these 3 tips

Update your software
Watering hole attacks often exploit holes and vulnerabilities to infiltrate your computer, so by updating your software and browsers regularly, you can significantly reduce the risk of an attack. Make it a habit to check the software developer’s website for any security patches. Or better yet, hire a managed IT services provider to keep your system up to date.

Watch your network closely
Regularly conduct security checks using your network security tools to try and detect watering hole attacks. For example, intrusion prevention systems allow you to detect suspicious and malicious network activities. Meanwhile, bandwidth management software will enable you to observe user behaviour and detect abnormalities that could indicate an attack, such as large transfers of information or a high number of downloads.

Hide your online activities
Cybercriminals can create more effective watering hole attacks if they compromise websites only you and your employees frequent. As such, you should hide your online activities with a VPN and your browser’s private browsing feature. Also, block social media sites from your office network, as these are often used as share points of links to infected sites.

At the end of the day, the best protection is staying informed. As cyberthreats continue to evolve, you must always be vigilant and aware of the newest threats. Tune in to our blog to find out about the latest developments in security and to get more tips on how to keep your business safe.

Cybersecurity help is available.

Our Business Technology Managers (BTMs) and our Technology Consulting team are experts in putting together a plan to set you up with the best systems and policies to protect your data and privacy. If you need advice, give us a call on 1300 307 907 or contact us via the form below.

 

Contact us today

 

 Published with permission from TechAdvisory.org. Source.

TAGS: Tech Trends and Tips, Business Value, News and General, IT Security

About the Author
Peter Lambert

Marketing specialist and technical blogger @ Diamond IT - I have over 25 years of experience in Information & Communications systems. My range of skills is diverse and includes extensive experience in desktop solutions, server and network presales and administration, VOIP phone systems, journalism, creative writing, technical writing, digital videography and audio visual streaming. I hold a Certificate IV in Training and Assessment, and I am an experienced classroom trainer and course coordinator. I hold an Advanced Diploma in Network Security, a Diploma in Network Administration, and a Certificate IV in Networking. I am a Cisco Certified Network Associate (CCNA) and Microsoft Certified Solutions Associate (MCSA).