Watering Hole Attacks Named Top Cyber Threat for 2022: Here’s What You Should Know

Most of us are familiar with the common cyber attacks that are launched every day. We’re wary of unfamiliar emails and texts to avoid phishing attacks, and we keep our software up to date to prevent malware.  

Cyber crime is always evolving as bad actors seek new ways to trick users and overtake your email, identity, network, and more. There have a been several large-scale cyber attacks highlighted in the news recently. However, amid all the ransomware and phishing reports, many business owners may not be familiar with the recent uptick in watering hole attacks.  

A watering hole attack isn’t new, but this type of cyber event is a growing concern. It was recently reported that a software tool claiming it could remove the Ethereum mining limiter on Nvidia’s RTW 3000 graphics cards was really a vehicle for malware and a likely watering hole attack.   

Although these may be as well known as ransomware, Forbes listed watering hole attacks in their top security threats of 2022. While most cyber attacks rely on human error, these types of attacks begin with a simple visit to a legitimate website.  

Here’s what you need to know: 

What is a watering hole attack? 

In a watering hole attack, “the attacker compromises a site likely to be visited by a particular target group, rather than attacking the target group directly”. 

The name is just like the type of attack you’d seen in the animal kingdom. A crocodile will lurk below the surface of a watering hole where they know their prey will gather to drink and then attack when their prey is least expecting it.  

In a cyber watering hole attack, the bad actor will use a legitimate website where they know a certain crowd will congregate online. To carry out the attack, hackers “exploit software flaws on the victims’ devices, often a chain of vulnerabilities that begins with a browser bug. This gives the attackers the access they need to install spyware or other malicious software.” 

These types of attacks profile individuals to see what types of websites and applications they’re using. They may target a group of people with common interests, those who work within a certain industry, and even specifically target law enforcement forums.  

In these attacks, it’s not always necessary for the victim to interact with the website or click a link. Simply visiting a legitimate website can do the trick. This can be used to target and surveil a certain community by installing a surveillance implant on their device, including phones.  

How do you prevent a watering hole attack? 

While many people communicate online daily, it’s important to be mindful of what you’re talking about in social networks. These attacks establish trust within a community to gain sensitive information or convince members to take a particular action.  

You can help prevent these attacks by: 

1. Remaining wary of all requests for information: Even if this comes from a group you trust, it’s always best to question any requests for information or any request that you take a certain action. Could there be an ulterior motive? This could come in the form of forum questions, online surveys, conversation starters, etc. This information could later be used for social engineering purposes or surveillance. 

2. Completing all updates as soon as they’re available: This goes for both software and hardware updates. These updates address security holes that have been discovered and fix or remove any identified bugs.  

3. Conducting regular security assessments: Security assessments, including business impact assessments, risk assessments, and penetration testing, offer a constructive look at your current security standings and provide critical data to help you better protect your business moving forward.  

4. Enabling MFA across all network endpoints: This simple security enhancement requires that users present two forms of credentials to access their network, account, or device, rather than a single password. It’s been reported that this can help prevent 99.9% of attacks.  

5. Implement a Zero Trust security model: This approach is based on the principle of “never trust, always verify.” This eliminates all implicit trust within your network and requires continuous validating at every step, no matter the user. 

Next Steps: Stay Vigilant Against the Latest Cyber Threats 

The best way to protect your business is to stay current on the latest cyber threats. With the pace in which these evolve, this is no easy feat.  

Cyber attacks have been increasing in volume and severity for several reasons recently and every business needs to be prepared. With the right security settings, tools, and practices, you can drastically reduce your exposure.  

To learn more about protecting your business, contact our Cyber Team today.  

Visit https://www.arrayasolutions.com//contact-us/ to connect with our team now.     

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.