A watering hole attack is a three step process hackers or attackers use when targeting a specific group, organization, region, or industry. The first step involves observing websites often utilized by members of the group (sometimes this requires making educated guesses). The second step is to infect one or more of the computers used by members of target groups. The third step involves playing the waiting game.
Eventually, one of the target group member’s computers will become infected. Once this happens, it’s only a matter of time before the infected workstation provides access to the internal networks of the company.
According to Infoworld, this nasty little bug has already hit a few high-profile, tech-savvy companies. Among them are big names you know like Twitter, Facebook, Apple, and Microsoft.
What are Waterhole Attacks So Devastating?
Symantec created a great infograph that explains the process – comparing the final step to a lion lying in wait at the watering hole of its prey. This patience, in this particular attack is very much like a jungle beast stalking prey and the consequences can be truly devastating for small businesses as they provide not only access to business secrets, plans, and more, but also to customer records and financial data.
How to Defend Your Small Business Against Waterhole Attacks?
The thing that makes waterhole attacks so difficult to catch or prevent is the fact that they bypass traditional security measures businesses take. Small businesses do not have the same resources that larger businesses have access to, such as full-time IT departments. What can you do that will help you defend your business from the potential devastation of a waterhole attack?
1) Educate employees about waterhole attacks, how they are conducted, and the damage they can do. As part of a cyber security plan, this makes employees more aware and urges caution while surfing the World Wide Web.
2) Monitor the sites employees frequent. Pay close attention sites that offer wide appeal to employees and monitor those sites for security problems on a regular basis. If security risks arise, block access to those sites for employees.
3) Invest in cyber liability insurance for your business. While it will not prevent waterhole attacks from taking place, it does provide critical liability protection coverage for your business if an attack takes place that compromises employee or customer data.
4) Make the move to a virtual machine. A virtual machine offers small businesses the ability to limit access to critical information rendering attacks such as these to mere inconveniences rather than full-blown emergencies in many cases.
So much of the focus, when it comes to Internet and business computer security, is on other areas of attack. Waterhole attacks provide a different avenue of attack that is often difficult to defend against. Malware, viruses, hacks, data breaches, phishing, and attacks like these are the very reasons businesses today cannot afford to be without cyber liability insurance.