What is a Watering Hole attack?

What is a Watering Hole attack?

Attackers wanting to compromise government networks use a variety of attacks. One of the most effective is called a Watering Hole attack. The term comes from a hunting strategy. Hunters would wait by an animal’s water source (AKA watering hole)  instead of tracking the animal through the wilderness.

How do cyber criminals use this attack? Instead of targeting our network or machines directly, they find out where we go online during the day and attack those systems instead. Even if we secure the state network, will all the places we go online from work machines do as thorough a job? Ask yourself what website you go to from your workstation. Do you go to a local news site? Do you go to a local credit union or banking website? What vendor or partner websites do you go to?

What can I do to protect myself?

For work systems, the biggest key is to only go to the places you need to go to online. The fewer places we go online with our workstations, the fewer places the attackers can setup their Watering Hole attack.

  • Go only to websites that are necessary for your job
  • Avoid regional or small business websites if possible
  • Report unusual behavior on your workstation to the CTS Service Desk

Are their safe ways to access these sites?

  • Instead of checking the news when you get to work, watch the local news while getting ready for work or listen to it on the radio on your drive in.
  • Use your personal mobile device to check in with local websites.
  • Don’t do online banking from your workstation. Mobile device security is still a relatively new field so I wouldn’t suggest doing this from your mobile device either. Using your home machine or going into the local bank is the best option.