Watering hole attack
In this
attack attacker attack any organization, group not directly on the website, but
they target the one or more website that is used by the organization, and they
infect that with malware.
Take an
example: suppose employee of an IT organization use any local website to get
virus details, so the attacker target such website because attacking directly
organization website may not be easy, when employee of that organization use
that website, attacker perform activity which may harm the organization or they
may try to still data or personal information.
Attacker
identify one or more website used by you frequently
Once they
identify the website they try to find vulnerabilities or loop hole in those
websites.
They infect
the website with different types of attack they use virus, worm, Trojan or
scripting technique to infect the user.
Once the
user use the infected website, his details like user name, password, back
details, can be shared.
It may also
be possible that attacker find some vulnerabilities in the user’s computer and
target personal machine from that website, they may download Trojan on user’s
machine and run that to get more information about the user, or they can attack
by ransomware for money.
How we can protect ourselves from
such attack:
It’s really
difficult to find which website is vulnerable and how it can harm us, but a
good antivirus can protect us from such attack. So we suppose to use updated
antivirus antispyware in the machine,
Always use
trusted website, so that attacker should not take advantage of vulnerability.
Real time example of watering hole attack:
Montreal and
the UN: it was a Chinese-based hack and it was very serious attack which tried
to attack turkey agency.
In 2009
water hole attack happened on Google and few other company by ghost net attack.
In 2017 water attack take place on CCleaner, it is a
software used for windows to delete unwanted or junk files, many users got
infected by downloading this application which later deducted and company
released new version which was safe and secure.
No comments:
Post a Comment