During a regular security scan of the network, you find that several user laptops are infected with the same malware. After cross-referencing the laptop users with the reverse proxy logs, you find that they all accessed an industry news website the day before. You believe your organization may have been specifically targeted. What type of attack best describes this scenario?
A watering hole is a targeted cyberattack where an attacker compromises a legitimate website that members of a specific organization or industry are known to visit. By infecting the site with malware, the attackers can then infect the systems of their intended targets when they browse the site. This method leverages the trust users have in a familiar website to deliver the malicious payload.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a watering hole attack?
Open an interactive chat with Bash
How do attackers typically choose websites for a watering hole attack?
Open an interactive chat with Bash
What preventative measures can organizations take to minimize the risks of watering hole attacks?