Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Watering Hole Attacks


Published on

Watering hole attacks are the latest threat to your organization's cyber security. View this Slideshare to learn how watering hole attacks work and what steps you can take to protect yourself and your organization.

Published in: Technology
  • Be the first to comment

Watering Hole Attacks

  1. 1. CYBER SECURITY 201: WATERING HOLE ATTACKS Brought to you by
  2. 2. Cyber criminals are seeing fewer results from spear phishing attacks because users are getting smarter about email
  3. 3. Instead of chasing their prey, these cyber criminals set a trap and wait for the prey to come to them See how it works >
  4. 4. Attackers target an organization1 2 3 4 Use tracking tools to find sites employees use Plant malware on these sites Identify vulnerabilities 5 Exploit is delivered to the target machine HOW IT WORKS 5 Access targeted information
  5. 5. FIND TARGET   Cybercriminals identify a target organization, but may not be able to attack head-on due to hardened security. ? STEP 1
  6. 6. ! FIND THE SITES THEY USE These attackers use common internet tracking tools like AddThis and KISSMetrics to identify sites frequently visited by employees of their target company STEP 2
  7. 7. PLANT MALWARE Then, they plant malware on these sites and wait for users to visit. STEP 3
  8. 8. 1 IDENTIFY VULNERABILITIES Malicious content scans user machines for exploitable vulnerabilities like outdated anti-virus and browsers. The user’s computer phones home to the attacker with vulnerabilities. STEP 4
  9. 9. 1 EXPLOIT EXPLOIT DELIVERED The exploit is delivered to the target machine. STEP 5
  10. 10. ACCESS TARGET INFORMATION   Steal intellectual property or gain access to sensitive information Insert malware into the source code of a company like Apple or Facebook Steal financial data to commit fraud or sell the information to criminals STEP 6
  11. 11. Third party web analytics and tracking services know which websites people visit and which links they click Legitimate websites are used effectively to deliver malware because they aren’t blacklisted Zero day vulnerabilities, undetectable by anti-virus, are exploited by sophisticated and well-funded criminals such as the Elderwood group WHY IT WORKS
  12. 12. Identify and block the tracking services that are monitoring the activity of your employees PROTECTION TIP 1
  13. 13. Use browser plug-ins that block HTTP redirects PROTECTION TIP 2
  14. 14. Enable automatic updates for web browsers PROTECTION TIP 3
  15. 15. Maintain visibility over all tracking services in use to identify and block new services PROTECTION TIP 4
  16. 16. GET MORE DETAILS & TIPS Download the 4-Step Guide to Cloud Data Security to learn about the new attack vectors & how to protect your company Brought to you by ! DOWNLOAD THE GUIDE