Watering Hole Attacks
-
Upload
skyhigh-networks-cloud-security-software -
Category
Technology
-
view
2.187 -
download
0
description
Transcript of Watering Hole Attacks
CYBER SECURITY 201:
WATERING HOLE ATTACKS
Brought to you by
Cyber criminals are seeing fewer results from spear phishing attacks because users are getting smarter about email
Instead of chasing their prey, these cyber criminals set a trap and wait for the prey to come to them
See how it works >
Attackers target an organization 1
2
3
4
Use tracking tools to find sites employees use
Plant malware on these sites
Identify vulnerabilities
5 Exploit is delivered to the target machine
HOW IT WORKS
5 Access targeted information
FIND TARGET Cybercriminals identify a target organization, but may not be able to attack head-on due to hardened security.
?
STEP 1
!
FIND THE SITES THEY USE These attackers use common internet tracking tools like AddThis and KISSMetrics to identify sites frequently visited by employees of their target company
STEP 2
PLANT MALWARE Then, they plant malware on these sites and wait for users to visit.
STEP 3
1 IDENTIFY VULNERABILITIES Malicious content scans user machines for exploitable vulnerabilities like outdated anti-virus and browsers. The user’s computer phones home to the attacker with vulnerabilities.
STEP 4
1
EXPLOIT
EXPLOIT DELIVERED The exploit is delivered to the target machine.
STEP 5
ACCESS TARGET INFORMATION
Steal intellectual property or gain access to sensitive information
Insert malware into the source code of a company like Apple or Facebook
Steal financial data to commit fraud or sell the information to criminals
STEP 6
Third party web analytics and tracking services know which websites people visit and which links they click
Legitimate websites are used effectively to deliver malware because they aren’t blacklisted
Zero day vulnerabilities, undetectable by anti-virus, are exploited by sophisticated and well-funded criminals such as the Elderwood group
WHY IT WORKS
Identify and block the tracking services that are monitoring the activity of your employees
PROTECTION TIP 1
Use browser plug-ins that block HTTP redirects
PROTECTION TIP 2
Enable automatic updates for web browsers
PROTECTION TIP 3
Maintain visibility over all tracking services in use to identify and block new services
PROTECTION TIP 4
GET MORE DETAILS & TIPS
Download the 4-Step Guide to Cloud Data Security to learn about the new attack vectors & how to protect your company http://bit.ly/4StepGuide
Brought to you by !
DOWNLOAD THE GUIDE