Question

What distinguishes a &#x27;watering hole&#x27; attack from other common malware distribution methods?

Accepted Answer

A &#x27;watering hole&#x27; attack is distinguished from other common malware distribution methods by its targeting strategy: instead of directly targeting individual victims, it infects a website that a specific group of people is known to visit regularly. Common malware distribution methods often involve mass emails with malicious attachments or links (phishing), drive-by downloads from compromised websites, or exploiting vulnerabilities in software used by a broad audience. A watering hole attack, however, focuses on identifying the websites frequented by a particular group, such as employees of a specific company or members of a certain organization. The attackers then compromise one of these websites, injecting malicious code that infects the computers of visitors. For instance, if a group of human rights activists regularly visits a particular news website, attackers might compromise that website to infect the activists&#x27; computers with spyware. The attackers are &#x27;lying in wait&#x27; at the watering hole (the website) for their intended victims to arrive.

Home → All Courses → Engineering and Technology Courses → Digital Literacy and Online Safety Certification → Flashcard

What distinguishes a 'watering hole' attack from other common malware distribution methods?