Watering hole attacks are the latest threat to your organization's cyber security. View this Slideshare to learn how watering hole attacks work and what steps you can take to protect yourself and your organization.
2. Cyber criminals are seeing fewer results
from spear phishing attacks because
users are getting smarter about email
3. Instead of chasing their prey, these
cyber criminals set a trap and wait for
the prey to come to them
See how it works >
4. Attackers target an organization1
2
3
4
Use tracking tools to find sites employees use
Plant malware on these sites
Identify vulnerabilities
5 Exploit is delivered to the target machine
HOW IT WORKS
5 Access targeted information
5. FIND TARGET
Cybercriminals identify a target organization, but
may not be able to attack head-on due to
hardened security.
?
STEP 1
6. !
FIND THE SITES THEY USE
These attackers use common internet tracking tools like
AddThis and KISSMetrics to identify sites frequently
visited by employees of their target company
STEP 2
8. 1
IDENTIFY VULNERABILITIES
Malicious content scans user machines for
exploitable vulnerabilities like outdated anti-virus
and browsers. The user’s computer phones home to
the attacker with vulnerabilities.
STEP 4
10. ACCESS TARGET INFORMATION
Steal intellectual property or gain
access to sensitive information
Insert malware into the source code of
a company like Apple or Facebook
Steal financial data to commit fraud
or sell the information to criminals
STEP 6
11. Third party web analytics and tracking services know
which websites people visit and which links they click
Legitimate websites are used effectively to deliver
malware because they aren’t blacklisted
Zero day vulnerabilities, undetectable by anti-virus,
are exploited by sophisticated and well-funded
criminals such as the Elderwood group
WHY IT WORKS
12. Identify and block the tracking services that are
monitoring the activity of your employees
PROTECTION TIP 1
15. Maintain visibility over all tracking services in use to
identify and block new services
PROTECTION TIP 4
16. GET MORE DETAILS & TIPS
Download the 4-Step Guide to
Cloud Data Security to learn about
the new attack vectors & how to
protect your company
http://bit.ly/4StepGuide
Brought to you by !
DOWNLOAD THE GUIDE