Just when you think you’ve wrapped your head around how to best protect your computers, servers, and networks from phishing attacks, cybercriminals have developed a new, more sophisticated and effective, method to penetrate your systems. This new way of spreading malware and stealing personal or proprietary information is known as a watering hole attack. Unlike phishing, which relies on a user to interact with a malicious email, a watering hole attack works by infecting websites with malware which is then automatically passed on to any computer that visits the site without warning.
Yes. You read that right. Your computer can be infected just by visiting an unsuspecting website. And once a single device is infected, it not only collects that individual’s information and sends it back to the hacker’s server, but it then also has the potential to infiltrate any network to which the computer is connected. As you can imagine, that can quickly lead to devastating results for an entire organization, especially if the cybercriminals install ransomware, which threatens to block access to any accessed data perpetually.
And while these watering hole attacks are certainly nefarious, and knowing which sites are infected is nearly impossible, here are a few steps you can take to protect your devices and network.
- Make sure your software and browsers remain up to date.
- Keep vigilant watch over your network activity to detect malicious actions and bandwidth abnormalities as soon as they start.
- If there are specific websites that you and your employees frequent, hackers can watch your browsing behavior and then work to infect those sites to target your business. Hiding online activities through the use of VPNs and private browsing sessions can help mitigate your vulnerability.
- Have a disaster recovery plan in place that ensures your critical business data is easily recovered in the event that your network is infected with ransomware or another crypto virus.
And if these steps seem like more than your business is prepared to undertake alone, don’t panic. You have a partner in ATB – we offer a variety of IT consulting and support services that can help you prevent a watering hole attack and the initial consultation is always free. Find out today how we can help!