First of all we should know what is hacking. simply hacking is identifying the weaknesses of the computer system or a networks to exploit its weaknesses to gain access. So hacker can know about your personal unauthorized information which you might not want to reveal. Hackers are usually skilled computer programmers with knowledge of computer security.So knowing about some hacking methods is good for you safety. some examples for method of hacking is phishing, DDoS, clickjacking waterhole attack etc.
In this article i am going to talk about Waterhole attacks / Watering hole attack. what actually waterhole attack is? According to the wikipedia waterhole Attack is a computer attack strategy, in which the victim is a particular group organization, industry or a region. Further it says that In this attack, the attacker guesses or observes which websites the group often uses and infects one or more of them with malware. Eventually, some member of the targeted group becomes infected. The malware used in these attacks typically collects information on the user. Hacks looking for specific information may only attack users coming from a specific IP address. This also makes the hacks harder to detect and research. The name is derived from predators in the natural world, who wait for an opportunity to attack their prey near watering holes.
in todays world computers have become one of the major and the mandatory part to run a successful business, Organization industry etc. So because of this everything is exposing to the outside world and to the hacker as well. Therefore Waterhole attacks / Watering hole attacks is a good way to gain access to the unauthorized details. some examples for Waterhole attacks / Watering hole attacks are
2017 Ccleaner attack
From August to September 2017 the installation binary of Ccleaner distributed by the vendor's download servers included malware. Ccleaner is a popular tool used to clean potentially unwanted files from Windows computers, widely used by security-minded users. The distributed installer binaries were signed with the developer's certificate making it likely that an attacker compromised the development or build environment and used this to insert malware. (References wikipedia)
2012 US Council on Foreign Relations
In December 2012, the Council on Foreign Relations website was found to be infected with malware through a zero-day vulnerability in Microsoft's Internet Explorer. In this attack, the malware was only deployed to users using Internet Explorer set to English, Chinese, Japanese, Korean and Russian.(References wikipedia)
The most compelling defense option is to use a secure VM.Enterprises can run their Web browsers in virtual environments with limited connections to other production systems or use tools like the Invincea virtual containers to limit access to the local system. This would help compartmentalize the tools or systems used to access untrusted content to limit the risk of getting infected from an untrusted system. Another way is update software properly. Because Watering hole attacks often take advantage of zero-day exploits in software to gain access to an employee’s computer. Mitigate your company’s risk by updating software promptly, especially security patches. A good first line of defense is web content filtering, such as Bluecoat or Websense (now Forcepoint). When you limit Internet traffic to a list of sites that the industry has generally agreed are business critical, you really reduce the number of potential watering holes someone can attack from. So preventing is the most important thing. Make sure you are safe from every way.Thankyou!
No comments:
Post a Comment