A-Z Glossary of Information Security and Social Engineering Terms

Watering Hole Attack

Watering Hole Attack

The targeting of a website used by a specific group of users. For example, if an attacker wanted to attack an airline, they might insert malware into an aviation website, such as Pprune.org, which is a website frequented by airline staff. If, for example, the target inadvertently downloads credential harvesting software from this site, it could easily lead to an airline’s network being compromised. In 2017, the Polish Financial Supervision Authority’s website was infected with code which would trigger the download of malware onto the users’ computers. This malware was squarely targeted at those working in the Polish financial sector.

Got a question?

If you would like to make an enquiry about any of our services click the "Contact Us Now" button and fill in your details.