October 12, 2012 1 Comment-
Just when we’re getting accustomed to the terms malware, phishing and DDoS, someone, somewhere creates an even more obscure internet security term: the “watering hole”. But what does it mean – and how big a threat is it?
On the web, a “watering hole” has the same meaning as in the real world – a place where creatures come together in order to acquire resources from that location. In the desert, it’s water, on the internet: Information.
And just like in the physical space, if you poison the watering hole, people who visit it will get sick.
In internet security terms, a “watering hole” is a place where criminals place malware to infect specific, targeted audiences. For example, a forum about online finance might be a target for malware that steals bank details, or a gaming site might accidentally host password-stealing viruses.
A pretty big watering hole was recently discovered at the website of chain restaurant Wagamama. An exploited vulnerability in the site’s hosting meant that a virus could be installed directly onto part of the website, waiting to infect users computers.
Luckily for Wagamama, the infected area was not customer-facing, but if the exploit had found its target, literally hundreds of thousands of visitors could have been infected with malware.
Another example was betting website BlueSquare, where a “Tips and Tricks” link on the main navigation was hacked to point to an infected Scottish cooking blog. Strange? Yes. Dangerous? Definitely.
The real problem for us users is that we have no way of knowing that these sites – which should be trustworthy – are infected before we visit them.
The only solution is for you to ensure that your virus protection is up-to-date, and for us to encourage companies to take their web security very, very seriously.
Made up of various contributors' opinions and insights - the power of the collective.
Norman Safeground Blogs Archive