Watering Hole Attack Definition

Definition

A watering hole attack occurs when the attacker targets websites that organizational employees visit frequently and infects them with malware.

2021: The Johns Hopkins Centre for Systems Science and Engineering’s ‘Live Coronavirus Data Map’ was used to spread malware across the country.
2019: Hackers concealed malware as an Adobe Flash update that targeted Asian charitable and religious organizations.
2017: A nationwide watering hole attack in China through Microsoft occurred from late 2017 to March 2018.
2016: The International Civil Aviation Organization in Canada spread malware that infected the United Nations network.
2015: A China-based cyberespionage group attacked the Forbes website.
2013: Hackers breached the U.S. Department of Labor to collect data on users researching nuclear-related material.
2012: The U.S. Council of Foreign Relations was infected with malware through a vulnerability in the Microsoft Internet Explorer, affecting millions of users countrywide.