What’s
a Watering Hole Attack you ask? Hackers
can use either of two distinct tactics to compromise your computer and steal information
by trying to infect a popular web site or a Wi-Fi hot spot.
Everyone
that’s watched a nature film understands that in the wilds of Africa predators
hang around watering holes looking for weaker prey. When the prey wanders into reach, the
predator pounces. That’s the principle here but in this case, they want to
steal your information one way or another.
In
the first type of watering hole attack, hackers take advantage of the fact that
their victims often visit popular web sites like shopping sites,
community sites and business information sites. Then they exploit or “poison”
that location to achieve their objectives by embedding code that can infect weakly
protected computers that can then be used to send spam, steal critical
information from that PC or turn that computer into a zombie that will respond to remote commands for attacks on other computers or
networks. The malicious code on the
infected web sites frequently use vulnerabilities in web related programs that
enhance web and browser functionality like Java scripts, Acrobat Reader and
Flash Player which individual PC owners are notoriously lax at keeping up to
date. You browse to a seemingly harmless
looking web site and WHAM the site exploits an out of date version of one of
these modules and embeds the hackers code on your PC to do their bidding.
Another
type of Watering hole exploit tactic is to infect a Wi-Fi site so that users
that visit that location can be “listened to” or infected when they sign on. For instance, many large companies have a
local coffee shop, bar, or restaurant that is popular with company employees. Attackers will create fake wireless access
points for unsuspecting people to use in an attempt to get as much private
information as possible. Victims are
often more relaxed and unsuspecting because the targeted location is a public
or well known place. Have you ever
seen multiple open connections at a Starbucks, a McDonald's or at the
airport? These could be watering hole
Wi-Fi sites just waiting for you to stop by for a brief visit. That’s all it takes!
The
hackers can then sniff unprotected data from the data streams sent between their
unwitting victims and their intended remote hosts. You'd be surprised how much
data, even passwords, are still sent in clear text. This is a perfect spot for keyloggers to intercept
your sign-in information to private areas and send it to a “listening” device
for later use by someone else. They can even search through the
data on your PC without you noticing.
Want some simple advice? Make sure you keep ALL software components of your browser and operating system up-to-date at least weekly. Never sign into an unprotected Wi-Fi hot spot without checking it's authenticity with the location management first. Finally, keep your anti-virus/anti-malware software up-to-date DAILY!
Unsure
if your business notebooks and PC’s are properly prepared for either of these
hacker exploits? Give ACT Network
Solutions a call at (847) 639-7000 for a free consultation.
No comments:
Post a Comment