cybersecurity Glossary

What is Watering hole?

A watering hole is a term used to refer to a cyberattack in which the attacker spies on their victim near a system that they access on a regular basis and exploits this system to perform a malicious action.
In this scenario, an attacker could take control of a trusted web page visited by a company’s personnel and use this visit to infect their victim with malware or malicious software, opening the door to more advanced attacks against the victim or the organisation to which they belong.

A watering hole attack is highly effective and difficult to detect, so in addition to implementing security measures in the workplace, awareness is a key element in preventing the success of this type of attack.