While many small and medium sized businesses feel their under the radar status helps protect them against cyber attacks, it really is a false sense of security. SMBs have no valid reason to skimp on their cyber security investment, and a new type of threat called a “watering hole” attack places these smaller firms squarely in the target of hackers and other nefarious internet activity. It is important for the IT admin staff for a SMB to learn about watering hole attacks and take steps to secure their company’s technology assets against this threat.
What is a Watering Hole Attack?
In its simplest definition, a watering hole attack is where a hacker places some form of malware on a smaller company’s website. The purpose isn’t to steal any secrets from this company — instead, the goal is to infect their customers through cross-site scripting or other techniques. This leads to the hacker gaining access to that customer’s important information or being able to damage their technical assets.
If a small business enjoys a customer base that includes many enterprise-level companies, these larger firms become attractive targets for a watering hole attack. Another form of this kind of cyber attack — called spear phishing — actually targets important individuals at larger companies with individually tailored emails containing a nefarious link. In short, watering hole attacks don’t target the SMB — they target their high-profile clients.
The damage to the SMB for a watering hole attack affects that company’s website in the form of downgraded Google rankings and potential search engine blacklisting. Of course, client relationships can become frayed and the overall reputation of the firm suffers as a result. This is a cyber security risk to take seriously.
IT Admin Steps to Prevent Watering Hole Attacks
SMBs need to invest in cyber security anyway, and if the added watering hole attack threat causes those companies to take note of their IT security assets, all the better. Still, there are specific steps IT admin personnel can take to help lessen the risk. First off, a quality web application firewall is a must for small and medium businesses; this prevents most malicious code injection.
Also, all web gateways need to be secure, which provides another layer preventing executable files in incoming web traffic. Purchasing a unified threat management solution offers this functionality as well as a measure of anti-virus protection. If the company’s website is hosted by another provider, make sure that web host takes cyber security seriously, using these tools.
The SMB isn’t immune to hackers that normally target larger enterprises. A smart business — whatever its size — needs to understand that watering hole attacks are a serious threat, taking the necessary steps to ensure their on-premise technical assets or those of their service provider are properly protected. The company’s reputation and ultimately its bottom line are at risk.