How safe is your watering hole? Inside the jargon of cyber-security threat
Here at DeLaune and Associates, we are constantly writing about the steady rise of cyber-security threats. Our ears perk up when a major online retailer warns its users to change their passwords, or the local news says to refrain from using a specific browser. In our recent work with the IBM X-Force research and development team, we even learned that spam threats are alive and well—and that March 2014 marked the return of the highest levels of spam measured during the past two and half years.
Of course, every technology topic comes with its own bit of jargon, and cyber security definitely follows suit. Spam itself has been used for decades to refer to malicious email messages, designed to clog servers and insert malware into company networks. Spelling errors and silly subject lines make a lot of spam easy to avoid.
But what happens when you receive an email from what seems to be a legitimate entity? This kind of targeted attack is called spear phishing. Beyond the phishing emails in which an attacker randomly tries to get you to click on a phony website, spear phishing thrives on familiarity.
Spear phishing messages are likely to be personalized and include details from your web presence—whether it’s a recent online purchase you made, information from your social networking sites, or comments you made on an online forum. They use this pretext to get you to click on a malicious attachment, hyperlink, etc.
Another type of targeted attack is called a watering hole attack. In this case, the attacker has poisoned the watering hole, so to speak. Here’s how it works: the attackers identify popular websites that select groups of users visit on a regular basis—for example, employees at the same company who frequently visit popular media sites or online forums. The attacker then compromises the central site and uses it to serve malware. By following such an approach, attackers are able to target more technically savvy victims who don’t suspect the sites they visit regularly could potentially be malicious.
To learn how website administrators can protect against the latest attacks—and get more details on security trends and topics—check out the full range of IBM X-Force reports. It’s a good reminder to not get too complacent about security, since the attackers never will.
by Barbara Goutelon
Leave a Reply