Watering Hole Attacks

It involves directly attacking a target's internal network.

It focuses on gaining physical access to a target's premises.

It compromises a third-party website frequently visited by the target group.

It relies on sending mass phishing emails to all employees.

Distributing infected USB drives in the victim's parking lot.

Determining which third-party websites the victim group frequently uses.

Sending spear-phishing emails to high-value targets.

Brute-forcing administrator passwords on the target's main server.

Yes

No

They sent the malicious code via encrypted email attachments.

They used IP address matching to deliver malicious JavaScript files.

They physically installed the malware on the financial institutions' servers.

They exploited a zero-day vulnerability in the institutions' firewalls.

Implementing a single, powerful firewall.

Relying solely on up-to-date antivirus software.

Employing a layered defense approach, also known as defense-in-depth.

Strictly enforcing a "no external USB devices" policy.

Physical security guards at the office entrance.

Regular employee social engineering training.

Firewalls and Intrusion Prevention Systems (IPS).

Using only open-source software.