You probably have a list of websites you access on a daily basis, either personally or for work; these might include email domains, internal portals, or your accounts with vendors. Over the course of a day, you likely access these services numerous times, resulting in anywhere from hundreds to thousands of interactions per year. You probably trust these websites, but it’s important not to let your guard down. Cyberattackers commonly ‘stake out’ a network ecosystem before attacking, and through observation, they may notice a vulnerability in a location that is accessed by numerous people in an organization. This can be the beginning of a watering hole attack, even if your computer isn’t infected.
In the cybersecurity field, we often focus on the technical causes and methods by which cyberattacks are carried out, new developments, and vulnerabilities that need to be addressed. However, that’s only half the battle when addressing (or preferably, preventing) a cyberattack.