How Good are Chatbots now?
Following the recent story about how a Google Bot was reported to have said things that a sentient being may say, we take a brief look at how good chatbots are now.
In this tech insight, we look at what a watering hole attack is, some examples of such attacks, and how businesses can defend against this threat.
A watering hole attack is a targeted, ‘supply chain,’ cyber-attack strategy, similar to spear phishing. With this strategy, the attacker identifies a website that’s frequented by users of a targeted organisation, or entire sector. The attacker then infects the website(s) with malware and identifies weaknesses in the main target’s cyber-security. The attacker then manipulates the ‘watering hole’ site to deliver that malware, such as a Remote Access Trojan (RAT), so that it can exploit these weaknesses.
When a member of the target organisation’s device becomes infected (like drinking from a poisoned watering hole, hence the name) in a way that the target will not notice (also known as ‘drive by’), the attacker can then gain access to the infected device. This can, in turn, enable the attacker to access the target organisation’s network
The goal(s) of this strategy, as with other strategies is/are to steal personal information, banking details, and intellectual property, and/or to conduct espionage. Also, it can enable the attacker to access corporate systems and assets, and potentially gain further details for even more cyber-attacks.
Examples of watering hole attacks include:
Ways that you can protect your business from watering hole attacks include:
This is broadly a supply-chain related attack (web resources) where instead of actively hacking or sending phishing emails, the criminals set traps for unsuspecting victims to walk into. In this respect, it is less obvious for businesses to spot. The first step is recognising and raising awareness of the threat. Following normal security good practice is always helpful plus some additional measures in this case such as identifying, regularly inspecting and monitoring websites that are most visited by employees and focusing on what additional malware protection can be added to employees’ browsers and devices. With an increasing number of more complex and inventive attack methods, many businesses are shifting to a complete ‘Zero Trust’ approach for their IT security. A more a data-centred rather than ‘moat and castle’ view of IT security gives companies greater holistic control and reduces the potential for the kind of gaps that cyber criminals can exploit with strategies like watering hole attacks.
Following the recent story about how a Google Bot was reported to have said things that a sentient being may say, we take a brief look at how good chatbots are now.
Microsoft has announced the retirement of its famous Internet Explorer browser which is now officially out of support as of June 15, 2022 for certain versions of Windows 10.
In this insight, we take a look at Shopify, what it offers, and how it has grown to become a major e-commerce platform.