A watering hole attack is an attempt to compromise a target organisation or individual by first compromising a website or online resource that they are known or suspected to use (their "watering hole"). In this way the attacker may hope to gain access to a well defended target, for example a defence contractor, though one of its less secure suppliers.