A zero day vulnerability is a flaw, it is “an unknown exploit in the wild that exposes a vulnerability in software or hardware” (fireeye). The name refers to the fact that developers have zero days to fix the problem that has just arisen which may lead to hackers exploiting the vulnerability before a patch has been released.
A zero day attack occurs once a software vulnerability has been exploited and the attacker has released malware before developers are able to create a patch to fix the vulnerability. Here is a step by step breakdown of what causes a zero day attack:
As of today, there are no patches or antivirus signatures available that can aid in zero day vulnerability detection. Therefore, it is important for your company to do the best they can to protect themselves against one.
In order to keep your organization’s computer systems and data safe, it is imperative that your organization is proactive and reactive. Being proactive means to have antivirus software on your systems to detect and remove any viruses. Whereas reactive would be to consistently make sure that your software is up to date whenever a new update is available. This would reduce the risk of the hacker to exploit any vulnerabilities found in the software.
Performing a vulnerability scan may aid in finding new vulnerabilities that could have been introduced after a software update.
The following lists what an an organization can do to protect their data against zero day vulnerabilities:
The following lists the common targets for a zero day attack:
These are some well known zero day attacks:
This YouTube video gives a better explanation of what Stuxnet, as briefly discussed above is about.
Targeted Zero Day Attacks
These types of attacks are targeted towards large institutions, government or public institutions, and senior employees who have privileged access to confidential data and systems.
Non-Targeted Zero Day Attacks
Non-Targeted Zero attacks are aimed towards a large group of users who are using a vulnerable system (i.e. browser or operating system). The hacker’s goal with this type of attack is to compromise a large group in order to use them to build botnets.
Unfortunately, zero day vulnerabilities still exist today and a current example is another zero day exploit found on the Google Chrome browser. According to TheHackerNews, “successful exploitation of the flaw could mean corruption of valid data, leading to a crash, and even execution of unauthorized code or commands” (TheHackerNews). Chrome users have been informed to update to the latest version. Therefore it is important for individuals to be educated and understand what can be done to protect against zero day vulnerabilities.
Reading security news like The Hacker News or of course, the security guides on HackerNoon would be beneficial as that is where you can find up-to-date cybersecurity information.
Keep up with all the latest in cybersecurity! Subscribe to our newsletter in the footer below.