‘Zero-day attack’ is a term used to describe the threat of an unknown security vulnerability in computer software or application for which a patch has not been released – or which the application developers were unaware of or did not have sufficient time to address.
The vulnerability is not known in advance and exploits often occur without the knowledge of the users. Here are a couple of recent instances:
- An attack on Microsoft Windows that affected large parts of Eastern Europe was identified by a group of researchers from ESET (a Slovakian internet security company) in June 2019.
- Last year, Google disclosed that some Android smartphones had recently become vulnerable to a serious zero-day exploit that the company thought it had patched for good almost two years ago. The flaw is now identified as CVE-2019-2215.
How harmful is a zero-day vulnerability?
A zero-day attack usually occurs between the time the vulnerability is first found and the time the application developers release the necessary solution to counter exploitation. This time period is termed the vulnerability window. ‘Zero-day’ refers to the fact that the developers have zero days (that is, no time) to fix the problem that has just been exposed. In fact, it has perhaps already been exploited by hackers.
Zero-day attacks are capable of devastating a network by exploiting the vulnerabilities of the apps. They are not always viruses; other malware forms such as Trojan horses or worms are also seen. For home computer users, a zero-day attack is extremely difficult to diagnose as the nature of the attack is through a trusted entity. Updating to the latest anti-malware software is recommended, though it can only provide minimal security against a zero-day attack.
Once a vulnerability becomes publicly known, the vendor has to work quickly to fix the issue to protect the users. But hackers often manage to exploit the security hole before the software vendor can release a patch.
What can be done to thwart zero-day attacks?
Security vulnerabilities create serious security risks, leaving everyone susceptible to zero-day attacks, which can result in potential damage to a computer or personal data. To stay safe, it is necessary to take proactive and reactive security measures.
The first line of defense is the proactive approach – using comprehensive security software that protects against both known and unknown threats. The second line of defense is the reactive approach – installing new software updates when they become available from the manufacturer to help reduce the risk of malware infection.
Software updates allow the installation of critical revisions to the software or operating system. This includes adding new features, removing outdated features, updating drivers, delivering bug fixes – and most importantly, fixing any security holes that have been discovered.
Refer to the following security checklist to keep your data protected from the risks associated with zero-day vulnerabilities:
- Ensure software and security patches are up to date by downloading the latest software releases and updates. Installing the latest security patches can fix any bugs that the previous version might have missed.
- Always configure security settings for the operating system, security software, and browser.
- Install effective security software to help block known and unknown threats to vulnerable applications.
- Maintain safe and effective personal online security habits.
“The knock-on effect of a data breach can be devastating for a company. But when customers start taking their business – and their money – elsewhere, that can be a real body blow.” – Christopher Graham, Information Commissioner
We provide custom made security solutions and services, to help businesses protect their ecosystems and ensure business continuity. Talk to a CRC expert now.