Cyber security: Zero-day exploits

Zero-day is what the cyber security industry refers to as the time between a vulnerability being discovered and the software’s developers discovering it for themselves.

What is Zero-day? 

‘Zero-day’ describes newly found security issues which can be used by cybercriminals to attack your systems. 

The common phrases you’ll hear regarding the term are: 

• Zero-day vulnerability: A software vulnerability that has been discovered by attackers before the system owner is aware of it. This means an attack is likely and will be easy for the attacker

• Zero-day exploit: The method of exploitation of this vulnerability by hackers – the method used to attack a system with an unidentified weakness 

• Zero-day attack: The action of using the zero-day exploit – the actual attack from a hacker against a vulnerable system

Simply put, if there is a vulnerability, hackers can exploit it and then attack. 

The main threat of this is the lack of defense, most businesses will have security in place to defend themselves from cyber-attacks, but an unknown vulnerability means that there are no preventative measures in place. 

Are you at risk? 

Zero-day vulnarabilities can affect web browsers such as Chrome or Edge, operating systems, office applications or even your new fridge. 

It can happen to anyone, be it small or large businesses, people of interest, or even just people – it doesn’t have to be targeted. Anybody who is unlucky enough to have a zero-day vulnerability is at risk of attack.

The person who’ll use a zero-day exploit can vary too, the main group will be cybercriminals who look for financial gain through exploits.

Targeted attacks often have more reasoning behind them than simple financial gain. Corporations can use it for an advantage over competitors, groups that have been referred to as ‘hacktivists’ can pounce with political and/or social motivation. 

To generalise, the attacker will always have malicious intent and be aiming for some sort of gain.

It may seem worrying that anyone can be targeted, but the key takeaway is that it’s preventable.

How to detect and prevent

Unless you are a software developer, it’s not up to you to detect and plug this hole, but there are things you can do to limit its effectiveness on your own systems:

• Update your software. Once the developer discovers the vulnerabilty, they will release a patch to update your systems. Often this will require a manual update from youself so keep an eye out for these important updates
  
• Advanced Enpoint Security: In the past we’ve relied on virus signatures being loaded into the anti-virus software, but there are now more advanced measures to create a machine baseline which can then be used to detect suspicious activity
  
• Endpoint monitoring: The most important aspect of monitoring is the frequency of it. Implementing a patch management solution to ensure that you’re always up-to-date is recommended

For information on how to protect your business from scams and attacks, contact us and we’ll walk you through our industry-leading cyber security options.