{"id":7944,"date":"2022-02-15T10:18:42","date_gmt":"2022-02-15T10:18:42","guid":{"rendered":"https:\/\/cybersmart.com\/?p=7944"},"modified":"2022-02-15T10:18:42","modified_gmt":"2022-02-15T10:18:42","slug":"what-is-a-zero-day-attack","status":"publish","type":"post","link":"https:\/\/cybersmart.com\/blog\/what-is-a-zero-day-attack\/","title":{"rendered":"What is a zero-day attack?"},"content":{"rendered":"
Provided you\u2019ve read any cybersecurity story in the media recently, you\u2019ve probably come across the phrase \u2018zero-day attack\u2019 before. It\u2019s often dropped into reports by journalists with little explanation of what it means or why you should worry about it. So, in the interest of clearing up some confusion, here\u2019s everything you need to know.\u00a0<\/span><\/p>\n Usually, software companies and developers will periodically fix flaws in their products. However, there are some rare instances where this doesn\u2019t happen and a flaw goes unnoticed. <\/span> All software, no matter how robust initially, develops vulnerabilities over time. It could be that the software was built with vulnerabilities that weren\u2019t anticipated at the time or it might be that a new cyber threat has emerged since it was created.<\/span> This can go on for as long as the vulnerability remains undetected; sometimes days or even months. What\u2019s more, even when the flaw has been fixed and an update released, it may take some time before every user updates their device. After all, an update is only as good as the number of users who download it.\u00a0<\/span><\/p>\n A zero-day attack is particularly dangerous because the only people who know about it are the cybercriminals themselves. This allows them to pick their moment, either attacking instantly or biding their time.<\/p>\n Because vulnerabilities come in many shapes and sizes from problems with password security to broken algorithms, they can be very hard to detect. Often, a business won\u2019t know there\u2019s anything wrong until the vulnerability has been identified. <\/span> Incidents involving zero-day vulnerabilities are more common than you might think. Only days ago (early Feb 2022), it was revealed that <\/span>three critical flaws in the code for a WordPress plugin threatened 30,000 websites worldwide<\/span><\/a>. Fortunately, on this occasion, WordPress appear to have got there before the bad guys, but there are plenty of examples when businesses weren\u2019t so lucky.<\/span> In this instance, hackers found <\/span>a vulnerability in the popular video conferencing platform Zoom<\/span><\/a>. It allowed cybercriminals to remotely take over the computer of anyone using Zoom and running an older version of Windows.<\/span><\/p>\n In a horribly alarming twist, this attack used a vulnerability in <\/span>Microsoft Word to steal users banking login data. <\/span><\/a>\u00a0Users who opened seemingly normal Microsoft Word documents unwittingly installed malware on their device that was able to collect banking login credentials.\u00a0<\/span><\/p>\n Apple is generally famous for its impregnable security (remember the old myth that Apple Macs couldn\u2019t get viruses?). However, in 2020, hackers did <\/i>discover a vulnerability in its iOS mobile operating system. This flaw allowed cybercriminals to remotely access and control unlucky users iPhones.<\/p>\n The easiest way to protect your business against zero-day attacks is to regularly <\/span>patch your software and operating systems<\/span><\/a>. It shouldn\u2019t take you more than a couple of minutes each month. All it requires is that you check now and then for any new updates to tools and software you use. Or, if you want an even easier solution, simply turn on auto-updates in your device\u2019s settings, and you won\u2019t even have to think about it.<\/span><\/p>\n Firewalls<\/span><\/a> and <\/span>anti-malware<\/span><\/a> tools are the first line of defence for most cybersecurity threats and zero-day attacks are no different. Good firewalls and anti-malware can thwart some zero-day attacks the minute they enter your system.\u00a0<\/span><\/p>\n Most businesses already do this to some extent, software costs money after all. However, when it comes to protecting your business against zero-day threats a simple maxim applies: the less software you have, the smaller the number of potential vulnerabilities. So try to use only the software and tools your business really needs.\u00a0<\/span><\/p>\n Most zero-day attacks capitalise on human error in some way. So educating your employees on good security practices and habits can help reduce the risk of a successful zero-day attack. For more on how to go about this, check out our blog on <\/span>security training<\/span><\/a>.\u00a0<\/span><\/p>\n Protecting your business on a budget is tricky. Calling in the experts or investing in the latest tools is expensive. So what can you do? CyberSmart Active Protect secures your business around the clock with no need for costly consultants, tools or an in-house team. Try it today<\/a>.<\/span><\/p>\n <\/p>\nWhat does \u2018zero-day\u2019 mean?<\/b><\/h3>\n
\n<\/span>
\n<\/span>The term \u2018zero-day\u2019 refers to those security vulnerabilities that fall through the cracks. It\u2019s neat shorthand for developers having only just discovered the flaw and limited time (zero days) to fix it. <\/span>
\n<\/span>
\n<\/span>A zero-day attack happens when the bad guys get there first and hackers exploit the flaw before the developers discover it.\u00a0<\/span><\/p>\nHow do zero-day attacks work?\u00a0<\/b><\/h3>\n
\n<\/span>
\n<\/span>Whatever the reason, the fix is usually simple. Developers create a <\/span>patch<\/span><\/a>, release it in an update to users, and the vulnerability is dealt with. Think of it as being a bit like your mum fixing your school trousers after you fell over in the playground for the umpteenth time. <\/span>
\n<\/span>
\n<\/span>Unfortunately, this doesn\u2019t always happen and hackers get there first. And, as long as the vulnerability goes undetected, cybercriminals can write and implement code to exploit it. This could allow them to steal confidential data, <\/span>launch social engineering attacks<\/span><\/a>,<\/b> or even release malware onto users computers.\u00a0<\/span><\/p>\nHow do you know when a zero-day attack has happened?<\/b><\/h3>\n
\n<\/span>
\n<\/span>Nevertheless, there are some telltale signs. You might see sudden surges in unexpected traffic, odd behaviour from software you\u2019re using, or suspicious scanning activity.\u00a0<\/span><\/p>\nAre there any famous examples?<\/b><\/h3>\n
\n<\/span><\/b><\/p>\nZoom, 2020<\/strong><\/h4>\n
Microsoft Word, 2017<\/b><\/h4>\n
Apple iOS, 2020<\/b><\/h4>\n
What can you do to protect your business?<\/b>
\n<\/b><\/h3>\nUpdate your software regularly<\/b>
\n<\/b><\/h4>\nUse a firewall and anti-malware<\/b><\/h4>\n
Limit the number of applications you use<\/b><\/h4>\n
Educate your team\u00a0<\/b><\/h4>\n