Zero-Day Attacks Explained | Blog | ThreatWarrior

Zero-Day Attacks Explained


Zero-day attacks… an almost-menacing, militant-sounding term.

Zero-day attacks (or zero-day exploits) are actually cyberattacks that take advantage of previously-unknown vulnerabilities in software. Zero-days are called so because the vulnerabilities are exploited before a patch is available, leaving developers zero days to fix the problem.

The Race is On

There is always a period of vulnerability when new technologies are released. If developers find the flaw first, they will often keep it quiet until they’ve created a patch to fix it.

However, security teams sometimes have to announce it publicly to help users avoid the issue (not opening an email attachment, not visiting a rogue website, etc.), or a user may be the first to find a vulnerability and post it on online forums, blogs, social media, etc.

If the latter is the case, the race is on. The vendor or security team will race to create a patch while the hackers will race to create malware and exploit the vulnerability before it’s closed. If the hackers prevail, that’s when a zero-day attack happens.

Once a patch is created to stop the cyber-bleed, the exploit is no longer a zero-day attack.

What Happens if the Hackers Win the Race?

Hackers who discover vulnerabilities in new software may keep it to themselves and capitalize on the security flaw. However, they may do something even more malicious – sell the malware to markets on the dark web that includes other hackers, crime syndicates, even foreign governments. Sellers have been known to fetch hundreds of thousands of dollars for their malware.

Purchasers, including governments, can then reverse engineer the exploit code to create a mutated version – a new cyberweapon that can be used to attack the original software that is not patched or similar software that is unprepared for an attack.

Are Zero-Day Attacks Common?

Unfortunately, they are becoming more and more prevalent.

According to Cybersecurity Ventures, “newly reported zero-day exploits will rise from one-per-week in 2015 to one-per-day by 2021.”

But in the more immediate future, expect to see more than ever zero-day vulnerabilities in commercial software – even from the big players like Adobe and Apple. Zero Day Initiative reports, “135 vulnerabilities were discovered in Adobe products during the first 11 months of 2016 and 76 in Microsoft products. Meanwhile, the number of zero-day flaws in Apple products doubled over the previous year, to 50 from 25.”

If the trends continue – and experts agree they will – we can only expect to see these numbers rise.

Examples of Zero-Day Attacks

Protecting Yourself from Zero-Day Attacks

  • Stay current on industry news – read relevant publications and websites to alert yourself to software vulnerabilities and the creation of patches to eliminate them.
  • Keep software and security patches up to date. This includes downloading the latest software releases and updates (yes, we know those reminders can be annoying, but more harm than good will come from ignoring them!), installing security patches, and fixing glitches in older software.
  • Establish personal security best practices for your at-home devices, and for employees who use company computers.
  • Create a fully-aligned security strategy; including implementing protocols and configuring settings for your operating system, internet browser and security software.
  • Install proactive and comprehensive security solutions that alert to vulnerabilities and detect threats from known and unknown sources.
  • Related Insights