Written by Emma Mouncey
University of Portsmouth
What is a Zero-Day threat?
Put simply, Zero-day threats are unknown vulnerabilities within software that developers have had ‘zero-days’ to fix. These have either been found on the same day as, or after hackers have discovered them. This situation is dangerous for your business as once a threat is discovered patches take time to create and implement. This opens a window of opportunity for cyber criminals to attack these vulnerabilities in order to exploit your business. Most vulnerabilities are errors in code and as such are difficult to detect until it begins to be exploited. Although there is a pressure for vendors to keep quickly creating patches, your business can help reduce its chance of exploitation. Importantly, this starts with educating on the topic…
How can Zero-day threats affect my business?
These zero-day attacks can result in data theft and bugging into your business system if it contains the vulnerability. Here are some of the effects a zero-day threat can have on your business:
- The businesses identity could be stolen in order to complete a phishing scam
- The exploitation could be sold so others can also infiltrate your system
- Your customer data could be threatened and potentially breached
- Bugs could be placed onto your network
- Attackers could sit inside your system and wait to attack
What can be attacked?
Anything with a vulnerability including:
- Internet of Things Devices
- Web browsers
- Operating systems
- Digital printers!
How to protect your business:
Here are some examples of things you can do:
- Keep all systems up to date – Once updated ensure systems are also restarted so that patches are correctly implemented.
- Educate employees – Human error increases the probability of downloading malware.
- Reduce exposure – Do not obtain unnecessary devices. This includes old devices that cannot be kept up to date which will increase the likelihood of being attacked.
- Take a proactive approach – Search for weak points within your network and implement endpoint protection. Endpoint protection is used to prevent file-based malware attacks while also detecting malicious activity.
- Use Antivirus – Must be effective at detecting malware that is active on a system. This detects malicious code and either destroys or quarantines it to prevent harm to your device.
- Use a firewall – Increases protection by filtering what can and cannot enter a network.
Why should I act quickly?
Once a vendor releases a security patch, the vulnerability is no longer a zero-day threat. However, other criminals can reverse engineer patches to see what the vulnerability was if they did not already know. They use this information to attack servers which have not been updated yet and exploit them. So, when an update is released, you should act quickly rather than ignoring it. This ensures the best protection of your business and won’t take too long. Grab a cup of tea and feel more secure while it updates and restarts!