Zero-Day Attacks: What They Are and How They Affect You
One piece of advice you always hear from cybersecurity experts is to keep your software, applications, and systems up-to-date. Why is this so important? Because if you don’t, you’re a prime target for a zero-day attack.
What is a zero-day attack?
A zero-day attack, vulnerability, or exploit is one that developers or vendors have only just recently discovered. Some may not even be aware. Cybercriminals can capitalize on this vulnerability and pounce.
If an application has a zero-day vulnerability, cyber attackers can be aware of it while developers may not. A zero-day attack exploits or targets this vulnerability.
“Zero-day” is a broad term and it can refer to almost any type of attack. What makes it zero-day is that hackers have learned about it before developers have had a chance to patch it up. For this reason, zero-day attacks are particularly dangerous.
How do zero-day attacks work?
Zero-day attacks usually proceed in the following ways:
- A company releases software that contains a vulnerability they don’t know about.
- A cyber attacker notices the vulnerability and writes and executes exploit code while the vulnerability remains exposed.
- The exploit is recognized as a form of identity or information theft and the developer patches the vulnerability to prevent further damage.
Once hackers spot a security vulnerability in an application or software, they seek to exploit it using a socially engineered phishing email. The email appears to come from a legitimate source but contains links that allow the hacker’s malware to download on the user’s computer. This is the most common way zero-day attacks unfold, but not the only way.
If a cybercriminal creates an exploit for a software’s particular vulnerability, they may also sell it on the dark web to other attackers.
Identifying zero-day attacks
Zero-day attacks can impact several types of targets, including operating systems, office applications, web browsers, hardware, firmware, and Internet of Things (IoT) devices. Anyone who uses these systems, whether for business or personal matters, is subject to the risks of a zero-day attack.
A zero-day attack is a wide category of cybercrimes, so identifying them can be difficult. Cybersecurity experts have to use sophisticated techniques to detect them. They might rely on existing malware databases, looking for suspicious interactions within an existing software, or even using machine learning.
Forms of zero-day attacks can include:
- Missing data encryption
- Missing authorizations
- Broken algorithms
- Password security problems
- Bugs with software
Major incidents involving zero-day attacks
Even the largest corporations with teams of developers can suffer zero-day attacks. In recent years, some most well-known companies have suffered zero-day cyber attacks:
- Zoom: In 2020, it was discovered that attackers could remotely access a victim’s machine if they had the Zoom Client for Windows installed and were running Windows 7 or an earlier version. Zoom confirmed the vulnerability and released a patch in July 2020.
- Apple iOS: In 2021, Apple suffered zero-day attacks on older iPhones and Macs, targeting older versions of iOS and macOS specifically. Apple released a patch in September 2021 for devices running iOS 12 and for older Macs.
- Microsoft Windows: A zero-day attack used a Microsoft Windows vulnerability to target government institutions in Eastern European and Central Asian countries. It affected older versions of Windows and abused a local privilege escalation vulnerability to run code that installs applications and views or changes data. Microsoft patched it in July 2019.
- Stuxnet: Stuxnet is one of the most well-known zero-day attacks in recent history. In 2010, a malicious computer worm that impacted manufacturing computers was discovered, with Iran’s uranium enrichment plants as the primary target. Stuxnet was one of the first major, politically-motivated cyber-attacks and a documentary called Zero Days was made about it.
How to protect yourself from zero-day attacks
Zero-day attacks can be hard to pin down, and their very nature makes them difficult to defend against. But there are a few things you can do to ensure you don’t fall victim to a zero-day attack:
- Always update: If you’ve heard it once, you’ve heard it a thousand times. Always update, all the time. This includes your computer’s and smartphone’s operating systems, applications, software, firmware…everything. As you saw from the list of examples above, older versions are more likely to be targeted.
- Don’t install extraneous software: Aim to only use the software and applications you need. The more you have installed on your device, the greater risk of zero-day vulnerabilities.
- Install a firewall: Use a firewall on your computer to help protect from threats that come from zero-day vulnerabilities.
- Educate employees on cybersecurity: If you are a business owner, you have even more to worry about concerning zero-day attacks. Ensure your employees understand good cybersecurity basics, such as how to deal with phishing emails and how to be safe online.
Avoiding zero-day attacks
Zero-day attacks affect everyone, from large companies to the individuals who use their products. It’s important to stay informed and updated if you want to avoid falling victim to this type of cyber attack.
- Easy Prey Podcast
- General Topics
- Home Computing
- IP Addresses
- Online Privacy
- Online Safety
Most of us view the internet as a useful and benign tool. But in many ways, it’s…[Read More]
Here's an important piece of advice: You need to learn what Find My and iCloud.com can do...[Read More]