We hear about Zero-Days in the news almost daily. Let’s look at what they are. Zero-Day Exploits start with a Zero-Day Vulnerability. A zero-day vulnerability is a flaw (weakness) that is, as yet, unknown. The zero-day is derived from the unknown status of the vulnerability. A zero-day exploit is when a zero-day vulnerability is leveraged to plan an attack. A zero-day exploit is turned into a zero-day attack when it is deployed. Zero-day vulnerabilities are dangerous because they are unknown and therefore no protection exists against them specifically. They are not always discovered right away either giving them time to spread throughout a network and across the internet.
Given that the vulnerability was unknown prior to the attack, it may seem theoretically impossible to prevent such an attack. It is not, however. Here are some ways by which we can ward off novel attacks.
First and foremost, patch your software! If a software update is sent out, download and apply it as soon as is reasonable. Granted, patches are created to address known vulnerabilities, but sometimes in the process of patching zero-days can be prevented.
Secondly, use anti-malware. In previous days, it was called anti-virus (AV) software. The upgrade is because the software no longer addresses only viruses. Now, it goes after viruses, worms, trojan horses, spyware, and other malware. Even if the particular attack is unknown, if it is behaves in a way that is similar to attack, it may be detected by heuristic scanners.
Thirdly, firewalls can potentially stop zero-day attacks. The determining factors of whether a firewall can block a zero-day are how the firewall is set up and how the zero-day functions. If the zero-day behaves in a manner that the firewall prohibits or investigates, then the attack will likely be halted.
Finally, the human at the keyboard is the last line of defense. Users who diligently consider the links they click on or the sites they visit help reduce the likelihood of coming into contact with a zero-day attack. All of those cybersecurity awareness training programs we complete address this.
For more information on zero-days, check out: https://www.techtarget.com/searchsecurity/definition/zero-day-vulnerability#:~:text=For%20example%2C%20Google's%20Project%20Zero,before%20publicly%20disclosing%20the%20flaw.
Commentaires