Zero-Day

In the world of cybersecurity, a zero-day attack occurs on Day Zero. This represents the first day that the most concerned party, the software vendor or developer, learns of their product’s vulnerability. When a zero-day cyberattack occurs, the learning experience drawn from it can be a painful one. The only individuals who knew about the vulnerability — and how to exploit it — were cybercriminals. Zero-day exploits carry the strong probability that zero users were able to install a remedial software upgrade or patch; this can result in the greatest number of users being affected.

Also known as zero-day exploits, zero-day cyberattacks can inflict heavy damage. They typically play out like a perfect storm. Occurring when no one outside of the cyber-underground knows about the vulnerability, there can also be a significant time-delay before the issue can be fixed. Until the remedial patch goes out to users, the cyberattack can continue and spread. Weeks could pass before every user of the compromised software can obtain and install a software fix that eliminates the problem.  A 21-day vulnerability would represent an exploitable weakness that took the software company three weeks to fix after first discovering it.

High-Profile Zero-Day Cyberattacks

Although it’s not common for a zero-day vulnerability to be exploited in the case of high-profile software products, attacks have occurred. Several zero-day exploits have been aimed at well-known programs such as Adobe’s Acrobat, Reader and Flash Player.

Due to a vulnerability in Internet Explorer 8 which was unknown to Microsoft, The U.S. Department of Labor experienced a zero-day exploit in May 2013 when it’s website began sending out malware code to site visitors. The malicious script was transmitted through visitors’ browsers to their computers. When the malware detected a popular free antivirus software suite on visitors’ systems, it attempted to deactivate the program. The malicious code also collected details regarding the infected visitors’ installed software programs and transmitted the information back to the hackers.

Earlier that same year, in January, the U.S. Department of Homeland Security issued a warning advising users to disable Oracle’s Java unless it was absolutely necessary for system operation. Oracle had discovered a zero-day vulnerability in Java and the DHS believed the threat of a zero-day exploit was too great to ignore. The DHS warning stressed the need to disable Java until Oracle could issue a full and comprehensive remedial patch.

Protecting Yourself From the Unknown

Because an unknown zero-day vulnerability carries a high risk factor, the possibility of experiencing one should be taken seriously. Antivirus software that can quickly access remedial patches from cloud-based sources as soon as the fixes are developed can significantly narrow the window of opportunity for a zero-day exploit to occur. Choose an antivirus software based on more than just its features and reputation; it should come with the resources and ability to quickly access, gather and analyze enormous amounts of data regarding potential threats.