You may have heard of a zero day attack, but you may not be sure what it really means. Don’t worry, we’re here to help and provide you with all the details you need to know. Let us first define the term and then proceed to other things.
What is a zero day attack?
A zero day or 0-day attack, also known as a zero day exploit, is a type of (hacker) attack that takes advantage of computer-software vulnerability unknown to those who should be interested in its mitigation (including the vendor of the target software). Until this vulnerability is mitigated, hackers can exploit it to adversely affect programs, data and perhaps even entire networks.
The term “zero-day” originally referred to the number of days since a new piece of software was released to the public, and in that sense, “zero-day software” was obtained by hacking into a developer’s computer before release.
Later on, the term was applied to the vulnerabilities that allowed this hacking, and to the number of days that the vendor has had to fix them. Once the vendor learns of the vulnerability, they will usually create patches or advise workarounds to mitigate it.
As soon as the fix is developed, the chance of the exploit succeeding decreases as more users apply the fix or update over time. For zero-day exploits, unless the vulnerability is inadvertently fixed, such as by an update, the probability that a user has applied a vendor-supplied patch that fixes the problem is zero – so the exploit would remain available.
Zero day attack vectors
Malware writers exploit zero-day vulnerabilities through several different attack vectors:
- Sometimes, when users visit rogue websites, malicious code on the site can exploit vulnerabilities in Web browsers. Web browsers are a particular target for criminals because of their widespread distribution and usage.
- The second method involves sending malicious email attachments, which exploit vulnerabilities in the application opening the attachment.
- Zero-day worms take advantage of a surprise attack while they are still unknown to computer security professionals. Well-designed worms can quickly spread with devastating consequences to the Internet and other systems.
- A zero-day virus (also known as zero-day malware or next-generation malware) is a previously unknown computer virus or other malware for which specific antivirus software signatures are not yet available.
NSA used zero-day exploits in 2017
In April 2017, the hackers known as The Shadow Brokers (TSB) — who are allegedly linked to the Russian government — released files from the NSA which include a series of zero-day exploits targeting Microsoft Windows software and a tool to penetrate the Society for Worldwide Interbank Financial Telecommunication (SWIFT)’s service provider.
How to protect yourself from zero day attacks?
Since zero-day attacks are generally unknown to the public, it is often difficult to defend against them. The only thing all of us could do is exercise common sense and practice safe computing habits. This would include using an anti-virus, a VPN, and regularly updating all of your software.
Your operating system is already capable of protecting you against zero-day memory corruption vulnerabilities such as buffer overflows. It does that using heuristic termination analysis in order to stop attacks before they cause any harm.
But, sometimes, savvy hackers manage to get around these restrictions and they could potentially cause havoc. Therefore, and we intentionally repeat this, make sure that all the apps you use are up to date, and that you have both an anti-virus and a VPN running on all your devices.
We can help you find a good VPN – that’s where our page with Best of the Best VPNs kicks in, listing field-tested services that have been on this market for years. So, if you still don’t use a VPN, now’s the time to start doing it. Hop over to that page and get yourself an additional layer of protection. You can always thank us later. 😉