Do you know what a zero-day cyber security threat is? Maybe you do and maybe you don’t, but we are going to take a couple of articles to look at:
- What the threat is
- How you can mitigate the threat
- Advanced steps to respond to the risks
What is the Zero-day Threat?
The competition between the threat actors and the anti-virus and cyber security software vendors should be looked upon as an arms race, where the vendors are normally playing catch-up.
I say normally playing catch-up, because the vendors often come up with innovations that wreck established and prevent new cyber attacks. For instance Microsoft finally closed the cyber security hole in their Office apps by taking positive action over macros. Read about that here:
Microsoft Office Macros – The Good, The Bad and the Ugly
This stopped one attack vector for the hackers, but they soon found other vulnerabilities to use to get at us. OneNote became their new way to get their malware into your systems (Burt. 2023).
And there you have it, the vendors are playing catch-up again – which happens most of the time.
Finding the Zero-day Gaps
It is often the case that the threat actors find the flaws and vulnerabilities in software and firmware before the vendors. They design attacks that are not being looked for, attacking systems that are not suspected of being vulnerable. These unexpected attacks go on until someone, a researcher, white hat hacker or even a client tells the vendor about the problem.
Is this the zero-day gap?
Almost but not quite.
The Zero-day Security Gap Lengthens
Once a vendor has been alerted to an issue, they, together with the anti-virus and detection software companies enter a race to produce patches and updates that combat the new threat. They then get those patches and updates tested and out to the users who are vulnerable.
Almost there…
You and Your Team
Now you apply the patches and updates and the Zero-day security gap (for this instance) has been closed.
Has everyone on your team applied the patches and updates?
Zero-day. What’s Next?
Now we have a definition for what a Zero-day threat looks like, we will be looking at what you can do to close that gap in your cyber security defences.
Clive Catton MSc (Cyber Security) – by-line and other articles
References
Burt, J. (2023). No more macros? no problem, say attackers, we’ll adapt. https://www.theregister.com/2023/05/15/proofpoint_microsoft_macros_cybercrime/