According to European Union Agency for Cybersecurity (ENISA), a zero day reaches the following implications:
“ For attackers, a Zero-Day exploit is a sure way of accessing a system; For vendors, a Zero-Day vulnerability is a serious security risk for their clients with equally serious business risks for the vendors;For users and system administrators, a Zero-Day vulnerability on a software they use is a serious security risk which requires increased caution.”
Kaspersky, the Russian multinational cybersecurity and anti-virus provider that is present in the documentary “Zero days”, presents the difference between a zero-day vulnerability, a zero-day exploit and a zero-day attack:
“A zero-day vulnerability is a software vulnerability discovered by attackers before the vendor has become aware of it. Because the vendors are unaware, no patch exists for zero-day vulnerabilities, making attacks likely to succeed. A zero-day exploit is the method hackers use to attack systems with a previously unidentified vulnerability. A zero-day attack is the use of a zero-day exploit to cause damage to or steal data from a system affected by a vulnerability.”
As we can see, the three have in common the idea of an attack to and a vulnerability in a system. The term system can be a synonym for something like: an operating system, a web browser, an office application, open-source components, hardware and firmware, and Internet of the Things (IoT), for example.
Pctools by Symantec refers that
“Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information.”.
In what respects to motivation, a zero-day could be carried out by various actors. Hackers can have a financial, a political and/or a social motivation. They can work “alone” or for someone: a company, an organization or a country.
Stuxnet is the most famous and well-known example of a zero-day attack, but more recently we have an attack on Apple iOS and on Zoom in 2020. In 2021, Chrome from Google suffered also some “zero-day threats” as a result of a bug in the V8 JavaScript engine used in the web browser.
Although zero-day vulnerabilities are "the hardest kind of vulnerability to protect against", as underlined by an article from the Ohio State University, we should follow some proactive and reactive security measures to reduce the risk.
Stay informed is one of them: it means to stay tuned to the news and pay attention to releases from the software that we usually use.
Another measure is to keep our systems (software and operational) updated. We can enable automatic updates or do it manually, as soon as possible. Developers are always working to keep their software updated and patched, trying to avoid the existence of vulnerabilities. This might include adding new features, removing old features, updating drivers, delivering bug fixes,...
Using a firewall and a comprehensive antivirus solution to help block known and unknown threats.
And finally, but not less important, establish safe and effective personal online security habits because we are the target. People are the first and last line of cyber security defense!
***
Some other links used here:
Check Point, "What is a Zero-day attack": https://www.checkpoint.com/cyber-hub/threat-prevention/what-is-zero-day-attack/
Norton, "Zero-day vulnerability: What it is, and how it works": https://us.norton.com/internetsecurity-emerging-threats-how-do-zero-day-vulnerabilities-work-30sectech.html
Comentários
Enviar um comentário