What is a zero-day attack?
A zero-day attack is a cyber attack that exploits an unknown security vulnerability, even before the software developers are aware of it. It uses the unknown vulnerability in the software and creates complicated problems of data theft and identity theft. The attack is known as “zero-day” because once the flaw is discovered, the developers have zero days to plan and advise mitigation against the threat.
How do attackers use zero-day vulnerabilities in zero-day attacks?
Zero-day vulnerabilities can be exploited by the attackers through several attack vectors:
- When a user visits a malicious website, the malicious code in the website can exploit some security vulnerability in the web browser to infect the system
- Cybercriminals can use social engineering to infect a system. For example, they may send a phishing email with an attachment, on clicking on which malicious code may start execution and download the malware into the system, and thereby infect it.
- Attackers can use malvertising (How does malvertising work?) to inject malware-laden online advertisements into legitimate online advertising networks and webpages and infect a system.
- Attackers can use drive-by downloads (How does the drive-by download work?) to infect a system with malware while the user visits a malicious website.
- Attackers may even take advantage of known security vulnerabilities in Operating Systems and other commonly used software to infect the system with malware.
How do zero-day attacks work?
A zero-day threat typically follows the timeline mentioned below :
- Developers create software, but it contains a security vulnerability unknowingly.
- The software is released, and the attackers discover the vulnerability even before the developers have a chance to fix it.
- The attackers exploit that vulnerability and create malware.
- The attackers use social engineering or take advantage of other security vulnerabilities of Operating Systems and other commonly used software to infect a system with malware.
- The attackers steal sensitive data from the infected systems or plan for even more attacks.
- The users learn about the information and identity theft or the developers become aware of the vulnerability.
- The developers respond quickly to release a patch to mitigate it.
How to prevent zero-day Attacks?
A couple of steps can be taken to protect systems once a zero-day threat becomes known for which …
0 Comments