The language of Cybersecurity can be filled with acronyms, abbreviations and multiple meanings for the same or similar phrases.  If you are new or just embracing Cybersecurity as a company, understanding these can be very confusing.  To help you develop your cybersecurity vocabulary, we will do our best to simplify trending terms, phrases or topics.  Zero-Day Vulnerabilities are one of the scariest types of vulnerabilities.  We will get into what it is, how it is used, and how you can defend against it.

What is a Zero-Day Vulnerability?

Zero-Day Vulnerabilities are defined as previously unknown vulnerabilities that are actively being exploited before updates and fixes are available.  They are considered one of the most indefensible threats in cybersecurity due to this unknown factor.  Most vulnerabilities are discovered by the company that is responsible for updating them, however with a Zero-Day Vulnerability they are actively being exploited before the company even knows about the issue.  This usually results in a period of time, usually 24 hours but sometimes an entire week, before an update is ready.  After the update is ready, then testing is often needed to confirm it doesn’t cause any issues with your internal systems.  Time can vary drastically for testing but is usually 1 to 7 days.  If you do the math, a Zero-Day Vulnerability can be an open threat for up to two weeks before it is secured.  That is a stressful time for a Cybersecurity Professional.

How do attackers use Zero-Day Vulnerabilities?

Zero-Day Vulnerabilities are not just one type of attack.  Their danger lies in them being unknown.  Usually, they are used to infiltrate networks, but not always to release a payload.  The attackers often use this vulnerability to add a back door or for information gathering.  However, if a payload is delivered, it is usually a ransomware or is used in a denial-of-service attack.

How do you defend the indefensible?

The short and unfortunate answer is- you cannot.  However, there is a light at the end of the tunnel.  This is a very good example of the need for a security principle called “Defense in Depth”.  Defense in Depth utilizes multiple levels of defense.  An example would be having a firewall, an Intrusion Detection System, anti-virus and Security Awareness training.  That is 4 layers of security the attacker might have to go through before being able to deliver its payload.  This way, if one layer fails to stop an attacker another will hopefully be able to.  So, the next time you hear about a Zero-Day, let your Cybersecurity Team know immediately!