Zero Day Attacks and How to Prevent Them
A zero day attack is a malicious attack that identifies a vulnerability and exploits it before it has become known to the software vendor and the end user. The malicious attack can use the exploit to download malware, spyware, adware, phishing software, or any other type of malicious code with criminal intent.
When zero day attacks take place, it makes the security issue known before the software vendor is aware of the vulnerability and before they are able to create a patch to seal the security hole. In many cases hackers are the first ones to become aware of the security hole and then the vulnerability and the exploit become known at the same time.
Types of Zero Day Attacks
Malware programmers are capable of exploiting zero day security holes through a variety of different ways.
- Websites: If a software program in your PC has a security hole that has yet to be discovered and you visit a website that is infected with malware, this is the perfect opportunity for the malware to exploit the vulnerability in your software program. The vulnerability could exist in your Web browser or another type of software that is installed on your PC.
- Email: A zero day attack can also occur when you click on an email attachment that is infected with malware. Once you open the attachment, the malware can exploit any security holes that exist in your email client software or elsewhere in your PC.
- Inferior Software: Zero day attacks will also exploit software that is poorly written. Generally this type of software contains multiple vulnerabilities that zero day attacks can exploit because the common file types are numerous and frequent. With poorly written software, it is easy for attackers to create malware that takes advantage of the common file types making it easy to attack the system and steal sensitive information.
Since zero day attacks expose a vulnerability that is unknown to the software vendor and the end user, it creates what is called a vulnerability window. A vulnerability window is the span between the time the exploit is released by the hacker until the distribution and installation of the patch is administered.
A vulnerability is usually not known in advance, therefore there is no way to guard against the attack before it happens. However, companies and individuals can take precautions to guard against the attacks such as firewalling a network, updating antivirus software, enabling browser protection, and employing buffer overflows. It is also a good idea to wait for a period of time before upgrading to a newer version of software. Vulnerabilities in new software are usually discovered in the beginning stages that follow distribution and the holes are repaired with updated security patches. If you wait to purchase the software, the chances of a zero day exploit by hackers is significantly reduced.