By Dan May
In the first four months of 2021, almost four billion data records were exposed across hundreds of attacks. On a daily basis there is at least one cyber-attack that affects business anywhere. While some hackers will target specific businesses or sectors, others will simply try and scrape as much data as humanly possible.
Hackers use a variety of methods to access systems and data illegally, from brute force to denial of service. But one that causes a severe amount of damage is Zero Day Attacks.
What are zero-day attacks?
A zero-day attack, or zero-day vulnerability, is a weakness in a software that was there from the moment of launch. As it’s a new vulnerability that hasn’t been seen before antivirus software’s can’t detect it and therefore cannot protect devices from an attack.
They’re called zero-day because the developers of the software have zero days to fix them, as they’ve already been exposed. While developers and cybersecurity experts cannot prevent the initial damage, an update to their software is released to stop the entry point and further mitigate any more exposures, as well as removing any malicious code in the software.
What are the biggest threats that zero-day attacks pose to businesses?
For any size business zero-day threats pose a great problem. As there is no immediate security fix, businesses can feel vulnerable and exposed to data theft.
However, the main issue is not knowing what exactly has been breached. As a zero-day attack can be a backdoor into a software or database, what exactly has been exposed is unknown.
Recent Zero-Day Attack: Microsoft Exchange Servers
Some Exchange servers, which powers email, calendars and other key Microsoft products, was accessed through a zero-day attack. The vulnerability was first accessed in January 2021, and was later patched in March 2021, after a large amount of data was accessed by HAFNIUM, a presumed Chinese affiliate. They are known to specifically target infectious disease researchers, law firms, higher education institutions, defence contractors, policy think-tanks and NGOs, all primarily USA-based.
How can businesses prepare themselves against zero-day attacks?
While you cannot put in measures to fully protect yourself from zero-day attacks, you can put in controls to mitigate and help prevent substantial damage.
Install patches and security updates as soon as possible
When patches and security updates are released, the temptation can be to wait until a quiet moment. However, it’s best to schedule update time in regularly This means that as soon as security patches are released, apply them. This isn’t just for computers and servers; all connected devices should be updated on a regular schedule.
Consider a cloud provider, or managed hosting, if you’re a SME
SMEs often don’t have in house cybersecurity expertise to deal with critical issues such as zero-day attacks, and so on-premises or self-hosted solutions can leave businesses vulnerable.
It can be a sensible solution to switch to managed hosting and cloud provider, as when issues arise, they can assist you to resolve the problem, bring up systems that are down and much more. There is also a prerogative for them to ensure you are secure on their service, so they will often have in house cybersecurity expertise to assist.
Have a crisis control plan in place
A cybersecurity attack can cause system outage, which can take hours, if not days to recover. Having a backup system, whereby you have approved ways to communicate with clients, access critical information and inform other key stakeholders about issues, should all be in place before anything happens.
This should also cover any software you rely on, as well as issues with building access. As a cybersecurity risk assessment is required under GDPR, a crisis control plan could be something you include alongside this, or you could make it a separate document.
About the Author