There is a lot of talk about zero-day threats today and rightly so. The frequency of zero-day attacks has vastly increased over the past decade. There are a number of reasons for the surge in activity:
A simple way of summarizing these points is to simply say that more stuff equates to more vulnerabilities. On top of that, hackers are getting much better at exploiting these vulnerabilities once they are discovered. The period of time it takes to exploit a newly discovered vulnerabilities has been compressed from months into days. In addition, the rate of discovery for zero-day exploits has sky rocketed in recent years due to the variety of aftermarkets in which zero-day exploits are sold and traded. The buyers of these isn’t always criminals. Researchers sell these exploits to government intelligent agencies as well as police and military forces.
The term zero-day attack is used to describe any threat of unknown or unaddressed security vulnerability. While these vulnerabilities are commonly associated with software, they are just as present in hardware apparatuses as well. The reality is that just about any connected device can be hacked. For instance, the cybersecurity company, Check Point, demonstrated back in August of 2008 how hackers could remotely compromise a fax machine to steal data being transmitted. HVAC sensor, cameras, medical devices and even smart elevators are common examples of network connect hardware with minimal internal protection systems to secure them from attack. Work from home strategies have opened up additional vulnerabilities with the utilization of commercial or even consumer grade networking equipment.
Check Point Security demonstrated how a hacker could break into a standard commercial router and use it to access additional devices within the internal network such an IP security camera. While they specifically targeted a NETGEAR R6700 router for the sake of the demonstration, they could have selected anyone of a dozen models from multiple manufacturers to achieve the same result. In this instance, they took advantage of a stack based buffer overflow exploit called CVE-2020-10923 which was first reported back in July of 2020. The exploit uses a script that carries out the necessary commands. When successfully implemented the exploit grants an attacker root access to the device. From there, the perpetrator can carry out the dastardly mission of intention.
Unfortunately, there is no guaranteed way to eliminate zero-day attacks as they are unknown until publicly announced. There are some measures you can take however to reduce your exposure to these attacks.
Zero-day attacks will continue to plague enterprises for the foreseeable future as organizations continue to digitally transform themselves. While it may be impossible to totally eliminate these vulnerabilities that so many are seeking to exploit, you can go a long way to reducing their threat levels without breaking the bank.
Protect your organization from zero-day attacks with SpamTitan, an advanced email security solution. SpamTitan uses advanced predictive technology to to anticipate new attacks. Start 14-day SpamTitan trial.
Sign-up for email updates...