Zero day attacks describe a specific form of hacking that targets a vulnerability that is unknown by the vendor or user. This type of attack can use any form of malware, whether it be spyware, adware, viruses or phishing, usually in the benefit of criminal activity. It then becomes imperative for the companies in question to find a solution to fix the vulnerability, before any major damage is done. This will normally come in the form of a software update or patch, which fix the problem and block the opportunistic hackers.
A recent example is Adobes ColdFusion web server platform that experienced a zero day attack for a whole month before it was spotted. The company website in question, Linode was compromised thanks to a vulnerability that allowed hackers to impersonate authenticated users. They were then able to acquire codes that allowed them to steal information including hashed passwords, encrypted credit card details and unencrypted credit card verification data. Adobe has issued a patch for the problem and Linode have expired their keys and issued new ones. The site has said it would be extremely unlikely that the details could have been encrypted but this may have just been a lucky escape. Microsoft have also fallen victim to a zero day attack that was aimed at websites used by US government workers. They have issued relevant patches to fix the problem but again a high profile company has been exploited in the exact same way.
As these attacks use unknown faults within software, they are unpredictable and therefore difficult to avoid. The best way to guard against these assaults is to increase your overall security like making sure you have a network firewall and a fully updated antivirus and antimalware program. Another tip is to avoid betas or new software updates as these are the most likely to have vulnerabilities, try and wait for all of the bugs to be fixed before downloading.
ITC Secure Networking can provide managed security services and network monitoring to minimise the risk posed by zero day attacks. Call us 020 7517 3900 to find out more or visit www.itcsecurity.com
