In 2002, then-Secretary of Defense Donald Rumsfeld caught ridicule at a press briefing when he uttered his famous quote: “There are known unknowns…things we know we don’t know. But there are also unknown unknowns. There are things we don’t know we don’t know.” While Rumsfeld wasn’t referring to zero-day vulnerabilities, his answer comes close to a textbook definition. Zero-day vulnerabilities are unknown unknowns, and here’s what you need to know to protect yourself.
What Is a Zero-Day Vulnerability?
A zero-day vulnerability is a software security hole in an operating system or browser that is unknown to the antivirus vendors, software makers, and the general public. Unfortunately, it is not unknown to hackers who use the hole to plant malware, a Trojan horse, or virus on a computer or mobile device. Think of a thief sneaking through a window you didn’t realize you left unlocked.
The term “zero day” originally referred to the number of days since a software program was released to the public; “zero-day” software was unreleased software, and therefore, extremely valuable to hackers. Today, zero-day refers to the amount of time the security hole is known to the software maker.
Zero-day vulnerabilities differ from zero-day threats or attacks. Once a hacker exploits a previously unknown vulnerability to actively interfere with a user’s computer or device, it’s a race between the hacker and the developer who must find a way to protect users.
Zero-day vulnerabilities were once rare, but they are becoming much more common and valuable as government security and intelligence agencies around the world use them to engage in cyber warfare against their enemies.
Examples of Zero-Day Attacks
If you think zero-day attacks aren’t a potential threat to average users, think again. Here are some major zero-day attacks on products used by millions of persons:
- In February 2013, Kaspersky Lab’s analysis team uncovered a zero-day attack exploiting a vulnerability in Adobe’s Acrobat Reader software. The attack bypassed the sandbox anti-exploitation protection and was used as a cyber espionage tool.
- In April 2014, vulnerabilities in Microsoft’s Internet Explorer were exploited in a series of targeted attacks that leveraged Flash exploitation techniques to get past standard Windows security precautions.
- The massive Sony hacks in late 2014 were the result of a zero-day attack against the company’s network. The hackers used a technique known as “spear phishing” to insert malicious code into email attachments.
- In February 2015, hackers successfully staged a series of malvertising attacks on the website Daily Motion by exploiting weaknesses in Adobe Flash player. The company advised users to disable Flash for several days while a patch was developed.
In fact, zero-day vulnerabilities in Java and Adobe Flash player in the past two years have resulted in extremely effective and damaging malvertising campaigns launched from pop-up ads placed on respectable websites like Yahoo and the New York Times. Unprotected users infected with malware are vulnerable to loss of personal and financial data.
How to Protect Yourself From Zero-Day Attacks
Software makers are continually on the watch for zero-day vulnerabilities and release patches to correct the problem as soon as they are identified. Microsoft, for example, issues security updates and fixes on the second Tuesday of each month, commonly called “Patch Tuesday“.
Operating systems and browsers are highly vulnerable to zero-day attacks. Update your browser regularly to get the best security features. Use the “help” feature on your browser to check for updates; alternatively, you can set your browser to download updates automatically. Always install updates to your operating system as soon as they become available.
Be alert for any notifications about security updates and patches for software you have installed on your computer or device, as well.
If you use public Wi-Fi hotspots, you are also at increased risk for zero-day attacks, because most public networks are not encrypted. For regular public Wi-Fi users, Hotspot Shield is a must-have for protection against malware and phishing.
Sometimes, despite your best precautions, you can be the victim of a zero-day attack. After you’ve performed a full-system scan, remember to clear your cache and delete all cookies. Change passwords on all your sensitive accounts; use long, strong passwords and then log out of all your accounts. To protect yourself against vulnerabilities in major browsers like Internet Explorer, consider using an open source browser such as Firefox, that has an active developer community and large user base.