Zero Day Attacks
Zero Day threats take advantage of security vulnerabilities in computer systems that have either not been identified or have not yet had a fix developed by the vendor. Hackers continually search for these vulnerabilities in hopes that they (the bad guys) can identify them before the software vendor or threat protection companies (the good guys) can identify them. This race between the good guys and bad guys is never-ending, because software vendors are continually updating their code to provide new functionality, more stable products, or just another revenue stream.
Zero Day threats get their name from the number of days after identification and remediation by the good guys. If they don’t know about them yet, they are considered Zero Day threats. The reason they are so concerning is that there is no defense in place for them yet, specifically. They have a much greater opportunity of being exploited than a known virus or worm.
What can you do to protect against Zero Day threats? The most effective way to combat them is awareness. We talk about this often at P&L, and that is because user awareness is the best security tool. If you receive an email with an attachment that you aren’t expecting, don’t open it. Call the sender and make sure they knowingly sent it to you.
From a tools perspective, a layered security approach is important. The combination of the following tools can greatly reduce your risk:
- A next-generation firewall specifically configured to support your environment
- A detonation chamber for email that scans all attachments for virus-like behavior BEFORE delivery
- A continually updating Antivirus/Antimalware package that runs on all endpoints
These threats can be crippling if they hit your environment. Make certain your data that you’ve worked so hard to build stays safe. Have questions? Give us a call at 800.698.1686 or email us and we’d be happy to discuss Zero Day threats in depth.
Written by: Scott Wilson - 5/2/2017