On the last day of the A2Z Challenge 2019, I am going to talk about the Zero Day Exploit. A zero-day exploit is a cyber attack that occurs on the same day a vulnerability is discovered in software. A vulnerability is an unintended flaw in a computer system that can leave it open to attack. In some cases, the vulnerability remains unknown to both users and developers of the software.
Hackers write code (malware) to take advantage of a vulnerability to compromise a computer system. The malware attack takes place before the developer releases a patch to fix the vulnerability. The developer gets ‘Zero – days’ to fix the vulnerability. Hence, its called Zero Day exploit. The worst part is, it often takes years before the developers learn of the vulnerability that led to an attack.
So, now the question is how do you recognise zero-day vulnerabilities? The bad is news, you can’t. It’s almost impossible to recognise a zero-day vulnerability or a zero-day attack. But there are a few ways to minimise the possibility of such kind of attacks. They are:
- Always install genuine software. Say no to pirated ones.
- Keep your software updated by instaling latest security patches.
- Monitor your incoming and outgoing traffic with the help of an application firewall.
- Practice safe browsing habits:
- Open SSL-enabled websites (URL starts with ‘https://’ instead of ‘http://’).
- Scan email attachments before opening them.
Some antivirus companies claim that they are able to detect a zero-day attack using behaviour-tracking algorithms that spot suspicious or malicious behaviour.