What is zero-day attack or exploit
“Zero-day attack” We all heard about this. This is a flaw in the software that might be used by someone to commit an unauthorized act on a computer. Because of the name – it can be little difficult to understand the concept. Let me explain the problem with an example –
“Every once in a while, you log in to your secured online bank account to pay some bills or say to check your balance. But you didn’t know that there is a security flaw in your bank’s online system. Then one day this security flaw is discovered. Soon as this flaw becomes a public knowledge – bad people start working to take advantage of this flaw to steal your money. Now your bank’s software developers needs to find a solution to fix this issue by the end of the day.
The reason that this problem is called “zero-day”, because once the flaw becomes public knowledge, the developers has practically “zero days or 0 days“ to find a solution. “
How this can happen
Till today softwares are written by human being. Some times an unintentional error-in-code can remain in the algorithm and can be overlooked by the software developer. After the development – every software goes through a series of testing before it goes for public use. These tests are done either by a human being or by a “software testing software”.
Some times the “unintentional error-in-code” never get caught in the testing phase. Then this “unintentional error-in-code” becomes a “flaw in the software”. This flaw remains unknown to the software developer, testers and even to users. Eventually this flaw becomes a “security hole”. And that is when Zero-day attack happens.
Why this is a problem
In a nutshell ‘zero-day attack’ is an unknown flaw in the software. Due to the nature of this problem –
Any attacker can attack any system in any time. A seasoned attacker can cause serious damage to data, computer programs.
Even a standard antivirus software may not be able detect a zero-day virus .
This is also very effective against any secured or “well protected” network. In most cases the attack remains undetected for days.
Detection – the bug hunters
There are individual groups and companies working on this issues. Here is some of them
The Good Force : Google has a security team called Project Zero. Members of this team, test vulnerability in softwares developed by Google and by other companies. When they detect anything – Project Zero team inform the software maker. Then made this information public once a patch has been released by the makers.
Antivirus maker companies also test for vulnerability in softwares.
The Dark Force : People with bad intention or ‘the bad guys’ – also look for vulnerability in softwares, developed by different companies. Difference between the good force and dark force are – the dark force do not inform the software developer about the security holes, instead they try to exploit the situation.
Protection
Zero-day attacks are usually unknown to the users. In reality there is no good protection against this. So users needs to develop safe-computing habit. Examples of safe-computing habits are –
1. Stay informed. Beware of scams, try reading some security news every day.
2. Dont use the same password for everything.
3. Try not to use open or unsecured wifi network.Your data can be intercepted while in transit.
4. Read the description and company review before install or download any software or apps.
4. Scan your computer regularly for spyware and make sure your operating system has the latest updates.
5. Finally backup…backup…backup…backup…everything.
Writer – Rubayat M.
