This is what lies behind the attack on software weaknesses

Zero-day exploits are attacks originating from the Internet that Exploit software vulnerabilities, for which there is no patch or fix yet. Conventional defense mechanisms such as antivirus programs or firewalls are completely powerless against this. In this article we will explain to you, how a zero-day attack works and what preventative measures you can take it can however minimize the risk of this happening.

1. What is a zero-day exploit?

A zero-day exploit it is a particular form of exploit (Meaning: “exploit a security flaw”) where there is no patch for the vulnerability yet. From the manufacturer is the Usually the errors are not even known yet. Zero-day exploits are therefore only identified after the first attack on the system. But it’s not uncommon for them to actually stay For completely unnoticed for a long time.

If the Person who discovered the vulnerability, does not report this, but in doing so it causes damagewe are talking about one Zero Day Exploit Attack (“Zero Day Exploit Attack”, ZETA). The hacker implements malicious code on the affected system and uses it to spread malware such as viruses, Trojans or rootkits.

The attack usually proceeds according to the following scheme:

• When programming software, developers create unknowingly or unintentionally create a security vulnerability.
• A hacker finds out and takes advantage of itbefore the manufacturer can respond with a corresponding patch. The lack of knowledge on the part of the manufacturer gives the criminal this opportunity a decisive time advantage to exploit the vulnerability.
• The attacker develops so-called exploit code and introduces it into the systemas long as the security hole is still open.
• After implementing the exploit Ideally, this will be recognized by the developers and the vulnerability is closed with the help of a patch or hotfix. But this often takes months or even years. The attack is not uncommon to this day through in advance any form of data or identity theft came to light.

Once the vulnerability is addressed with a patch, the attack is no longer a zero-day exploit.

2. Prominent examples of zero-day exploits

One of the most well-known victims of zero-day attacks is the content management system (CMS) Drupal. A critical flaw in early 2018 allowed hackers to do this on almost all Drupal sites versions 6, 7 and 8 execute arbitrary code – that is without authentication! More than half a million websites were affected by the exploit, and the number has not yet been reported taller.

This is not the first attack of this kind for Drupal: Already in 2014 there was one SQL Injection Vulnerability for unlimited access to the program installation.

Also lit Microsoft Windows Zero-day attacks have been carried out multiple times in the past. For example, it was only in April this year that security experts reported again a critical vulnerability in Powershell, through which hackers could gain complete access to the system.

Good to know: Although there are no official price lists for cybersecurity loopholes, zero-day exploits are sometimes sold on the Internet for millions of euros to wealthy interested parties (especially security companies or defense companies). In 2012, for example, a previously unknown vulnerability in Mozilla Firefox achieved a high selling price of $150,000.

3. How can I protect myself from zero-day exploits?

Since the vulnerability in the zero-day exploit is not known, it exists no effective protective measures for potentially vulnerable systems. However, you as a user can also take some preventative measures to avoid this To reduce the risk of such an attack.

Transfer Information within networks is exclusively encrypted and hold the Keep the number of applications on your system as low as possible. Because virtually every piece of software represents a possible gateway for exploits. Remove all unused programs from your computer and only install the ones you really need. Also, always install the latest updates and maintain yours Updated operating system and programs.

Good to know: Big tech companies like Google or Amazon even deploy their own resources in the form of teams of hackers who are completely specialized in discovering vulnerabilities. They should identify and locate zero-day vulnerabilities before cybercriminals can exploit them for their nefarious plans.