Among the varied cybersecurity risks we all face on a daily basis, zero day vulnerabilities are particularly dangerous because they are unknown to the organisations and individuals being targeted. As our own research has uncovered, these blindspots can remain active and undetected for anything up to 30 days until antivirus and sandboxing technologies are updated to mitigate the risk or software vendors release updates.
During that time, infrastructure remains vulnerable to attack and as a result, zero day exploits have become a go to tactic used by cybercriminals and nation state hackers to gain access to networks.
In March alone, for example, the BBC was among many news outlets to report on a global zero day hack targeting Microsoft Exchange email servers, stating that “hundreds of UK companies” had been compromised among many more thousands around the world. At the same time, Google was also making headlines after research revealed that most Chrome users took nearly a month to install a new patch, increasing their vulnerability to zero day threats.
The potent effect of zero day threats is fuelling the rise in incidents. According to a recent piece published by The Economist, in which they review a book by Nicole Perlroth, a cyber-security correspondent for the New York Times, who argues that zero day exploits can be viewed as the “blood diamonds of the security trade”.
The bestselling book goes on to reveal that, as a result, zero day exploits can command a price of “six or seven figures depending on their target and potency” to those looking to exploit unknown vulnerabilities in software systems for financial gain or as part of government-sponsored intelligence strategies.
A major part of this problem lies in the way many cybersecurity strategies are built to react to security risks. In doing so, they are the ideal targets for zero day attacks, when even a few hours or days can prove catastrophic, and as we have seen, leave organisations scrambling to fix blindspots after the fact.
With nearly 70% of malware found embedded within files of an unknown variant when it is received – effectively making it invisible to reactive cybersecurity technologies – security teams need to be given advanced tools so they can take a proactive posture to the risks posed by zero day vulnerabilities.
Glasswall takes a proactive approach to file based threats, and our Content Disarm and Reconstruction (CDR) technology identifies and removes risky, zero-day file-based threats from all files in moments – minimising downtime and disruption often caused by traditional anti-virus or sandboxing solutions.
The process requires no blocking, no patching, and with no false positives to hold back important business documents, delivers only safe, secure and trusted files. The result is that every file sent or received – via email or the cloud – can be treated with confidence by organisations fully protected from zero-day malware threats.
To read more about zero day blindspots and how to build a proactive cybersecurity strategy, read our latest CDR brief – here.