Zero-Day Exploitation

All software goes through rigorous testing before being released to the public. Developers must make sure the software can function efficiently and will not easily be broken by a user as well as ensuring it cannot be hacked. These bugs and vulnerabilities can often be difficult to find and there is not guarantee that the released product is free of any issues. Software developers are constantly looking out for these vulnerabilities to patch and issue updates for but, hackers can sometimes discover these weak spots first and exploit it before a solution has been deployed; these events are known as zero-day attacks.  It refers to the fact that the developer has only just learnt of the flaw, meaning they have “zero days” to fix it.

According to MIT Technology Review, 2021 has broken a record for the most number of zero-day attacks, totalling to 66.

  • LinkedIn (June 2021) – A hacker group exploited the site’s API and gathered information of 700 million accounts
  • SolarWinds (July 2021) – Microsoft discovered a flaw termed CVE-2021-35211, but only after hacker group Spiral gained access to the companies systems
  • HP Wolf Security (September 2021) – discovered vulnerability CVE-2021-40444 which allows hackers to gain control of a system by tricking a victim into previewing a malicious Office document in File Explorer

The methods hackers use to breach systems can often be easily overlooked and so it is important to practice zero-trust security:

  • Continuous verification : no trusted zones, credentials or devices
  • Threat isolation : execute risky tasks in disposable, isolated virtual machines
  • Use least privileged access: Limit user access with just-enough-access (JIT/JEA)

With online systems becoming a dominant part of the world and workforce, the threats to our safety has changed. It is important to be careful when sharing information and always assume a potential breach.