Read Time:5 Minute, 30 Second
“Zero-day threat.” It may sound like the title of a hit film, yet it’s anything but.
It’s a previously unknown vulnerability that hackers can exploit to unleash unforeseen attacks on computers, smartphones, or networks—making essentially any connected device or system potentially susceptible to attack. After all, today’s devices and code are complex and riddled with dependencies. Even with testing, vulnerabilities can remain elusive, until developers or hackers eventually discover them.
The term “zero day” gets its name from the age of the threat, meaning that developers and security professionals have had “zero days” to address the threat, making it potentially quite damaging.
And it’s not uncommon for major zero-day threats to make the headlines:
In 2021, reports arose of Minecraft players coming under attack. Hackers discovered a vulnerability in the code that allowed them to take control of the computer playing the game, along with the files and information it contained. As it turned out, the threat was far more widespread. The vulnerable code involved a commonly used Java library, used by thousands and thousands of different applications worldwide, not just Minecraft, causing businesses, organizations, and governments to scour their applications for the affected Java library and put measures in place to mitigate the threat.
Spring 2022 saw the rise of a vulnerability dubbed “Follina,” which allowed hackers to remotely take control over a system using a combination of a Microsoft Word document and a diagnostic support tool—which could put a person’s sensitive documents and account information at risk. Microsoft subsequently issued a security patch that disabled the attack vector.
Corporate networks fall victim to zero-day vulnerabilities as well, such as in 2014 when hackers used an undiscovered vulnerability to break into the network of Sony Pictures Entertainment. Hackers raided unreleased copies of movies, scripts, and other information as part of the attack.
Back in the early days of the internet, hackers typically released malware that was an annoyance, such as scrolling profanity across the screen or crashing it the computer infected with it to crash. The examples above show how greatly that has changed.
Today, hackers use malware to make a profit, whether by holding your device and data hostage, tricking you into revealing your personal information so the hacker can access your financial accounts, or by installing spyware that secretly steals information like passwords and account info while you use your device.
That’s what makes zero-day threats so dangerous for us today. Hackers can exploit zero-day vulnerabilities through different means, but traditionally web browsers have been the most common, due to their popularity. Attackers also send emails with attachments, or you might click a link in the body of an email that automatically downloads malware. All of these could now be putting you at risk.
Likewise, security measures have come a long way since the early days. In particular, the antivirus applications included with today’s comprehensive online protection software have technologies in place that directly combat zero-day threats—specifically artificial intelligence (AI) and machine learning (ML).
Without getting too technical about it, strong antivirus uses AI and ML to sniff out malware by looking at how an application or device is behaving and if that behavior looks suspicious based on past patterns. In other words, strong antivirus is smart. It can detect, block, and remove zero-day threats before they can do their damage.
So, just as hackers exploit zero-day vulnerabilities, you can thwart zero-day vulnerabilities with strong antivirus.
Protecting yourself from zero-day threats
Today, McAfee registers an average of 1.1 million new malicious programs and potentially unwanted apps (PUA) each day, which makes zero-day protection an absolute boon for anyone who goes online—and online protection like ours offers some of the strongest antivirus protection you can get, as recognized by independent third-party labs.
Online protection software does a few other things for you as well when it comes to malware attacks:
It alerts you of suspicious links in emails, texts, and direct messages before you click or tap on them, which can prevent bad actors from infecting your device with malware.
It can also alert you of dangerous websites while you surf, once more steering you clear of phishing websites and other sites that host malware.
And it includes a firewall, which can protect your network and the devices on them from attack by filtering both incoming and outgoing traffic.
Beyond using online protection software with strong antivirus, you can take a few more steps that will keep you safer still:
1. Update your browser, operating system, and applications
In addition to often providing new features and functionality, updates fix the vulnerabilities in your apps and operating systems, which strengthens your protection against malware.
2. Uninstall old apps
The more software you have, the more potential vulnerabilities you have. By uninstalling old apps, you leave hackers with fewer avenues of attack. Take a look at your computers and smartphones. Delete the old apps you no longer use, along with any accounts and data associated with them as well. Another benefit is that this can potentially reduce your risk if the companies behind those apps get hit by a data breach.
3. Don’t click on links in emails, texts, and direct messages
This is a good rule of thumb in general, but it can definitely help you protect against zero-day attacks. The same holds true for email attachments. Never open them from unknown senders. And if you receive one from a friend, family member, or co-worker, take a quick second to confirm that they sent it. Some attackers masquerade as people we know, and in some cases hack their accounts so they can spread malware in their name.
Zero-day threats call for zero-day protection
As the number of apps and devices on the internet have seen explosive growth in recent years, so has the volume of malware—much of it zero-day threats that take advantage of newly discovered vulnerabilities. Hidden within millions and millions of lines of code, dependencies, and interactions, zero-day threats will remain the rule, rather than the exception.
However, antivirus technology has more than kept up, particularly by leaning on smart technologies that can detect zero-day threats before they become known threats. Using strong antivirus, as part of online protection software that contains even more security features still, remains an absolute best practice for anyone who spends any kind of time online.
The post What is a Zero-Day Threat? appeared first on McAfee Blog.
