Zero Day - what does this actually mean?
The Cyber Security world is full of acronyms and terminlogy that the everyday user sometimes struggles to understand the meanings. Zero Day is a typical example.
A Zero Day attack is a vulnerability in software or systems that has been uncovered by a hacker or cyber criminal and a method of attack has been developed to exploit the vulnerability.
As the vulnerability was previously undiscovered the first day when the attack is started is called the Zero Day and the period therafter until a suitable patch is developed and deployed, is called a Vulnerability window. Whilst this Vulnerability window exists IT systems can be attacked and exploited.
Protecting systems from Zero Day attacks can be difficult but providing the basic measures are taken, the success of the attack can be made more difficult.
According to Symantec's recent Annual Internet Security Threat Report there has been a 125% increase in Zero Day vulnerabilities globally.
IT systems are often not configured to require authorisation before software can be loaded and this simple measure can make a significant difference to the success of any malware based attack. Most important is the development of a regular user awareness training programme. Cyber attacks can be spotted more easily by Cyber aware staff.