What is a Zero-Day Attack and How Do I Protect Myself?

Imagine you have a fantastic house. It’s absolutely lovely, everything works, and you’re so happy.

But there’s a problem. You didn’t know about it when you moved in. The estate agents didn’t know about it. No one knew about it. But when you moved in, you changed the locks, and your front door lock can be opened just by poking it with a stick.

Now, no one would poke a front door lock with a stick. It doesn’t make any sense – you have keys, that’s what you use. But someone figured it out, and now anyone can come over to your house, poke your front door, and take anything they want from your house. It doesn’t trigger your security system, it doesn’t look like anything suspicious, it’s literally just a stick, and it opens your door. And it’s only a matter of time before your front door is wide open.

That’s what a Zero-Day Vulnerability is. No one knew it was there, but it’s been there the entire time, just waiting for someone to come over and poke it. And that amazing stick that can open your front door? That’s the Zero-Day Exploit, and the minute someone knows about it, it’s a race against time to patch the vulnerability before all the doors get opened in a Zero-Day Attack.

How common are Zero-Day Attacks?

They’ve become one of the major ways hackers can get into systems, and they’ve been responsible for some of the bigger security breaches in recent years, including the 2017 Equifax data breach. And the Ponemon Institute’s Study on the State of Endpoint Security Risk predicts that Zero-Day Attacks will massively increase over the next few years, as more and more vulnerabilities are discovered and exploited.

What gets hit by Zero-Day Attacks?

If you want to cause as much damage as possible, you’ll want to target something nearly everyone uses. Whether it’s Microsoft Word, Google Chrome, Zoom, or a single WordPress plugin, if it’s popular, it’ll be analysed for any potential weakness that could bring in big rewards. 

And it’s even more likely if it’s an older version of a product since there’s more time to explore possibilities as well as take advantage of companies that never update their systems  – after all if you won’t update your WordPress plugins, you probably won’t update your firewall, and anyone can stroll right in.

How can I protect myself against a Zero-Day Attack?

Because they take advantage of vulnerabilities no one knows about, it’s impossible to protect yourself completely. There’s always a vulnerability lurking somewhere that someone could exploit. But there are steps you can take that’ll minimise the risks.

Update your software as soon as a new patch is released

This should be obvious, but so many people don’t do this, or patch most of their software, but hold off on the most important one because it takes too much time. How many times have you gone “aw no, Windows update! You’ll take forever! I don’t have time for this, I have to start work!”

Take the time. Do it during lunch, arrange it so it happens overnight, whatever it takes – make sure everything’s patched up nicely.

Have a firewall between you and the outside world

A good Web Access Firewall can make a world of difference in how often you get probed for vulnerabilities. Not only can it be updated to block specific attacks coming through, a good one will also block entire IP ranges if it thinks sketchy content is coming from there. Our hosting packages have a Web Access Firewall included as part of the whole package, and it detects patterns of bad behaviour and blocks IPs before anything can get through. Plus, our Managed WordPress and higher hosting packages have a Content Delivery Network, adding another layer of protection between your data and the Internet at large.

Keep permissions locked down as much as possible

How many people have access to your WordPress admin section? What about your email server? Is your Facebook account still connected to a game you used to play in 2010? And did you really let that complete stranger use your laptop for a minute “just to check something”? Go through all the possible permissions you have, all the possible connections you have, and make sure you’ve limited things. Remember – just because Facebook says it’s all public information doesn’t mean you want it all connected to your business.

Make sure you have backups and disaster recovery plans in place

Just in case anything happens, having a backup will save you so much heartache. You can patch everything once the updates are released, but you can’t get back data if it’s corrupted. Back it up often, keep it safe and separate from your main version, and have disaster recovery procedures in place before anything happens. If you have a step-by-step guide focusing on what you need to do, it can stop you from spiralling into a panic and keep you running smoothly.

If you follow these four tips and just keep an eye on what’s happening, you’ll be prepared for any vulnerabilities that come your way – even if it is a magical door opening stick.

(Featured photo by Anne Nygård on Unsplash)