Core Security's Bobby Kuzma provided this quick explainer on zero day exploits and why businesses should be concerned about them.
Consumers and organizations of all sizes will be impacted by cyberthreats. As digital transformation impacts every industry, every device we own becomes networked, and the scope of cyberthreats and threat actors can vary dramatically.
TechRepublic's Dan Patterson spoke with Core Security's Bobby Kuzma to explain what zero day exploits are and how they work.
A zero day is a bug that no one knows about until it's "used in the wild," Kuzma said. It's a hole in code and connected devices that allow exploitation, and it comes in different shapes and sizes that vary from device to device. The term comes from the lack of foreknowledge about what is going on, he said.
"It's like a new biological virus, or plague that we don't have a way of defending against," he said. The best way to fight against these bugs is through good practices.
These bugs are valuable because they take a lot of resources to discover. Because of that, you don't 'burn a zero day' just for fun, he said. Actors must have a very high-value purpose for deploying them.
"Every organization that uses hardware and software potentially has exploitable zero days in their environment—it's just a factor of using technology," he said. "You know that they're going to exist." When organizations assume zero days are going to be there, they can factor that risk into their security model.
By planning for the unexpected and focusing on security basics, companies will be more prepared for when someone drops a zero day on their network, he added.
- Ransomware attacks will target more IoT devices in 2018 (TechRepublic)
- Threat modeling: A critical, yet underused, element of cybersecurity risk analysis (TechRepublic)
- Cybersecurity spotlight: The ransomware battle (Tech Pro Research)
- Cyberwar: The smart person's guide (TechRepublic)
- Stolen data on the dark web is cheaper than you might think (ZDNet)