Zero-day exploit: an advanced cyber attack defined
A zero-day vulnerability, at its core, is a flaw. It is an unknown
exploit in the wild that exposes a vulnerability in software or
hardware and can create complicated problems well before anyone
realizes something is wrong. In fact, a zero-day exploit leaves NO
opportunity for detection ... at first.
A zero-day attack happens once that flaw, or software/hardware
vulnerability, is exploited and attackers release malware before a
developer has an opportunity to create a patch to fix the
vulnerability—hence “zero-day.” Let’s break down the steps of the
window of vulnerability:
- A company’s developers create software,
but unbeknownst to them it contains a vulnerability.
threat actor spots that vulnerability either before the developer
does or acts on it before the developer has a chance to fix it.
- The attacker writes and implements exploit code while the
vulnerability is still open and available
- After releasing
the exploit, either the public recognizes it in the form of identity
or information theft or the developer catches it and creates a patch
to staunch the cyber-bleeding.
Once a patch is written and used, the exploit is no longer called a
zero-day exploit. These attacks are rarely discovered right away. In
fact, it often takes not just days but months and sometimes years
before a developer learns of the vulnerability that led to an attack.