A serious Business cyber risk: Zero Days on the high rise!
Rik Schoonis
Strategic Business Growth Architect | Security GTM & Channel Expert | Trusted MSP Business Advisor
How do you mitigate them??
More and more entrepreneurs are experiencing cybercrime. In 2020, 40% of IT managers within SMEs had to deal with some form of cybercrime. But what are the biggest cyber risks for your company and how can you protect yourself against them? Are you completely dependent on digital systems in your daily work? Or do you have a lot of physical work that can also continue when your IT fails?
Over the past few months, we have observed an increase in the number of Zero Day attacks. Where in January Zero Day only had a 39% share in online attacks, it now rises, six months later, to 56%. This growing trend of Zero Day attacks is worrying. But how do you protect your company and your employees at home against such attacks?
There are different definitions of a zero-day vulnerability. Usually it concerns a leak in the software that is not yet known to the parent company, but is known to hackers or others who want to abuse it. Some also use the term to refer to a vulnerability that is publicly known, but not yet fixed. Zero-day vulnerabilities can sometimes be hidden for years. At the beginning of this year, the makers of the WinRAR compression program closed a leak that is now nineteen years old.
Cyber criminals not only develop new malware and zero-day attacks, but also reuse tactics that have proven successful in the past. This allows them to utilize as many opportunities as possible within the attack surface. Cybercriminals are trading phishing tactics for the injection of malicious code into publicly accessible Internet services. It's a tactic to overwhelm organizations in the run-up to the busy holiday season.
Half of all cyber incidents are caused by human actions?
A zero-day bug or a zero-day exploit is a leak in software that is discovered by third parties, outside the creator of the software, for which no patch is yet available. Hackers who abuse such a vulnerability, which can be distributed at lightning speed, can, for example, steal sensitive information or passwords via the hole. The name of zero-day exploit comes from the period that elapses before the software producer discovers the vulnerability. An attack that takes advantage of the vulnerability can, so to speak, take place on the first day of discovery, actually day 0 in computer terminology. Hence the name zero-day or 0-day.
What is What?
There are roughly 2 types of software updates. A functionality update makes your software more stable, better or more beautiful. For example: with an update of your favorite webshop software, payment via PAY-Pal is now possible. Functionality updates are almost never urgent.
A security update (security patch) is often urgent. This increases the security of your software by repairing (patching) one or more discovered vulnerabilities. Therefore, never delay installing security updates.
It is not always clear at a glance which type of update is involved. Sometimes it is a mix of both types. We therefore recommend that you install any available updates immediately. That way you always use the best and safest version of your software.
Zero Day Attack Protection
It should be clear that in any case your systems and software must be up-to-date as far as possible. In addition, it is important that you know when your IT environment is vulnerable and that you look for a solution (patch) for the vulnerability.
As soon as a solution is available, install it at the earliest opportunity. Sometimes a solution is not immediately available. In that case, protect the vulnerable system, as far as possible, by additional settings in a firewall or by applying internal network segmentation. This means a lot of manual effort through research and monitoring.
The information is mainly provided to get ahead of the often-slow response from software makers. Companies can then already protect themselves against the zero-day, while the maker still has to start closing the leak.
领英推荐
What can I do to protect myself against a zero day?
It's important to update your devices when a new zero-day vulnerability is patched. It is therefore advisable to keep an eye on new updates. This way you prevent yourself from becoming a victim of a known leak. However, there is a downside: new updates can also contain new vulnerabilities. However, the immediate risk of a criminal using a known vulnerability to break in is greater. In addition, a good virus scanner and firewall can absorb many problems, as long as they are up-to-date. For example, a real-time protection feature constantly monitors whether suspicious programs are trying to reach your files.
Naturally, a reliable and up-to-date virus scanner and firewall takes care of many problems. By applying internal network segmentation via VLANs (virtual local area networks), you apply extra protection and possible isolation in the event of an infection.
Working from home also requires protection
Home workers, on the other hand, are more vulnerable. Security is not nearly as well thought out as in the office. Due to the speed with which employees were given a place at home, there was no time to think or dwell on Security. Productivity came first and security came later. Modern endpoint security that counters these zero-day attacks is a must for good home workplace security. Using a VPN (IPsec or SSL VPN) secures communications to the office, and using multifactor authentication ensures authentication and avoids the use of static or weak passwords.
Securing your IT environment is a continuous process. It's constantly changing, criminals are getting more inventive, and protections are getting better and more sophisticated. Stay alert and keep your business secure!
Build trust and resilience
As an organization you should strike balance between what is needed in a security program and the risks to undertake for the business to move forward. Digital business has created a new ecosystem, one in which partners add new business capabilities and security complexities. The objective is to provide an ecosystem that balances the imperative to protect the enterprise with the need to adopt innovative, new technology approaches to remain competitive.
6 trust and resilience principles
RIK SCHOONIS | 2021 | HEIMDAL SECURITY | WWW.HEIMDALSECURITY.COM