Welcome to Zero Day
No, it’s not the day when people are celebrated for the lack of accomplishments in their life. Keeping with the times and our ever-evolving language, “Zero Day” isn’t even a day at all. It’s more of an awareness. And, at that, it’s an awareness of vulnerability—the vulnerability in a piece of software.
But Zero Day is too cool and ominous-sounding to be the label for something so meta, right?
That’s true. But what warrants its cool/ominous epithet is that this vulnerability isn’t necessarily known by the guys in the white hats.
See, as soon as anyone—including the guys in the black hats—finds a vulnerability in your favorite app, operating system, website, etc., that’s a Zero Day. And all the bad stuff that can occur because of this awareness is also wrapped up in this terrible glitter bomb we call Zero Day.
Zero Day: The Origin Story
“Zero Day” now refers to the number of days since a particular app’s vulnerability has become exposed, but that wasn’t always the case.
Once upon a time, when apps were called programs and the internet was beginning to stir in the primordial ooze that was made up of the digital bulletin board systems (BBS) around the world, the idea of Zero Day came into being.
Back in those dark times, hackers would prowl the internet looking for software to steal and pirate on the BBS.
It became something of a competition to steal a program as soon as possible and then post the number of days since its public release alongside the pirated program itself. The digital pirates would break into the systems housing a piece of software that was ready for release, yet unreleased to the public. When such a program was stolen from hard-working software developers, the pirated software fell into the ignoble class of Zero Day software.
Because of this, the idea of a Zero Day became synonymous with vulnerability, and now, even into today’s much more digitally advanced age, the name has stuck.
Noteworthy Zero Day Instances Making Headlines
Zero Day attacks occur several times every year and with unpleasant implications for everyday people.
In what might be the most devastating Zero Day hack attack in the brief but brilliant time civilization has been accelerating down the information superhighway came the Zero Day attack that befell Sony Pictures in 2014. And while the exact vulnerability that led to the attack is still unknown to the public, the results are well-documented.
For weeks, hackers tromped around the corporation’s system network, stealing everything they could get their hands on. From emails and confidential employee records to financial data, unreleased movie scripts and even a handful of finished movies, they stole all of this and published it all on multiple file share websites. Then, to really rub salt in the wound, they completely wiped Sony’s network.
A few years later, in 2016 a Russian cybercriminal found another major Zero Day vulnerability that he sold on the dark web. This particular vulnerability allowed the wielder to gain admin-level rights on any Windows-based machine using the current Windows 10. It had the added benefit of being backwards compatible all the way to Windows 2000. Used alongside other malware that would give a hacker basic access to an innocent person’s operating system, this vulnerability was able to hurt everyone from corporations to the innocent individual.
In 2017, exploiting a zero-day vulnerability in Microsoft Word, hackers were able to trick users into clicking ‘yes’ on a seemingly benign pop-up, only to have their bank accounts exposed.
And in 2020, with most of the world working from home and using Zoom to stay in touch with co-workers and loved ones, hackers found multiple zero-day instances in the beloved app allowing them to remotely access a user’s operating system. If that user had admin privileges, then the hacker had free reign over all their personal data.
How a Zero Day Makes the Bad Things Happen
Hackers and cybercriminals use a variety of techniques to seek out the vulnerabilities in the software and apps we all know, love and use every day, like an automated static analyzer.
This type of tool analyzes the program without actually running the program (that would be a dynamic analyzer). And it doesn’t analyze the program like we would if we were using it. It actually pokes and prods at the source code itself to find the weaknesses that are likely hidden from normal use.
Another common method for exploiting Zero Day issues is an old favorite of the internet: phishing.
You know this trick. The bad guys send out an email in broken English to people like your Uncle Terry, promising riches to whoever clicks on their suspicious hyperlink string of alphanumeric characters. Uncle Terry already has a bad leg and is barely making it on government help, so what does he have to lose? He clicks the link and winds up on some crazy website filled with GIFs of flying monkeys singing the theme song to Donnie Darko before realizing he’s been had. Yes, he shuts down the browser, but not before his computer downloads all sorts of files from the malicious website. Files that are now sitting on Uncle Terry’s computer. Now, everything Uncle Terry does, from watching cat videos to reapplying for government help and sending out resumes for his next job—giving out his social security number and other personal details with abandon—have now found their way onto the darker side of the internet.
And those files that are sitting on his computer, they aren’t just stealing his information. They are viruses and worms and ransomware, or at least the seeds of them. Remember that Zero Day from the Russian cybercriminal? What if some of his files were uploaded during the opening insane melody of the Donnie Darko theme? At night while Uncle Terry has nightmares of flying monkeys, the guys in the black hats can access Uncle Terry’s computer and do all sorts of bad things in Uncle Terry’s name. And the really awful thing is that the bad guys are always looking for new ways to take advantage of people. Before long there will be a new way for the bad guys to do their worst. And who’s going to find and stop the next threat?
What should you do if you’re involved in a Zero Day hack attack?
In terms of a Zero Day attack, the best thing individuals and companies can do to protect themselves and their employees is to have a strategy that addresses the inevitable. It’s really just a numbers game at this point. If we are going to have a presence on the internet, we will without a doubt find ourselves in a position of vulnerability at some point in the future. So how do you deal with it?
In terms of your personal computer, the first and easiest step is protecting your system from malware. The market is filled with good, commercially available (and sometimes free) resources to help protect a person’s computer against malicious apps meant to open windows and back doors for the guys in the black hats.
If a Zero Day hack has happened to an institution or company that has your personal information on file (remember the Sony attack of 2014?), it’s a good idea to change all of your passwords. Like, immediately.
This is a good habit to get into regularly anyway, but especially after there has been a breach involving your personal data. And remember, don’t reuse old passwords. This is a terrible habit to get into. Yes, it’s easiest just to add a number at the end of your “regular” password and cycle through, adding one to that number every time you change your password. But seriously, if you came up with that idea without any thought, imagine how easy it would be for someone who wanted to break into your computer to do so with such a weak protection scheme before them.
Can’t I Do Anything Else About a Zero Day Attack!?
You can, but it’s not for everyone. For most people, just keeping a good defensive strategy in place is a great answer.
I mean, it would be great if everyone understood the basics of object-oriented programming and could explain the difference between static and dynamic IP addresses, but again, it isn’t for everyone.
But for some…
For some, reacting to a bad situation after the fact isn’t good enough. For some, just putting up a firewall and hoping the bad guys don’t get through, isn’t enough.
Some people feel a sense of responsibility for their loved ones and their loved ones’ loved ones and for the strangers all around them. For these people, a little education can go a long way to protecting people everywhere. And at UAT, you can get your degree in one of our industry and government-recognized Cyber Security degree programs including Network Security, Network Engineering or Technology Forensics and be on the frontlines of defending those who can’t defend themselves. You can also take your career opportunities to an advanced level with UAT’s Master of Science in Cyber Security.
So, if you have a technical, creative mind, contact us at UAT today to learn more about our Cybersecurity degree programs. After over 20 years, we have one of the longest-running cyber security degrees in the southwest, and our complete continuum of undergraduate and graduate cyber security degrees have prepared thousands of ethical hacking, network security, and cyber security graduates. On top of that, the NSA has designated UAT as a Center for Academic Excellence training center in cyber defense—we don’t take this lightly!
Before you know it, you may find yourself uncovering a potential Zero Day attack before the bad guys do.
Your Uncle Terry will thank you.