How organisations should react to zero-day threats

ramsac zero day blog

Cyber resilience is critical in today’s omni-connected world, we are all being attacked all of the time and if you don’t think you are, you’re simply not looking hard enough. That being the case it is essential that we ensure our knowledge and awareness to the risks and solutions remains both current and informed. Cybercriminals are constantly looking at new ways of exploiting vulnerabilities in an organisation’s defences and one of the more difficult to protect against are Zero-day threats.

 

What is a zero day threat?

A zero-day threat (also known as zero-hour threat or a zero-hour attack) is an attack by a cybercriminal that exploits a potentially serious software security weakness that the vendor or software developer may be unaware of.  The problem is that these are new vulnerabilities which have not occurred before thus don’t match any recognised malware signatures in antivirus solutions which make them very difficult to identify.

 

These attacks often take place through web browsers or via emails containing malicious attachments. The reason for the name zero days is because the developer has zero days to fix the vulnerability (as it has already been exploited) so they need to race to release a patch before hackers exploit the weakness further.

 

What problems do Zero-day threats cause for organisations?

Zero-day threats are particularly dangerous as there is either no known security fix for the vulnerability because it has not been identified previously, or a patch/fix has yet to be released that addresses the vulnerability and developers are still working on a patch.  If successful the malware can steal your data, corrupt your files, install spyware to access sensitive information, access your contacts, compromising your organisation.

 

A well know example of a zero-day attack was a few years ago when Sony Pictures were targeted, hackers managed to access their network and released sensitive information from Sony, including copies of new movies awaiting release, business dealings, top management email communications and business plans.

 

How organisations can react to these vulnerabilities

By definition zero-day attacks are hard to defend against. The main thing an organisation can do is to keep their software up to date, ensure any patches, fixes and updates are applied as soon as they are released. When zero-day threats are announced, check for a solution, most software vendors are quick to release patches. Use enhanced next generation antivirus, solutions like Sophos intercept X include advanced threat detection powered by artificial intelligence and exploit prevention to help protect against hackers exploiting new vulnerabilities.

 

If you think you have been infiltrated by a zero-day attack, take your network offline so it can be investigated and the source found, this then enables appropriate patching of your end-points.

 

Finally have a cyber incident response plan in place (GDPR requires all organisations do this) so if your organisation does suffer from a breach you have a up to date (well tested plan ) that details how the organisation should respond to minimise the impact of a cyber-attack, (this is like the ‘in-case of fire’ instructions found on hotel bedroom doors but dealing with the response steps in case of a cybersecurity incident), wasted time and/or panic in the event of an incident will cost you money!

 

Every business needs to have an adequate CyberSecurity detection, mitigation, and prevention strategy in place. ramsac can help you with all aspects of cyber resilience, if you have questions or need help please contact us and we can organise a consultation.

 

Protect your organisation from Cybercrime.

IT systems are under attack on a daily basis, from a huge variety of cybersecurity threats, find out how to protect your organisation

Related Posts

  • Understanding Data Exposure Risk in SharePoint and OneDrive

    Understanding Data Exposure Risk in SharePoint and OneDrive

    CybersecurityMicrosoft 365Technical Blog

    As the way we work continues to evolve, proactively managing data exposure in SharePoint and OneDrive is essential to safeguard sensitive information and maintain trust in an AI-driven world. [...]

    Read article

  • Cyber Essentials: Transitioning from the Montpelier to Willow Question Set

    Cyber Essentials: Transitioning from the Montpelier to Willow Question Set

    Cybersecurity

    Cyber Essentials is evolving, on April 28, 2025, the Willow question set will replace Montpelier. Discover what’s changing, how it affects your certification, and how ramsac can help you [...]

    Read article

  • How to know if a Microsoft security alert is real

    How to know if a Microsoft security alert is real

    CybersecurityMicrosoft 365

    Microsoft security alert emails help you to know if someone is potentially trying to illegally access your Microsoft account. However, scammers and cybercriminals are well aware of this and [...]

    Read article

  • Infographic: Cybersecurity protection vs home protection

    Infographic: Cybersecurity protection vs home protection

    Cybersecurity

    Just like protecting your home requires more than a single lock, your business needs multiple layers of cybersecurity to stay resilient. Discover how home security principles apply to cyber [...]

    Read article

  • Hacker Misconceptions: The Good, The Bad, and The Grey

    Hacker Misconceptions: The Good, The Bad, and The Grey

    Cybersecurity

    When you hear the word hacker, you probably think of criminals in dark hoodies, but the reality is far more complex—some hackers protect us, some exploit us, and some [...]

    Read article

  • Social Engineering: The 7 most common tricks cybercriminals use (and how to stop them)

    Social Engineering: The 7 most common tricks cybercriminals use (and how to stop them)

    Cybersecurity

    Discover the top 7 social engineering tricks cybercriminals use to manipulate people into giving away sensitive information, and learn practical steps to protect yourself and your organisation from these [...]

    Read article

Quiz yourself

Are you more cyber savvy than an 11 year old?

11-14 year olds get asked these questions in school. Could you get these right?