Zero-day exploits have been on the rise in recent years but the way in which they are approached by cybercriminals and cybersecurity experts continues to evolve. A zero-day exploit is a security vulnerability that is used to attack users before the software creator can release a patch.
Cybersecurity product developer and provider, Fortinet says organisations must understand how these attacks work so they can take appropriate measures, while still delivering the flexibility required for remote working.
The COVID-19 crisis, for example, has helped to highlight potential security vulnerabilities after the mass transition to remote working. The increased volume of new devices and access points, especially for users, may not have been incorporated into patch management programs previously. This has the potential to leave many organisations vulnerable to attacks.
The shift in working environments has also led cybercriminals to closely monitor many platforms, particularly collaborative and video networking technologies, for new opportunities.
Fortinet regional director for Australia, New Zealand, and the Pacific Islands, Jon McGettigan said, “Vulnerabilities across these platforms already present a risk to businesses. But the increase in potentially vulnerable and unpatched endpoints means there is now an increased attack surface to be exploited. With working from home likely to become the new normal even as physical workplaces start to open back up, cybercriminals will continue to evolve their attacks and take advantage of these opportunities.”
He added: “It’s critical that companies take the opportunity to think more strategically about how to best protect their business both now and into the future. This strategy needs to involve generating more visibility and cohesion across the wider network and investing in technologies that will support this.
“Interconnectivity between security systems is critical in defending organisations against increasingly sophisticated cyberattacks. By using more integrated processes, cybersecurity systems can share information about incidents and events to analyse and correlate data for more protection. This interconnectivity will lead to more advanced cybersecurity systems that can hunt for, detect, and respond to security events and breaches.”
However, technology isn’t the only solution to sophisticated cyberattacks. “Investing in ongoing employee training programs, running regular incident response drills, and conducting wargames can lead to continued learning from previous and anticipated attacks and breaches. Working with partners that can assist in strengthening cybersecurity capabilities is also an essential step.”