We’ve talked about infections many times, at our location, in our newsletters, and here on this blog. But you might be asking yourself, just how do real infections act in the real world, without being filtered through a maze of possibilities and opinions that each infection seems to have.
Part 1: The Zero-Day Threat
What Is a Zero-Day Threat?
A zero-day threat is a piece of malware that is not recognizable by your protection software because it does not match up to previous infections in the software’s database. These threats exploit vulnerabilities that were probably previously unknown and have not been patched yet. Some zero-day threats have the ability to polymorph, which means the malicious portion of the code changes every time the infection is encountered.
The Real Life Example
Last spring, attackers managed to exploit a zero-day vulnerability in Adobe’s Flash, causing the attackers to gain access to security company RSA’s servers and sensitive information. The multi-layered attack targeted unwitting employees of RSA through an email claiming to be from the company’s human resource department. When employees opened the spreadsheet, they inadvertently activated the malicious code within the infected file.
How Do I Protect Myself?
Without very expensive, corporate-level software, the average person can only do so much to protect themselves from zero-day threats. Keeping your operating system and antivirus as up to date as possible and making sure that you look before you open things are the only ways to keep yourself from catching a zero-day infection.
However, to put it into better perspective, most zero-day threats do not target the average home user. Many zero-day threats are designed with attacking specific companies or organizations in mind and won’t do much good if someone else happens to contract the infection on accident.