In the past few weeks, the likes of Microsoft, Google and Apple have each released updates to address new zero day vulnerabilities. A particularly dangerous cybersecurity challenge, zero day exploits are unknown to the organisations and individuals being targeted, and unfortunately, it’s much harder to defend systems against these attacks. As a result, organizations the world over continually operate with major blindspots in their cybersecurity defences.
The risks associated with zero day have given rise to a permanent cycle of remediation work vendors carry out to keep pace with cybercriminals, who are constantly finding new ways to exploit weaknesses in infrastructure, software and applications. Fixing zero day exploits has even become a regular part of the cybersecurity calendar, with Microsoft and others releasing fixes as part of their monthly ‘Patch Tuesday’ updates.
As we discussed in our recent blog, this brings its own difficulties. For instance, the day after Patch Tuesday has become known as ‘Exploit Wednesday’ when cybercriminals typically release further exploits for systems that haven’t been updated the day before.
The 18 Day Vulnerability Window
The issues don’t end there, however. Even before vendors release patches, new zero day exploits can remain active and undetected for anything up to 18 days until antivirus and sandboxing technologies are updated to mitigate the risk or software fixes emerge.
During that window of vulnerability, unprotected infrastructure remains open to attack and as a result, zero day exploits have become a preferred way for cybercriminals and nation state hackers to gain access to networks or to deliver malware.
Zero day exploits can remain active for up to 18 days before AV and sandboxing solutions are updated.
Adding to the challenge is that most security strategies are designed to react to security risks, particularly those that arrive through the billions of files and documents being sent and shared every day.
Think of it this way: Approximately 1 in every 100,000 files contain malicious content, with 98% unknown to antivirus solutions – effectively making it invisible to reactive cybersecurity technologies. Instead, security teams need to be given advanced tools so they can take a proactive posture to the risks posed by zero day vulnerabilities.
Glasswall takes a proactive approach to file based threats – our Content Disarm and Reconstruction (CDR) technology identifies and removes risky, zero-day file-based threats from all files in moments – minimising downtime and disruption often caused by traditional antivirus or sandboxing solutions.
The process requires no blocking, no patching, and with no false positives to hold back important business documents, only safe, secure and trusted files are delivered. The result is that when every file sent or received – via email or the cloud – has been Glasswalled, it can be treated with confidence by organisations fully protected from zero-day malware threats.
To read more about the Glasswall CDR solutions portfolio, click here.