What Is a Zero Day Attack?

A zero-day attack is a cyber security breach that occurs when a hacker exploits an unpatched or unknown vulnerability for the first time (this can also be referred to as “zero-day vulnerability.”)  Here are some examples of zero-day exploits:

• A formerly unknown vulnerability that is exploited 
• Undetected or new malware 
• A known vulnerability that has never been previously exploited

Critical exposures and vulnerabilities are tracked by watchdog tech organizations and websites to distribute to others. Lists of these exploits are tracked, and then these websites and organizations release patches that will fix them. Once the software patch is released, a “zero-day vulnerability” is no longer considered a zero-day vulnerability.

There is often a gap between a zero-day vulnerability and a zero-day exploit. Sometimes, the vulnerability is known, but exploiting the vulnerability might still be a mystery. Additionally, vulnerabilities can sometimes only be discovered once people figure out how to exploit them. 

Your average anti-malware and antivirus software can only seek out what known vulnerabilities and exploits are out there, and as a result, they do not protect against these threats.

Over 50 percent of all small and mid-sized businesses have been victims of cyber attacks. Download our free Cyber Security Essentials Checklist to help keep your business secure.