A zero-day attack a cyberattack that takes advantage of an unknown or unaddressed security flaw in computer software, hardware or firmware, according to IBM. The “zero-day” part refers to the fact that the software or device vendor has zero days to fix the flaw, because bad actors already can use it to access systems. In a zero-day attack, a malicious actor plants malware, steals data or otherwise causes damage to the computer product users, organizations or systems.
Deeper Dive
The Department of Health and Human Services in 2021 issued a threat brief about these attacks exploring the threats they post to health care. The most effective mitigation, it said, is patching, which can be difficult on older, legacy systems.
In one notable example from 2020, zero-day vulnerabilities were found in the health care records application OpenClinic, which could have exposed patients’ test results. Developers of the program were unresponsive to reports of four zero-days, and so users were urged to stop using the program. Otherwise, unauthenticated attackers could have successfully requested files containing sensitive documents from the medical test directory.
Other ways to try to prevent the attacks include having a web-application firewall to review incoming traffic and filter out malicious input, the document said.