The Zero Day threat nightmare
Recently a flurry of Microsoft (and others) announcements have focused on what’s called Zero Day vulnerabilities. Whenever you hear the term Zero Day, it gets the attention of security personnel and it should get your attention as well. Here’s why.
Last week a Windows printing process was found to have a vulnerability that allows outsiders to access your network and begin malicious processes. This vulnerability, known as “printnightmare”, was a zero day vulnerability. In short, a zero day vulnerability means the people (in this case Microsoft) charged with fixing it were unaware of it as reports of it’s exploitation were being reported. So all of the things we preach – keep your systems updated and patched, ensure antivirus and preferably antimalware is running on your devices and at your perimeter – are rendered almost helpless since the vulnerability (again, in this particular case) is in the actual Microsoft Windows code and is not something you can easily defend against. Generally speaking, a zero day vulnerability means anyone running that device or that software can be attacked with little warning or defense.
How do you defend yourself from a zero day vulnerability? If you’re managing your own network, or you’re IT team is only called upon as needed, then it’s your responsibility to monitor the cyber news world and follow up on the recommendations. In the case of Microsoft, they’re typically quick to issue a patch or mitigation procedures. For example, right now another known vulnerability, known as PetitPotam NTLM is hitting Microsoft Server, and while Microsoft works on a patch, they’ve issued mitigation recommendations.
In the case of the NTLM vulnerability, this is not a zero day vulnerability because it was discovered by French researchers and Microsoft was notified. What’s concerning about zero day vulnerabilities is they are typically discovered by the hacking community, and awareness of the vulnerability surfaces from attack forensics. The fact that we’re seeing more zero day vulnerabilities is an indication that the cyber attackers are becoming increasingly sophisticated, and increasingly patient, as they invest resources into attack vector discovery.
Cyber-attacks continue rising at alarming rates, and so does their success rate. Doing things the same old way with your IT is not good enough any longer. If you’re an office administrator or the sharpest IT tool on the team, and this falls on your shoulders, God Bless you. If you want to consider a professional management alternative, we’re happy to discuss your needs with you, and how we can help.
For more HIPAA information, download our ebook – The Ultimate HIPAA Compliance Handbook.
The HIPAA Security Rule requires the implementation of a security awareness and training program for all members of its workforce (including management). Have your team sign up for a weekly HIPAA Security Reminder to help stay compliant.