FAQ: Common Business IT Questions Answered

What Is a Zero Day Attack?

what is a zero day attack

A zero day attack involves a cybercriminal exploiting an unpatched or unknown vulnerability for the first time (aka a zero day vulnerability).  

Some examples of zero day exploits include:

  • New or undetected malware.
  • A known vulnerability that had never been exploited before.
  • A previously unknown vulnerability that is exploited.

In some cases, a system’s vulnerability is known, but it is not known how that vulnerability could possibly be exploited. Vulnerabilities can sometimes be discovered once people figure out how to exploit them. This is why there is often a gap between a zero day vulnerability and a zero day exploit.

Organizations and websites track critical vulnerabilities and exposures to distribute  to others. They maintain updated lists of these and then release patches that will fix the system flaws. Once the patch is released, it is no longer considered a zero day vulnerability.

You might be surprised to learn that an everyday, run-of-the-mill antivirus or anti-malware software can’t protect you against zero day attacks. These software tools can only look for what they know for certain is out there, and because zero day exploits occur from the three examples listed above, IT systems are never fully protected all the time. This is why it’s important to make sure your company is taking cyber security seriously.

You May Get Hacked

Know What to Do with our Checklist

Whether you've been hit by ransomware or are just worried about a ransomware attack, this checklist can help. This one page checklist has simple instructions to help your team act fast and feel confident in how to respond. Print, post and prepare your team wo know what to do in a ransomware attack.

Get The Checklist

Become a SWAT Insider

Join the SWAT Systems community and get important IT insights and trends from our team of pros each month. You'll learn ways to solve common problems and keep IT operations running smoothly.