Read the story here. Advertise at Before It's News here.
Profile image
Story Views
Last hour:
Last 24 hours:

Zero-Day - A Hacker’s Pleasure

% of readers think this story is Fact. Add your two cents.

Hackers were able to exploit a little known zero-day vulnerability within Sony’s network to gain access to a veritable mountain of data and help them disrupt a substantial amount of the studios network infrastructure.  The idea of Zero-Day attacks are nothing new to the cybersecurity community but the majority of the public and even Sony execs have had a difficult time wrapping their heads around it.  What is it?  What does it do?  How did they do it?  What can be done to prevent it? These questions were asked repeatedly in the weeks and months after the attack which occurred in late 2014.

Zero-Day attacks or vulnerabilities get their name from the fact that programmers, developers and code-writers have no time, literally zero days, to correct a program’s code before it can be exploited.  The existence of the vulnerability itself may have been caused by an oversight, an error, or even something as little as a mistyped line of code in the software.  Small a flaw as they may be, they are still chinks in the armor and can be exploited by a hacker with the eye to find them and the skills to take advantage of them.

When hackers find these vulnerabilities they act upon them, attacking them and either release malicious code into the network or extract data from it.  However, money speaks louder than code and if a hacker deems that they are better off selling the information then they can sell the existence of the vulnerability as well as its exploit on the black market.  That sounds like something out of a movie!  It does, on the Dark Web (the notorious digital black market) there are entire marketplaces dedicated to the rent, sale and re-sale of zero-day attacks. Scary stuff.

The Sony case is interesting because it seems to be as a result of a complex and highly targeted attack.  Yes, the vulnerability existed within Sony’s network but hackers had to get to it first.  It appears that the hackers employed a spear phishing attack by inserting malicious code into an email which was sent to an unsuspecting employee.  Once the attachment containing the malicious code was opened it quickly created an opening in Sony’s system in which the hackers were able to take advantage of the vulnerability.  The result, Sony suffered the worst corporate hack in history.

In an attempt to identify and patch these Zero-Day vulnerabilities, developers, programmers, companies and cybersecurity firms employ “Red Teams”.  These are freelance hackers paid to attack and seek out vulnerabilities within their clients’ systems.  This sole practice has prevented many hack and security attacks, but no human created system is perfect and one or two elements will tend to get overlooked from time to time.  It is at those times that you hope these hackers don’t sniff out the weakness in your companies code.

So what can be done to combat these zero-day attacks? Well, not a great deal as coders are human beings that do make mistakes! However if you are writing code of any kind, as the old saying goes, measure thrice, check twice, cut once. Check, check, check again and then implement it. And make sure you test your code before the application or software you’re writing goes from development to production stages. If you can afford a security audit of your code and application, as well as an external vulnerability check from a strong security professional (or indeed a Red Team), that is a very wise precaution.

Before It’s News® is a community of individuals who report on what’s going on around them, from all around the world.

Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.

"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.

Please Help Support BeforeitsNews by trying our Natural Health Products below!

Order by Phone at 888-809-8385 or online at M - F 9am to 5pm EST

Order by Phone at 888-388-7003 or online at M - F 9am to 5pm EST

Order by Phone at 888-388-7003 or online at M - F 9am to 5pm EST

Humic & Fulvic Trace Minerals Complex - Nature's most important supplement! Vivid Dreams again!

HNEX HydroNano EXtracellular Water - Improve immune system health and reduce inflammation

Ultimate Clinical Potency Curcumin - Natural pain relief, reduce inflammation and so much more.

MitoCopper - Bioavailable Copper destroys pathogens and gives you more energy. (See Blood Video)
Oxy Powder - Natural Colon Cleanser!  Cleans out toxic buildup with oxygen! 
Nascent Iodine - Promotes detoxification, mental focus and thyroid health.
Smart Meter Cover -  Reduces Smart Meter radiation by 96%!  (See Video)

Report abuse


    Your Comments
    Question   Razz  Sad   Evil  Exclaim  Smile  Redface  Biggrin  Surprised  Eek   Confused   Cool  LOL   Mad   Twisted  Rolleyes   Wink  Idea  Arrow  Neutral  Cry   Mr. Green

    Load more ...




    Email this story
    Email this story

    If you really want to ban this commenter, please write down the reason:

    If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.