SHOW
Just as it sounds, zero-day vulnerabilities give the vendor zero days to react: Once these vulnerabilities are discovered, an attacker can exploit them before the vendor has a chance to remediate. Within this window, attackers can exploit the newly-discovered vulnerability, either before vendors are able to create a patch or after a patch is released, but before IT teams can roll it out.
While zero-day attacks are not a new phenomenon, things have changed over the last few years. First, the frequency of zero-day attacks is increasing. 80% of successful breaches are caused by new or unknown zero-day attacks, with that number expected to keep on growing over the coming years.
While no single technology is going to offer enough protection against the kind of threats discussed here so far, MSPs can provide a greater degree of security using a combination of cyber protection services specifically focused on avoiding or mitigating the effects of zero-day attacks.
The basic functions of a firewall are well established:
• Filter and verify network traffic, and monitor for suspicious behaviour
• Close vulnerable ports and block unauthorized traffic
Firewalls provide a vital defence system, particularly with the addition of layers such as URL filtering, which blocks access to known malicious sites, stopping malware in its tracks.
Although the popular perception is that they are not ideal to anticipate and defend against zero-day (or unknown) attacks, in fact they’re a vital part of an organization’s overall security preparedness. For instance, by blocking unnecessary ports and traffic, as well as through other features such as URL filtering, WAF, and IPS, firewalls can be a crucial first line of
defence.
Having a system in place for backup and recovery provides essential protection against a wide range of catastrophes, both accidental (data deletion, hardware failure) and intentional, which includes data loss from a malware attack. A comprehensive backup strategy should include:
Securing data with a comprehensive backup strategy is a basic step that is surprisingly often neglected. With an effective backup program in place that takes a standard 3-2-1 approach (3 copies of data on 2 different media including 1 copy in a different physical location), client organisations have peace of mind knowing that their vital business data is secure — and avoid steep ransom payments to recover data that’s been hijacked, corrupted, or encrypted in an attack.
These solutions integrate machine learning (ML) to analyse complex heuristics and flag events based on statistics; while they may take some effort to configure and train, they can expand security capabilities considerably.
Many of these tools are agent based, but can be a useful complement for responding to advanced attacks and remediating breaches.
