There are weaknesses, and then there are vulnerabilities. While most software flaws will at worst cause applications and hardware to malfunction, a zero-day exploit can result in serious problems.
So, what is a zero-day exploit in cybersecurity? In a nutshell, a zero-day exploit is a publicly unknown vulnerability that hasn’t been fixed, and hackers can leverage it to breach network security and you can learn more by doing masters in cyber security. The vulnerability is usually unknown to developers, too, though in rare cases, they may be ignoring the flaw or could have created it deliberately. Some zero-day exploits may be too challenging for everyday cybercriminals to take advantage of. That’s why some gangs create zero-day exploit kits for sale.
As you will learn from the following examples, threat actors can leverage zero-day exploits to devastating effect:
Table of Contents
1. Stuxnet (worm/rootkit)
Stuxnet is the world’s first cyberweapon. Widely accepted as the brainchild of the United States and Israel, the computer worm exploited zero-day flaws in computers at nuclear facilities in Iran to degrade their uranium enrichment process.
Stuxnet quietly manipulated the speeds of centrifuges to cause them to malfunction. It also had rootkit-like capabilities, allowing it to cover its tracks. Although Stuxnet was apparently created only to impact Iran’s nuclear program, it was soon found in the wild. Hackers mutated the sophisticated cyberweapon and used it to attack businesses and other targets worldwide.
2. Pegasus (spyware)
Apple’s products are known for their security in consumer electronics. Apple tightly controls the manufacturing processes and the software for its iPhones, iPads, and other releases. So, many people were surprised when word of a military-grade spyware targeting their products gained traction.
The creation of Israeli cyber-arms company NSO Group, Pegasus can infect iOS and Android devices. Not only did Pegasus take advantage of a zero-day flaw, but it also hits iOS versions up to 14.6 through a zero-click exploit. A zero-click exploit essentially requires little to no user interaction to operate.
Pegasus has many dangerous capabilities. It can read text messages, scan call logs, read passwords, track locations, watch victims through a device’s camera, and eavesdrop on them through their device’s microphone.
State leaders in the Middle East and Africa used the spyware to snoop on journalists, activists, and political rivals. In the United Arab Emirates, agents of the absolute ruler of Dubai and President of UAE Mohammed bin Rashid Al Maktoum used the spyware to hack his ex-wife’s phone, according to a U.K. court ruling.
3. WannaCry (ransomware)
Hackers use many of the ransomware strains that catch mainstream attention today in highly targeted attacks on specific organizations. But some strains of ransomware like GrandCrab, Petya, NotPetya, and WannaCry can spread indiscriminately.
WannaCry hit computers running Microsoft Windows globally in the middle of 2017 by exploiting a flaw. Some experts speculate that the flaw was developed by the United States National Security Agency (NSA) and was leaked into the wild. WannaCry was ultimately stopped but not before causing $4 billion in damage. Interestingly, the strain is still active despite a patch from Microsoft because many computer users still run outdated and unpatched operating systems. It’s essential for especially smaller businesses to patch their computers and learn how to handle ransomware threats.
Malware can already be pretty harmful to computers, devices, and networks. When taking advantage of an unpatched vulnerability, it can be much worse.
