In 2015, the number of zero-day vulnerabilities discovered more than doubled to 54 – a 125 percent increase from the year before, according to Symantec.
A new report from security firm Symantec has revealed that hackers are increasingly exploiting unknown security flaws in software.
[Tweet “In 2015, the # of zero-day vulnerabilities found more than doubled to 54 – a 125% increase from 2014”]
So-called zero-day vulnerabilities are flaws that are unknown to software makers. They’re particularly sought after as they give hackers a free hand to exploit weaknesses as software teams, unaware of the problem, cannot provide fixes.
According to Symantec, 54 such flaws were discovered and utilized by hackers in 2015, the equivalent of one for every week of the year, and a significant increase from 24 and 23 similar vulnerabilities identified in the previous two years.
The top five vulnerabilities last year left companies exposed for a total of seven days to potential attacks.
While most attacks happen due to businesses and organizations not having the latest protection patches installed, the rise in so-called exploit kits sold in underground forums has allowed a wide range of people to discover and employ zero-day holes, enabling hackers to install ransomware, steal data and access financial records.
Staying safe from Zero Day attacks
Unfortunately, zero-day vulnerabilities cannot be stopped by traditional security software because the software makers aren’t even aware they exist and therefore have yet to create the patch needed to fix them.
With these kinds of attacks on the rise, it’s an excellent idea to have some additional lines of defense. While you can’t always stop such attacks, you can put measures in place to make sure that you’re aware of them as soon as possible.
One great extra security tool is employee monitoring software.
Monitoring for Suspicious signs
Employee monitoring software can be easily installed remotely from the cloud into all of your organizations’ computers, tablets, and smartphones. The software will then monitor all the websites and applications that each of those devices uses as well as all emails and messages that they receive and send.
Managers can quickly set it up to be alerted if selected applications, websites or files are accessed or messages containing selected keywords sent or received.
It’s a good way to be immediately alerted to any unusual activity on any of your company devices and to get to any breaches early before they can do some serious damage.
What say you
On a scale of 1-10, how big a threat do you believe zero-day vulnerabilities are to your business?
Let us know in the comments section below.