Zero-day security attacks reach Judgement Day

24 Apr 13

The recent concentrated security attack in South Korea shows zero-day vulnerabilities remain, while attack innovations are growing in sophistication, intensity and severity.

That is according to Trend Micro who says company researchers raised the alarm about zero-day threats, which also struck against Oracle's Java and Adobe's Flash Player, Acrobat and Reader.

An attack which exploits previously unknown vulnerability in a computer application, zero-day attacks essentially begin on 'day zero'.

As a consequence Micro says the breaches show vulnerabilities are emerging faster than they can be patched and are quickly being incorporated into professional attack kits such as the “Black Hole Exploit Kit.”

“Of course Java is cross-platform and that is somewhat attractive to criminals, but what is really attractive is its vulnerabilities and its ubiquity,” says Rik Ferguson, Security Research vice president, Trend Micro.

“This definitely won't be the last zero-day vulnerability in Java and it won't be the end of the vast attack surface that it currently offers to criminals.”

South Korea attacks:

The high-profile attacks executed in South Korea in March reinforce that theft is no longer the sole focus of hacking efforts according to Micro, but rather these breaches are also designed to cripple critical networks.

“Given the capability of what took place in South Korea, it is likely that increasingly destructive attacks will continue to be a threat,” says Tom Kellermann, vice president, Cyber Security.

“With each quarter, attacks are becoming bolder and more targeted, pointing to concerns far beyond the compromise of personal data.”

Micro's New Zealand senior security architect Peter Benson believes that by their very nature, many zero-day vulnerabilities are not detectable using outdated technology, risking a number of businesses in the process.

"it is likely – and probable - that there are companies already compromised that do not have sufficient visibility to detect or qualify this," Benson says.

"Add to this the additional complexity that the attackers are employing, including logic bombs, time activated code, and automated data collection/infiltration systems, and companies that are not up to speed with the changes to the threat landscape are going to end up in a world of pain."

For the complete Trend Micro’s Q1 2013 Security Roundup Report click here

Share on: LinkedIn Twitter Facebook