Day One Exploits: How to Effectively Reduce the Threat
Recent Day One attacks have demonstrated how difficult it can be for organisations to react when vulnerabilities are announced.
Cyber hygiene and patching are key measures towards protecting data and systems. However, it’s not always possible or practical to patch when vulnerabilities and associated patches are announced. This problem gives rise to day one exploits.
Day one exploits are responsible for attacks such as the recent Microsoft Exchange attack that compromised hundreds of thousands of organisations. This began as a zero-day exploit and was followed by numerous day one exploits once the vulnerabilities were announced. Day one exploits were also used by Iranian threat actors about a year ago to gain access to financial sector networks via published virtual private network (VPN) vulnerabilities.
The crux of the problem are the hurdles organisations face with patching systems. This is what leads to intrusions on such a large scale. Additionally, once an organisation is infiltrated, recovery can require system rebuilds, as was the case with recent attacks.
