< Back to Blog

2018: The Four zero day attack stats and trends you need to know

December 17, 2018

There was a time when the organizations that got rocked by a zero day attack garnered great amounts of sympathy. After all, how could an organization be expected to deal with the rare occurrence of an unknown threat?

That time has come, and it has very much gone, however. Zero day attacks are now common, and instead of garnering sympathy, businesses that fall victim to these threats will garner eye rolls at best and outrage at worst. While a zero day attack is technically an unknown threat, there is plenty to know about these assaults, and the following four facts are four that organizations need to become very familiar with.

1. In 2018, 76% of successful attacks on organization endpoints were zero-day

Skip the part where you tell yourself the percentage of times it was a zero day attack doing damage to an organization via any of its endpoints can’t actually be that high. According to the Ponemon Institute’s 2018 State ofEndpoint Security Risk report, it absolutely was. This number is even more shocking compared to the 19% of attacks comprised of known threats.

Despite the frightening success of unknown threats, the Ponemon Institute’s report also revealed that 76% of organizations are still using traditional antivirus solutions to protect themselves. Which leads to this next disturbing statistic.

2. IT professionals believe those traditional antivirus solutions can stop just 43% of attacks

Einstein’s famous definition of insanity is doing the same thing repeatedly and expecting different results. Similarly, the IT professional’s definition of insanity must be doing the same thing over and over again and fully expecting to get walloped by a zero day attack.

Traditional antivirus solutions provide organizations with protection that relies on signatures. Zero day attacks do not have a signature. Hardly surprising then that IT professionals are well aware that 57% of attacks are making it past traditional antivirus solutions, according to the Ponemon Institute report. More surprising is that just 38% of IT professionals surveyed by Ponemon plan to replace their traditional antivirus programs in the next 12 months, while 30% will not replace those programs.

3. Thirty percent of malware attacks are zero day, and almost 93% of malware gets in through email

CISOs and other security professionals may not be surprised that a zero day attack can be so common, or that employee emails present such a huge vulnerability, but even so, those numbers are shocking. Nearly one out of three malware attacks is a zero day attack that cannot be detected by traditional antivirus programs, and over nine out of every ten malware threats makes its way into an organization because of a compromised file downloaded from email.

Email has long been recognized as one of the most common attack vectors, and organizations have been working steadily to train employees on the risks clicking on links and downloading files present to the network for just as long. Even so, employee email accounts are basically a wide open door for zero day malware threats.

4. AI is coming for zero day vulnerabilities

The reason AI is so often cited as an x-factor in the very near future of cybercrime is because that’s exactly what it is.

Talking about the zero day attack category specifically, what AI threatens to bring is weaponized fuzzing. Fuzzing is a sophisticated technique used by leading threat researchers to find vulnerabilities in applications, software and hardware by injecting semi-random, invalid or unexpected code. The number of people who can successfully do this is infinitesimal, so it isn’t really used for cybercrime. However, once AI and machine learning get their hooks into fuzzing techniques,not only will criminals be able to mine organizations for zero day attack opportunities and potentially even automate the process of exploiting the discovered vulnerabilities, but malicious fuzzing will very likely also be offered as a service, similar to DDoS for hire services, giving the average person the ability to launch complex and crippling zero day attacks.

Bonus fact: a zero day attack can be stopped in its tracks

Traditional security strategies like employing antivirus solutions, patch management, and sandbox certainly still have their place in cybersecurity. In order to deal with zero day threats, organizations need to get proactive in their security strategies. Securing an organization means securing its entire data flow from every single endpoint by dismantling every incoming file to search for any malicious element – known, unknown, or any other type of threat the dark web can come up with. The time when traditional security measures were effective has come and gone, just like the time when organizations might have been forgiven for falling victim to a zero day attack has.

You’re welcome to try Votiro File Disarmer and experience the power of a truly effective security solution.