Recent months have seen a procession of Java zero-day attacks impact a wide variety of organisations. Simply put, zero-day attacks occur when a problem with a piece of software is discovered and exploited before the developer is even aware that there is an issue.
Facebook, Apple, Twitter and Microsoft have all recently disclosed compromised computers, and many more firms have been hit but not gone public with the information.
The very nature of a zero-day attack means your systems could be vulnerable in the period between the exploit being identified and the patch being deployed by Oracle, the owners of Java.
It’s unlikely we’ve seen the last of these exploits; Java’s rich programming language wasn’t designed for a hostile Internet environment, so it’s likely more vulnerabilities will be uncovered.
There are also many other products running on our desktops that could be susceptible to this style of attack, as has been shown by the recent Internet Explorer zero-day issues.
Traditional anti-virus and perimeter security techniques do not offer complete protection – for this reason, organisations need to review their risk exposure, and plan their responses accordingly.
So what practical advice can we offer:
1. Remove Java?
While many security experts recommend the seemingly straightforward solution of disabling or removing Java from browsers, but this is not always practical.
Some firms will be dependent on Java to run both internal and third party applications. For large organisations, the cost and logistics of ensuring Java is disabled for every browser may be prohibitive.
Many browsers now offer the ability to control how Java is handled, however, and the latest version of Java has enhancements to the control panel settings that may offer you a solution with a little tweaking.
2. Maximise your end-point security
Anti-virus solutions will protect you from the most common exploits once they have been identified, but it’s even more important to ensure:
- You have full coverage across all your end-points
- Security updates are installed on all endpoints quickly
- You have ‘zero-day’ and ‘Host Intrusion Prevention’ features enabled
3. User Awareness
Educating your users about the potential risks, and how to avoid phishing attacks, is a great way to reduce your exposure.
4. Protect your critical information assets
In the longer term, ‘advanced persistent threats’ are likely to increase. Firms need to ask themselves – while making the assumption that their network will be breached at some point in the future – what additional measures could be taken to protect critical information assets in advance, and limit damage.
Zero day attacks are inevitable, so buisnessess need to take steps to protect their data and systems well ahead of time.
It's tempting to put off thinking about these issues, but this is only likely to magnify the amount of damage caused if your system is targeted in the future.