Zero-day attacks last much longer than most would believe
A new report shows that zero-day attacks are more prevalent than previously thought and persist longer than expected before being detected – in some cases for more than 300 days.
Security firm Symantec published the findings, which showed that the typical zero-day attack, an exploit for a vulnerability for which there is no patch available, lasted about 10 months on average before being discovered.
Through data retrieved from some 11 million computers running Symantec anti-virus software, researchers studied 18 zero-day cases that occurred between 2008 and 2010. They found that the majority of these attacks, 11, involved vulnerabilities that had never before been publicly known. Their report is expected to be presented Thursday at the Association for Computing Machinery's Computer and Communications Security conference in Raleigh, N.C.