What is a zero-day cyber attack?

The name sounds sinister because it’s a hacker’s dream, a secret vulnerability that has no specific defense.


One of the terms you will hear with regularity if you follow cyber security issues is a zero-day attack or a zero-day vulnerability. The name sounds scary and it should. It designates a vulnerability that a hacker has found in a network or product that can be exploited that nobody else responsible for defending the system knows about.

If Microsoft learns of a vulnerability related to Windows, the company will begin finding ways that the program code can be changed or patched to eliminate the problem. In the meantime, it may publicize the vulnerability so users can determine if they are at risk and take other appropriate actions to set up other defenses until the problem is patched. Until the problem is recognized and users are informed, hackers can make use of the vulnerability. The specific term in this case means that the defenders have had zero days to develop a solution.

Here's a nontechnical example: Let's say many of the electrical cabinets and strategic pieces of equipment in your plant are secured with combination padlocks from Whizzo Lock Company. That company has a good reputation, or at least that's what you believe, so you trust that those locks are effective protection.

But let's say some clever individual with criminal leanings begins to study those locks, going so far as to buy the same model and dissecting it. For the sake of the illustration, he discovers to his amazement that all those locks have a built-in master combination in addition to the normal combination. Whizzo designed them such that company service people can open any lock by using this secret combination. Users aren't aware of this capability and therefore do not try to defend against it, as the company only lets a very select group of people know about it. This is analogous to a PLC with a hard-coded user name and password that have been built into a device but not included in the documentation, effectively a special "back door" for servicing.

Or, as a second possibility, let's say the criminal analyst looks at a group of locks and discovers that the serial number actually gives the combination if you know how to decode it. So if someone trying to break it can get to the lock and read the number, he can put it in a calculator and multiply it by the secret factor and get the combination. Again, this is something that the company doesn't tell the general public for obvious reasons. This is analogous to a server with a hard-coded password that can be derived from the MAC address.

As a third possibility, maybe there is a mechanical weakness that he discovers. After looking at the insides, he finds that the lock can be pried open with a crowbar without too much trouble when the dial is set at 39. This was not intentional; it's just a small design flaw that the manufacturer didn't realize. This is analogous to a programming flaw or hardware peculiarity that allows a hacker to break in or otherwise cause mischief.

There are other attack vectors that aren't strictly zero-day but can get the job done. As a fourth possibility, perhaps the user company buys the locks with all the combinations the same so workers don't have to remember more than one. The criminal watches eBay and buys a piece of equipment sold by the company as surplus with the lock still in place and gets the combination that way. This is analogous to facilities selling used PLCs or other equipment with programming, data, and passwords still intact. This is a very common practice, unfortunately.

All of these represent specific weaknesses that have been found in various types of industrial networking hardware and devices, or user practices. If the criminal is aware of them but the users are not, that is effectively a zero-day situation.

This brings up a larger issue related to security that we have discussed in other contexts. As Matt Luallen discussed in July's cover story on problems related to mobile computing, all defensive measures require some measure of trust. If that trust fails, that defensive measure does not give the protection it is supposed to give. If enough of the defensive measures fail, the bad guy gets the run of the network. When the measure fails because of a zero-day vulnerability, you won't know how he got through your defenses. You can take some comfort in that once those problems are identified after somebody else gets hacked, users can take appropriate measures, or at least they should, before they suffer the same fate. Unfortunately, vulnerabilities that are uncovered but not fixed continue to provide attack vectors.

Peter Welander is a content manager for Control Engineering. Reach him at pwelander@cfemedia.com 

This article originally appeared in the August 2012 Control Engineering issue.


Read more about cyber security below. 

Anonymous , 04/21/14 05:38 PM:

Nice imformation congratulations
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2013 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
A cool solution: Collaboration, chemistry leads to foundry coat product development; See the 2015 Product of the Year Finalists
Raising the standard: What's new with NFPA 70E; A global view of manufacturing; Maintenance data; Fit bearings properly
Sister act: Building on their father's legacy, a new generation moves Bales Metal Surface Solutions forward; Meet the 2015 Engineering Leaders Under 40
Cyber security cost-efficient for industrial control systems; Extracting full value from operational data; Managing cyber security risks
Drilling for Big Data: Managing the flow of information; Big data drilldown series: Challenge and opportunity; OT to IT: Creating a circle of improvement; Industry loses best workers, again
Pipeline vulnerabilities? Securing hydrocarbon transit; Predictive analytics hit the mainstream; Dirty pipelines decrease flow, production—pig your line; Ensuring pipeline physical and cyber security
Upgrading secondary control systems; Keeping enclosures conditioned; Diagnostics increase equipment uptime; Mechatronics simplifies machine design
Designing positive-energy buildings; Ensuring power quality; Complying with NFPA 110; Minimizing arc flash hazards
Building high availability into industrial computers; Of key metrics and myth busting; The truth about five common VFD myths

Annual Salary Survey

After almost a decade of uncertainty, the confidence of plant floor managers is soaring. Even with a number of challenges and while implementing new technologies, there is a renewed sense of optimism among plant managers about their business and their future.

The respondents to the 2014 Plant Engineering Salary Survey come from throughout the U.S. and serve a variety of industries, but they are uniform in their optimism about manufacturing. This year’s survey found 79% consider manufacturing a secure career. That’s up from 75% in 2013 and significantly higher than the 63% figure when Plant Engineering first started asking that question a decade ago.

Read more: 2014 Salary Survey: Confidence rises amid the challenges

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.