Sign In

Communications of the ACM

ACM News

2021 has Broken the Record for Zero-Day Hacking Attacks

View as: Print Mobile App Share:
Artist's representation of a hacked laptop.

Powerful groups are all pouring heaps of cash into zero-days to use for themselvesand theyre reaping the rewards.

Credit: MS Tech/Getty

A zero-day exploit—a way to launch a cyberattack via a previously unknown vulnerability—is just about the most valuable thing a hacker can possess. These exploits can carry price tags north of $1 million on the open market.

And this year, cybersecurity defenders have caught the highest number ever, according to multiple databases, researchers, and cybersecurity companies who spoke to MIT Technology Review. At least 66 zero-days have been found in use this year, according to databases such as the 0-day tracking project—almost double the total for 2020, and more than in any other year on record.

But while the record-setting number grabs attention, it can be hard to know what it tells us. Does it mean there are more zero-days being used than ever? Or are defenders better at catching the hackers they would have previously missed? 

"An increase is for sure what we're seeing," says Eric Doerr, vice president of cloud security at Microsoft. "The interesting question is what does it mean? Is the sky falling? I'm in the camp of 'Well, it's nuanced.'"

From MIT Technology Review
View Full Article



No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account