Zero-day attacks on Chrome

Microsoft warns that there is an ongoing zero-day attack on Chromium systems, including Chrome and Edge. Users are recommended to take extra care and update as soon as possible.

Forbes writes that the North Korean hacking group called Citrine Sleet is behind the Chrome hack. The attack is mainly focused on cryptocurrency holders, but as with any vulnerability it can be exploited further and target other user groups as well.

A zero-day attack is an attack using a previously unknown vulnerability. These attacks are uniquely threatening because there is no system in place to prevent them yet; generally, such a vulnerability becoming known becomes a race between the malicious actors to exploit it, and the creator of the system to patch it.

What can you do to not be affected?

The only way to help avoid being affected by zero-day attacks is to adhere to industry best practices and do your best to not expose yourself or your company to risk. By their very nature, zero-day attacks are very hard to detect or stop. As such, once an attack on your organization has begun, you are in trouble.

At that point, your best hope is that you have good recovery processes in place. While the attack itself is unlikely to be easily stopped, adhering to industry best practices with regards to disaster recovery is likely to prove extremely beneficial, allowing you to roll with the punches much better and get your organization back on track with minimal disruption or financial harm.

One of the key aspects of disaster recovery is keeping a data protection and retention system – an archive or backup – present and up to date to help maintain your organization’s data integrity. Here, TECH-ARROW can help; if you would like to draw on our combined decades of experience in the field, contact us and set up an appointment to discuss the future of your data.

 

Your Data In Your Hands – With TECH-ARROW

by Matúš Koronthály