Zero-Day exploits are some of the most challenging vulnerabilities in cybersecurity. They're impossible to predict, and they have the potential to open a Pandora's box of mayhem.
But twins at Vanderbilt University just developed a new approach to Zero-Day exploits that can keep you, the Internet of Things (IoT), and your organization one step ahead of hackers.
How do you limit the Zero-Day vulnerability problem?
Traditional cybersecurity approaches to Zero-Day exploits are reactive.
A major technique in cyber defense involves patching and fixing known vulnerabilities. But no one knows when Zero-Day vulnerabilities will appear or when hackers will exploit them. That challenge holds cybersecurity professionals back.
But now, Brad and Tim Potteiger are offering a new strategy they are calling "moving target defense."
Cybersecurity paradigm shift: what is moving target defense?
The twin brothers, both Vanderbilt graduates, say this cybersecurity method turns the tables through moving target defense. Here's how it works:
"The proactive, preventive approach of moving target defense works by randomizing the memory structure of memory applications to significantly mitigate the ability of an attacker to find vulnerabilities in the first place. With this approach, the vulnerabilities move around, giving hackers a very narrow window of time to find and exploit them, greatly reducing the chances that they will."
Like we said, one step ahead.
According to Brad Potteiger, they want this technique accessible and easy to use.
"Nation-states like Russia, China and North Korea aren't as focused on attacking the federal government as they once were. They're now targeting mom-and-pop businesses, who lack the financial means to protect themselves from such attacks, to create chaos throughout society because they see that as a better return on their investment.
Our goal is to democratize cybersecurity by offering moving target defense to small businesses, hospitals and a range of other stakeholders so that we can empower people who don't have the resources of the federal government."
Brad Potteiger says he conceived of moving target defense while working on his PhD in electrical engineering.
Believing that his novel idea will shift the paradigm of cybersecurity, he and his brother are now trying to commercialize this strategy for cyber defense.