Organizations which deal with highly valuable confidential information are usually the main targets for ackers to discover vulnerabilities as those vulnerabilities can then be sold to malicious groups for a significant amount of money. These can have catastrophic consequences for the organization that has their security compromised, and their users who can have their private confidential information stolen. All of which can result in immeasurable losses.
Cases:
❖ A zoom vulnerability zero-day attack was put up on the market for around half a million dollars at the beginning of the pandemic.
❖ Stuxnet was a worm that was used to target Iran’s uranium enrichment plants by taking advantage of the software running on Industrial computers, the PLC’s, in the plant
❖ Sony’s zero-day attack which crippled its network and led to the release of sensitive corporate data on file sharing sites