March 27, 2025
In the television miniseries Zero Day, released by Netflix on February 20, 2025, a former U.S. president is tasked with investigating a devastating, widespread cyber attack across critical infrastructure sectors that caused thousands of deaths and created mass chaos.1 As the show unfolds, several additional attacks occur as the characters race to discover who is responsible.
Although Zero Day is a fictional show that dramatizes the cyber incidents portrayed, it raises awareness of real-world cyber threats to a broad audience who may not have previously considered these risks. Below, our experts highlight the real threats behind the attacks highlighted in Zero Day.
Exploitation of Zero-Day Vulnerabilities
“Zero-day vulnerabilities present a significant real-world threat to organizations, as basic cybersecurity measures, like regular updates and patching, cannot defend against them. These attacks are becoming increasingly common, particularly among ransomware groups. Organizations should incorporate threat intelligence and robust monitoring to identify threats in real time and respond accordingly.”
– Ryan Smyth, Irvine
Attacks on Critical Infrastructure
“Due to their low tolerance for downtime and their potential to cause widespread disruption, attacks on critical infrastructure sectors remain prominent, especially for nation-state sponsored threat groups and also transnational organized criminal groups. To defend against these threats, implementing a strategy focused on defense-in-depth, e.g., network segmentation and access controls, is vital.”
– Matt Chevraux, Washington, DC
Mobile Device Threats
“Our mobile devices are linked to almost every aspect of our daily lives, and threat actors are increasingly leveraging mobile malware, espionage, and spyware against high-profile individuals and executives to steal valuable information, cause reputational harm, or disrupt business activities. High target users should ensure they are using the latest device and remain updated to the latest operating system and application versions. Executives should consider implementing advanced detection and response capabilities to manage risk.”
– David Youssef, New York
Deepfakes, Misinformation, and Disinformation
“The spread of misinformation and disinformation, including the use of AI-generated content like deepfakes, presents far more than just a communications issue for impacted organizations. These false narratives have the potential to not only to create national security risks, but also to destroy brands and enterprise value by eroding consumer and stakeholder trust. Conducting robust content verification and encouraging media literacy among employees will help organizations improve defensibility against digital content manipulation.”
– Sara Murray, Washington, DC
Cyber Attacks on Banks
“The banking industry is particularly attractive for cybersecurity attacks due to ownership of multiple valuable assets – funds, customer information, and proprietary data. Banks have heightened risk through reliance on third-party providers which expands the attack surface. Understanding your unique threat profile will ensure that you effectively safeguard the highest profile and highest risk assets, thereby enhancing organizational resilience and mitigating vulnerabilities.”
– Elizabeth Kwok, Washington, DC
Nation-State Cyber Threats
“Threat actors backed by nation-states have become an increasingly persistent problem for individuals and organizations alike. State sponsored attacks can vary; some focus on causing maximum harm, whereas others focus on stealth to steal sensitive information. Both can have disastrous consequences and can take many forms, including insider threats, ransomware attacks, and espionage. Private sector organizations should be aware of these growing risks and proactively assess their cybersecurity programs with a national security perspective.”
– Ted Theisen, Washington, DC
Insider Threats
“Employees with access to critical assets and networks have the potential to cause significant reputational, financial, and physical harm, whether through negligence or malicious intent. Without proper preventative controls and employee training, organizations remain vulnerable to insider threats that can result in data breaches, stolen proprietary information, and financial loss.”
– Jason Hale, Atlanta
The exact events of Zero Day may be unlikely, but the show brings to light the significant and growing risks that cyber attacks pose to every aspect of our daily lives. Broader public awareness of these threats, and implementing risk mitigation plans, can minimize the impact of an attack and ensure swift response should one occur.
The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates or its other professionals.
FTI Consulting, Inc., including its subsidiaries and affiliates, is a consulting firm and is not a certified public accounting firm or a law firm.
FTI Consulting is an independent global business advisory firm dedicated to helping organizations manage change, mitigate risk and resolve disputes: financial, legal, operational, political and regulatory, reputational and transactional. FTI Consulting professionals, located in all major business centers throughout the world, work closely with clients to anticipate, illuminate and overcome complex business challenges and opportunities. ©2025 FTI Consulting, Inc.
All rights reserved. fticonsulting.com
[1] Keisha Hatchett, “Could a Zero Day Event Really Happen? Hear From the Experts,” Netflix (February 20, 2025), https://www.netflix.com/tudum/articles/zero-day-true-story-facts