DROWN exposes an old wound in HTTPS websites

A third of computers using the HTTPS protocol are vulnerable to the DROWN attack, researchers say

A vulnerability present in 33 per cent of all HTTPS servers is exposing thousands of sites to so-called DROWN attacks, letting hackers decrypt secure communications and access passwords, emails and credit card details.

DROWN stands for 'decrypting RSA with obsolete and weakened encryption', and it exploits servers that support SSLv2 connections, according to the university researchers who uncovered the flaw.

While modern servers and clients use the TLS encryption protocol, many still support SSLv2, which is known to be insecure but has not been considered a major issue until now.

All servers that allow SSLv2 connections are at risk from DROWN, as are servers whose private keys are used on another server that allows SSLv2 connections.

Advertisement
Advertisement - Article continues below

Popular sites affected by the vulnerability include Yahoo, Weibo and BuzzFeed, the cybersecurity researchers from universities in the US, Israel and Germany claim, but mail servers and TLS-dependent services are also at risk.

The researchers, who also include a Google security team member, urged operators of such servers to apply a fix for the flaw.

They said: "We have no reason to believe that DROWN has been exploited in the wild prior to this disclosure. Since the details of the vulnerability are now public, attackers may start exploiting it at any time."

The vulnerability is in part down to the US government's restrictions on strong cryptography before the late 1990s, the researchers said, meaning that this weaker cryptography is still supported by various servers today.

"Although these restrictions, evidently designed to make it easier for NSA to decrypt the communication of people abroad, were relaxed nearly 20 years ago, the weakened cryptography remains in the protocol specifications and continues to be support by many servers today, adding complexity and the potential for catastrophic failure to some of the internet's most important security features," they added.

The report was developed by researchers from Tel Aviv University, Munster University of Applied Sciences, Ruhr University Bochum, the University of Pennsylvania, the Hascat project, the University of Michigan, Two Sigma, Google, and the OpenSSL project.

They have not disclosed the code behind their theory, saying too many servers could be left open to attacks if they did so.

Tod Beardsley, security research manager at Rapid 7, said: "The attacker does have to be in a privileged position on the network in order to eavesdrop on a TLS session, and also needs to have already conducted some reconnaissance on the server-side infrastructure, but this is the nature of padding oracle attacks.

"While it's not Heartbleed, DROWN techniques do demonstrate the weaknesses inherent in legacy cryptography standards. Sysadmins should ensure that all their cryptographic services have truly disabled the old and deeply flawed SSLv2 protocol, and consider the cost and effort associated with providing unique private keys for their individual servers."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/mobile/5g/354286/why-5g-could-be-a-cyber-security-nightmare
5G

Why 5G could be a cyber security nightmare

6 Dec 2019