DROWN stands for “Decrypting RSA with Obsolete and Weakened eNcryption.”
Is a new vulnerability that could risk the open SSLv2 websites more prone to be decrypted. This means that your crucial data including bank logins, passwords and email accounts could be at risk. The DROWN is actually attacking the loopholes of the SSLv2 certificate servers against the TLS and decrypt the collected data from the attacked servers. The report state that 25% of the top most website could be attacked by DROWN which includes Yahoo, BuzzFeed, Flickr and Samsung.
“We’ve been able to execute the attack against OpenSSL versions that are vulnerable to CVE-2016-0703 in under a minute using a single PC. Even for servers that do not have these particular bugs, the general variant of the attack, which works against any SSLv2 server, can be conducted in under 8 hours at a total cost of $440.”
“You’re just as much at risk if your site’s certificate or key is used anywhere else on a server that does support SSLv2,” security researchers noted. “Common examples include SMTP, IMAP, and POP mail servers, and secondary HTTPS servers used for specific web applications.”
SSLv2 certificate has been offered since 90s and noted to be vulnerable to get years, so most servers now use a distinct protocol. Nevertheless, it’s right now emerged that even permitting SSLv2 is actually a threat to modern servers and consumers.
The DROWN website details to the weakening of cryptography by US federal government policies in recent years, causing the third main internet security vulnerability in a year following FREAK and Logjam.
To find out more about the DROWN attack or check is your site vulnerable then visit DROWN Attack.
If your website is found to be vulnerable, then without any delay take preventive measures immediately.
How to prevent against DROWN attack
“To protect against the attack, server operators need to make sure that their private connections are not used anywhere with server software which allows SSLv2 connections,” matching to the FAQ upon the DROWN website. “This includes web servers, SMTP servers, IMAP and POP servers, and some different software that supports SSL/TLS. ”Although, there is assurance that cybercriminals are taking the advantage of SSlv2 vulnerability but it is important to take precautions as such thing could happen.