Early March, researchers discovered deadly DROWN vulnerability in OpenSSL that affects more than 11 million modern websites and e-mail services protected by SSLv2 protocol. Bkav took a deep look into Viet Nam’s situation, and learned that hundreds of important websites were affected, putting users’ data as passwords, private information, credit card details at risk of being stolen.

Among affected systems, there are 58% in the financial sector, 21% in the petroleum sector, 11% in industrial and consumer goods sectors, 5% in the technology and telecommunication sectors, and 5% in the transportation and tourism sector.

Bkav urgently informed affected organizations and supported them to address the issue, securing customers’ information.

What is DROWN attack?

DROWN stands for "Decrypting RSA with Obsolete and Weakened eNcryption."

DROWN uses weaknesses in the SSLv2 protocol, affecting encrypted connections such as HTTPS and other services that rely on SSL and TLS HTTPS. These protocols allow everyone on the Internet to browse the web, use email, shop online, and remotely access internal applications of organizations.

DROWN attack could allow an attacker to access user’s sensitive data as passwords, private information, credit card details, access private emails or illegally access the internal network of organizations.

According to Bkav, DROWN is more difficult to exploit than Heartbleed vulnerability because hackers must perform a Man-in-the-Middle attack. However, the risk of exploiting this vulnerability to steal users’ credentials is feasible. Administrators should promptly disable SSLv2 protocol to secure their systems and users.

System administrators can use Bkav’s tool dubbed DROWN Checker to check if their systems are vulnerable. The tool is available at http://tools.whitehat.vn. Click on the link and put your server’s domain to perform the check.

Bkav