DROWN: 11 million websites at risk - is yours one of them?
8 March 2016
2 min read
Security breaches are nothing new. From Ashley Madison to TalkTalk and more, miscreants are exposing sensitive data by the millions. Yet the worst may still be to come.
A new attack on the way data traverses the Internet threaten to expose a third of all secure web servers, according to researchers who've discovered the flaw. Their findings include a long list of popular yet exposed sites, which you can find here. Others say as many as 11 million machines may be impacted by the attack.
Called DROWN (for "Decrypting RSA with Obsolete and Weakened eNcryption"), it's being heralded by some as the second coming of the Heartbleed worm that two years ago infiltrated tens of thousands of servers and major institutions, including Canada's national taxing authority and the data archives of one of the largest U.S. healthcare information providers.
DROWNing in bad encryption
Put simply, DROWN is what's called a "cross protocol attack" that exploits weak security in a 1990s era standard known as SSL v2 in order to expose sessions protected by a modern alternative called Transport Layer Security, or TLS.
Keys are the key to a DROWN attack. Specifically, it's common for IT administrators to configure secure servers with the same RSA private key for decrypting information sent over a network -- even though one protocol (SSL v2) is materially weaker than the other. Think of it as using the same key to unlock the front doorknob and the deadbolt on the side of your house.
What to do next
If there's good news here it's that the researchers say they will not release the code for the DROWN attack until more servers are upgraded. Check your exposure here.
In the meantime, the OpenSSL group, which is responsible for a huge number of secure software libraries used in web servers -- including, perhaps, yours -- has issued an update that addresses not only DROWN but also related flaws that have spawned lesser but still-damaging attacks.
Cachebleed, for example, is a flaw that exploits SSLv2 to allow attackers to eavesdrop on servers and encryption sessions. Upgrading to SSLv3 is a smart first step for addressing DROWN and Cachebleed, whether you use OpenSSL, Microsoft's Windows Server, Network Security Services, Apache, or another form of web server for your site infrastructure.
You should also want to take inventory of your entire network and disable SSLv2 wherever it exists, says says Jan Schaumann, an information security expert who's also an adjunct professor of Computer Science at Stevens Institute of Technology. Taking extra care when reusing security certificates is also key since attackers prey on lazy policy.
With DROWN, in particular, researchers were able to crack some sites in less than a minute using a single-CPU computer. Other breaches required spending about $440 to enlist the aid of an Amazon EC2 cloud. In either case, attackers targeting the right servers could find a meaningful return on investment.
"There will always be severe vulnerabilities," says Schaumann.
"It's just that when they appear in software that is so widely deployed and so essential to the functionality of the web and the economy that rests on it, the impact becomes bigger rapidly."