A new vulnerability dubbed DROWN, has been discovered
Know the latest in cyber threats; protect your business against DROWN
We have been advised by our IT security partner, Network Box, that a new cyber threat has been detected: DROWN, which stands for Decrypting RSA with Obsolete and Weakened eNcryption. For you techies, it is a cross-protocol attack that exploits weaknesses in SSLv2 to decrypt TLS sessions from up-to-data clients. This could enable hackers to intercept and decrypt HTTPS connections. For example, that would allow passwords, credit card numbers, emails, and sensitive documents, to be stolen if DROWN is successful.
So, how serious is DROWN? It is estimated that up to one third of HTTPS servers are vulnerable. While that is dire, the good news is Network Box USA systems have not been affected by DROWN. That said, current Network Box clients should note:
- All Network Box 5 internal services are hardened against such attacks and are not vulnerable to the Drown SSL vulnerability in any way or form. If you are using the SSL offloading feature, vulnerable SSL servers will also be protected by the Network Box 5 proxy.
- Regarding Network Box 3 clients: In default configuration, you are not vulnerable to the Drown SSL vulnerability. Services such as my.network-box.com are hardened against such attacks by default. Please note: There is a service option on the SMTP server to use SSL. Network Box Security Response has already released security patches to mitigate this potential vulnerability.
To protect your SSL servers, we recommend considering the Network Box USA Cloud WAF platform. This platform offers a SSL offload option, which can protect your servers from these types of vulnerabilities.