Saturday 12 March 2016

Most Of The Cloud Services Are Still Vulnerable To DROWN And Heartbleed Attack

Drown Vulnerability

Most Of The Cloud Services Are Still Affected By DROWN And Heartbleed Vulnerability

Due to the DROWN attack, the cloud service providers are failing to protect their clients from this new attack. Even only 33 providers have patched their servers from the breaches out of 653 services which were surveyed.

On 1st March, the fifteen researchers unveiled the DROWN attack for showing that how the hackers could break HTTPs traffic through an older leveraging attack method from 1998 against SSLv2  whereas the traffic of server was already secured with the help of TLS certificates.

According to Skyhigh researchers, they reported the vulnerability of DROWN attack that affects one out of three websites which is running on HTTPs. A cloud security company, Skyhigh Networks found that 653 service providers are vulnerable to the DROWN attacks during its scanning process.

Courtesy: Skyhigh Networks

Even the researchers also claim that they would try to scan it daily over the following week and after seven days, they found 620 of the original 653 servers were still vulnerable.
However, the cloud security providers did a better job to solve this problem that they should patch against the Heartbleed.

Sekhar Sarukkal of Skyhigh Networks said, "What’s troubling about this critical vulnerability is how slow cloud providers have been in responding to patch their services against DROWN by disabling SSLv2 support."

According to the comparison from the critical Heartbleed bug that shows how many cloud security providers have ignored the new DROWN attack. During the scanning process of Skyhigh’s the company discovered 1,173 cloud service providers becomes vulnerable due to the attacks of Heartbleed. After the first announcement, the number of providers was down to 386 within one day later and after a week, the numbers left only 86.

Initially, the percentage of affected cloud security providers are 92.71% who did their job and even patched their servers. Whereas only 5.1% servers patched against the DROWN attack. 

As of today, the average process that a company used around 56 cloud servers which are vulnerable to DROWN attacks.

Whereas Skyhigh states that there would be 98.9% enterprises which are bound to use at least one cloud security service provider that is vulnerable from the  DROWN attack. 

Well, there are so many cloud providers gets failed to interfere with the cloud service providers systems because the attackers used some flaws in SSLv2. On the other hand, after seeing this vulnerability report a sysadmin of these companies thinks that it would happen due to the TLS certificates which the servers were used.

But the researchers who detected the DROWN attack found that that server is also vulnerable which supports SSLv2 or the server used the private key that runs on SSLv2 instead of this fact that the server is more secure with the help of TLS protocol.

Image Source: gfi


Post a Comment

Note: only a member of this blog may post a comment.

Toggle Footer