VietNamNet Bridge - The Bach Khoa Anti-virus Center (BKAV), the leading internet security group, has warned that hundreds of important systems in Vietnam are at risk of having clients’ information stolen through vulnerability Drown on websites using https protocol. 

{keywords}

Financial institutions account for the highest proportion, 58 percent, of the systems, followed by oil & gas firms at 21 percent, while 11 percent is in industrial and consumer goods enterprises.

BKAV’s vice president Ngo Tuan Anh confirmed that hundreds of systems in Vietnam may be attacked when hackers exploit Drown vulnerability. This is described as a low-cost attack allowing hackers to steal users’ important information, including personal information, passwords and credit card details.

Financial institutions account for the highest proportion, 58 percent, of the systems, followed by oil & gas firms at 21 percent, while 11 percent is in industrial and consumer goods enterprises. Five percent of systems belong to businesses in technology and telecommunications and another 5 percent in transport and tourism.

Also according to Anh, it is more difficult to exploit Drown vulnerability than Heartbleed, because hackers have to stay in connection between servers and users. However, he affirmed that the risk of hackers exploiting the vulnerability to steal users’ information is probable.

Therefore, administrators need to immediately disable SSLv2 (Secure Sockets Layer) to ensure safety for their systems.

Anh stressed that the vulnerability can only affect the systems and the servers of businesses and institutions that provide finance and e-commerce services. Service providers have the responsibility of taking measures to prevent and patch the vulnerability in order to protect customers.

Hundreds of important systems in Vietnam are at risk of having clients’ information stolen through vulnerability Drown on websites using https protocol. 
However, users also need to be watchful over the problem. If they find the information about the access to the services that they don’t use, they should check and report to service providers.

Prior to that, on February 2, 2016, many security websites in the world warned that 11 million websites and email services protected by SSLv2 and 1/3 of the servers using https protocol were vulnerable to the attacks through Drown vulnerability. These include the websites of giants such as Yahoo and Samsung.

Drown stands for ‘Decrypting RSA with Obsolete and Weakened eNcryption’.
Drown is a cross-protocol attack that exploits weaknesses in the SSLv2 implementation, affecting the encrypted connections such as https and other services based on SSL and TLS. These protocols are used to encrypt data in services like ebanking and e-commerce. They are also used at many agencies which allow their staffs to access internal apps and work from a distance via internet.

According to thehackernews.com, users can find out if their website is vulnerable to this critical security hole using the Drown attack test site.

Researchers have uncovered the Drown security hole and a patch for the vulnerability has been made available.


Buu Dien