Amazon Cloud Power Used To Break Network Passwords
Updated · Oct 18, 2024
Breaking security on home and small-business networks can be done with Amazon’s cloud computing, a researcher has shown. Such basic passwords relied on supercomputing power being too expensive, but Amazon is making it affordable. The power that Thomas Roth was able to use on EC2 cost less than $2 per password.
As Amazon.com launches two new cloud services, a security researcher has shown that the company’s cloud computing can be harnessed to break passwords. The Germany-based researcher, Thomas Roth, has demonstrated a program that runs on Amazon’s Elastic Cloud Computing (EC2) platform to crack wireless network security commonly found in homes and small businesses.
EC2, as with other cloud platforms, offers enormous computing power on demand, and Roth used this capability to test more than 400,000 possible passwords per second. The feat previously would have required supercomputing power.
Under $2
Brute-force computing has always been a possible way to crack some kinds of security systems, but until now that kind of computing power was very expensive. According to Roth, his software running on EC2 can find the average wireless password in about six minutes. At the EC2 price of 28 cents per minute, his cost for processing power was under $2 per password.
Roth has said he will make his program public, and Amazon has noted for the record that a program such as his is against its terms of use, although his test version running on EC2 is acceptable.
Amazon spokesperson Drew Herdener told news media that Roth’s work was not specific to Amazon’s environment, but that, “as researchers often do, he used EC2 as a tool to show how the security of some network configurations can be improved.”
The kinds of wireless security systems that Roth can hack use pre-shared passwords, such as the WPA-PSK system. An alphanumeric string of up to 63 characters is set up by the user as the password, and a longer password is generally considered stronger. This kind of security has counted on the fact that breaking it would require huge computing power — which, until now, didn’t seem worth the investment by the hacker.
According to some industry observers, the less the password resembles a dictionary word, the safer it is and the harder it is to crack, even with brute-force computing. Passwords with random symbols and numbers — avoiding obvious number-for-letter substitutions, such as a 3 for an E — are considered stronger.
Amazon Lowers Prices
But cloud-based computing is also getting stronger, and cheaper. Recently, Amazon announced Bronze and Platinum plans, designed for individual developers and enterprise customers, respectively. It also reduced usage-based pricing for the Silver and Gold plans by 50 percent. As the market leader in cloud computing, its price cutting is expected to soon drive prices down among competitors.
Al Hilwa, program director for application development at IDC, said “the message here is — what are people doing on your networks?” He added that Amazon and others need to be increasingly diligent about monitoring whether their enormous cloud resources are being used for such purposes as cracking security systems.
But, he noted, “it’s always been a race for security systems” and now, if one level of security can be broken by the inexpensive provisioning of cloud computing, “it’s time” to move those systems up the ladder to stronger encryption.
Rohan is a senior editor at Sci-Tech Today with extensive knowledge of digital marketing, SEO, and social media optimization (SMO). He is skilled at creating and editing detailed articles filled with accurate statistics that readers find valuable. As a senior editor, Rohan carefully reviews and quality-checks content from multiple writers before it is published. Additionally, he creates infographics to accompany the statistics, making the information easier to understand and more engaging for readers. Rohan's dedication ensures that Sci-Tech Today delivers high-quality and informative content to its audience.
![NFT Statistics By Facts and Trends [2024*]](https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.sci-tech-today.com/wp-content/uploads/2024/05/NFT-Statistics.webp)
