Cloud-Based Brute Force Attacks to Test Computer Security

Love it or hate it, the cloud is allowing some incredible things to take place such as being able to offer anyone the power of a supercomputer for pricing in line with a cup of coffee. Barry Levine writes about how a researcher was able to tap into the massive power of the Amazon EC2 cloud to break WiFi passwords at just $2 a pop.

So many passwords are susceptible to brute force attacks where a dictionary is used to generate passwords until it finds one which is correct. This is why some login screens have a CAPTCHA code requirement where a human needs to determine what the code is. In this way, you guarantee that brute force attacks are eliminated.

Another option is to close down a session or lock an account after a certain number of incorrect password attempts.

Using cloud services in such a manner is generally against the terms of use of companies like Amazon but this doesn’t mean there won’t be malicious hackers at work looking for loopholes and ways of leveraging the huge compute power available in stealthy ways.

For chief security officers and IT managers this just means the benefits of the cloud will be offset somewhat by their evil-doing hacker nemesis who will be looking to use the latest tools available for nefarious purposes.

    Leave Your Comment