Cologne security expert used an Amazon cloud-based service for hacking purposes on the cheap. He plans on making his software public and will describe it more fully at a hacker conference in the US later this month.
Cloud computing makes vast resources available
On Friday, Thomas Roth, a Cologne-based computer security expert told the Reuters news agency that the single password encryption method used by most WiFi network administrators is not as foolproof as they would like to think.
By running specialized software on a cloud-based computer he leased from Amazon, the security researcher said he had been able to hack into WiFi networks secured under the Wireless Protected Access (WPA) protocol, which had been previously considered very hard to penetrate.
While that might have been true until very recently, Roth has now found an easy and inexpensive way in.
His method is via Amazon, from whom it is currently possible to hire cloud-based computers for just 28 cents per minute. By contrast it would cost tens of thousands to buy similar kit.
Quick and effective
Amazon says that using this attack on its servers violates company terms of service
Roth said it initially took him 20 minutes on one of Amazon's cloud-based computers to hack his way into a WPA protected network near to his home. He has since managed to reduce his attack time to just six minutes.
His software uses a "brute force" attack, firing passwords to try to open the secure network at a blinding speed of one million in under three seconds.
Once an intruder has successfully broken into a network, there can cause all kinds of damage to both private and business users.
"Once you are in, you can do everything you can do if you are connected to the network," the security expert said.
Spreading the word
Roth is now planning to demo his software to a hacker conference be held in Washington, D.C. later this month.
This technique is not, he stresses, a means of propagating virtual crime, but to open network administrators' eyes to the weakness of what they perceive to be impassable security protection.
Roth says its time for WiFi network administrators to rethink their security
"People tell me there is no possible way to break WPA," Roth said.
But with the use of this kind of attack using systems such as Amazon Elastic Compute Cloud (EC2) he has proved them wrong.
Amazon spokesman Kay Kinton told Deutsche Welle that Roth's work was not predicated on the use of the company's EC2.
"As researchers often do, he used EC2 as a tool to show how the security of some network configurations can be improved," Kinton said, adding that testing is an excellent use of Amazon's Web Services (AWS).
"However, it is a violation of our acceptable use policy to use our services to compromise the securit of a network without authorization."
Author: Tamsin Walker (Reuters)
Editor: Cyrus Farivar