GPUs Giving Hackers Yet More Ammunition

Article date: Tue, 04 Oct 2011 09:21 GMT

Neil Lathwood, IT director at UKFast

A £30 high street graphics card is allowing cybercriminals to crack passwords in as little as 12 seconds.

The battle for users to protect their data is getting tougher as cyber criminals add another weapon to their armoury in the shape of cheap graphics cards that can process billions of possible passwords in seconds.

Tests performed by security experts at hosting specialist UKFast highlighted the capabilities of a £30 graphics card to process 158 million possible passwords per second, shattering beliefs that a long password that includes a random combination of symbols, numbers and letters is sufficient to protect sensitive and personal information.

UKFast has announced its findings as Cyber Security Awareness Month kicks off across the UK and consumers and businesses are encouraged to pay special attention to securing their data.

"A typical home GPU can process 9 million passwords per second, this really shows the power of these graphic processing units. Reasonably complex passwords can therefore be compromised quite quickly by using cheap consumer hardware," Stuart Coulson, UKFast's security expert, explained.

Using an nVidia GeForce GT220 graphics card - that can be bought for as little as £30 - with the latest drivers on Windows 7, UKFast's security experts were able to crack a 6 character password in 12 seconds, a seven character password in less than five minutes, and an eight character password in four hours.

The current top-specification graphics cards, costing £600, make light work of password cracking, processing 10.3 billion passwords per second.

Neil Lathwood, IT director at UKFast said: "People have worked out that the processing power of graphics cards, due to the architecture of the chips, is more powerful than a normal processor for doing certain tasks."

UKFast's discovery comes as the Met announces the successful capture of a group of cybercriminals who had compromised more than 900 bank accounts and 10,000 credit cards, highlighting how real and big a threat cybercrime is to the nation.

On Monday, the Twitter account of Thailand's new Prime Minister was hacked and used to post criticisms of her leadership. The final post read: "If she can't even protect her own Twitter account, how can she protect the country?"

Users are urged to protect themselves by changing their passwords often and thinking about the complexity and length of their passwords. Coulson continues: "Nobody is immune to the damage a weak password can cause - even those in high-powered positions of authority. Every extra character makes the hacker's job more difficult because there are so many more possibilities for what that character can be and the more you can introduce to your password, the safer it is."

Print this article print this article.Return to Press Releases

Share with: