Information Security - Crack Attack
Authors:Donald Akins, Justin Davis, Greg Richardson
Mentor:Ruth Guthrie, Professor of Computer Information Systems, California State Polytechnic University Pomona
A study was conducted to ascertain the adequacy of current information security practices. The research objective was to identify accessible methodologies for breaching log-in credentials and encryption algorithms. In so doing, it becomes apparent that common electronic security practices are glaringly ineffective. Any hacker, with a little patience, is capable of breaking a simple password and more.
For this project, a student team researched metrics and statistics on HashCat, Access Diver, and JohnTheRipper. These programs assist the user in breaching common security protocols and can be found with a simple Google search. Time required to break log-ins, time required to decrypt common hash algorithms, computer hardware utilized during benchmark testing, and number of cycles run, if applicable, was the target data collected. The results show how vulnerable people and their digital information are, even with so-called “strong passwords” comprised of at least eight numbers, special characters and uppercase characters.
With the breadth of sensitive information being stored in electronic format, and the relative ease with which it can be accessed, the need for protecting such information from becoming readily available becomes apparent. Information such as bank records, health records, defense contracts, and citizenry documentation are among the "information treasure trove" at the fingertips of the budding, self-educated cyber-criminal.