Chat with us, powered by LiveChat
Menu

Organizations Bracing For Quantum Computer Cyberattacks

Kaseya
Print Friendly, PDF & Email

EDITOR NOTE: In an article dating back to 2017, we described the cybersecurity field as one of perpetual escalation, a cruel, if not perverse, “evolution” in the arena of technological dominance. Cybersecurity is a game whose objective is to continue playing, for there are no permanent winning conditions. Today, the latest threat on the horizon is cyberattacks via quantum computers. Imagine a future where hackers operating quantum supercomputers with artificial intelligence capabilities are trying to disrupt government networks, energy grids, corporate databases, digital banks, and military infrastructure. Only superior computing power, quantum tech, or, in some cases, cold storage will be able to thwart these intrusions. As we’ve said many times before, every technological innovation brings with it its own negativity. And in the field of cybersecurity, the battle may soon escalate beyond humans toward the domain of thinking machines.

LONDON — A little-known U.K. company called Arqit is quietly preparing businesses and governments for what it sees as the next big threat to their cyber defenses: quantum computers.

It’s still an incredibly young field of research, however some in the tech industry — including the likes of GoogleMicrosoft and IBM — believe quantum computing will become a reality in the next decade. And that could be worrying news for organizations’ cyber security.

David Williams, co-founder and chairman of Arqit, says quantum computers will be several millions of times faster than classical computers, and would be able to break into one of the most widely-used methods of cryptography.

“The legacy encryption that we all use to keep our secrets safe is called PKI,” or public-key infrastructure, Williams told CNBC in an interview. “It was invented in the 70s.”

“PKI was originally designed to secure the communications of two computers,” Williams added. “It wasn’t designed for a hyper-connected world where there are a billion devices all over the world communicating in a complex round of interactions.”

Arqit, which is planning to go public via a merger with a blank-check company, counts the likes of BT, Sumitomo Corporation, the British government and the European Space Agency as customers. Some of its team previously worked for GCHQ, the U.K. intelligence agency. The firm only recently came out of “stealth mode” — a temporary state of secretness — and its stock market listing couldn’t be more timely.

The past month has seen a spate of devastating ransomware attacks on organizations from Colonial Pipeline, the largest fuel pipeline in the U.S., to JBS, the world’s largest meatpacker.

Microsoft and several U.S. government agencies, meanwhile, were among those affected by an attack on IT firm SolarWinds. President Joe Biden recently signed an executive order aimed at ramping up U.S. cyber defenses.

What is quantum computing?

Quantum computing aims to apply the principles of quantum physics — a body of science that seeks to describe the world at the level of atoms and subatomic particles — to computers.

Whereas today’s computers use ones and zeroes to store information, a quantum computer relies on quantum bits, or qubits, which can consist of a combination of ones and zeroes simultaneously, something that’s known in the field as superposition. These qubits can also be linked together through a phenomenon called entanglement.

Put simply, it means quantum computers are far more powerful than today’s machines and are able to solve complex calculations much faster.

Kasper Rasmussen, associate professor of computer science at the University of Oxford, told CNBC that quantum computers are designed to do “certain very specific operations much faster than classical computers.”

That it is not to say they’ll be able to solve every task. “This is not a case of: ‘This is a quantum computer, so it just runs whatever application you put on there much faster.’ That’s not the idea,” Rasmussen said.

This could be a problem for modern encryption standards, according to experts.

“When you and I use PKI encryption, we do halves of a difficult math problem: prime factorisation,” Williams told CNBC. “You give me a number and I work out what are the prime numbers to work out the new number. A classic computer can’t break that but a quantum computer will.”

Williams believes his company has found the solution. Instead of relying on public-key cryptography, Arqit sends out symmetric encryption keys — long, random numbers — via satellites, something it calls “quantum key distribution.” Virgin Orbit, which invested in Arqit as part of its SPAC deal, plans to launch the satellites from Cornwall, England, by 2023.

Why does it matter?

Some experts say it will take some time before quantum computers finally arrive in a way that could pose a threat to existing cyber defenses. Rasmussen doesn’t expect them to exist in any meaningful way for at least another 10 years. But he’s not complacent. 

“If we accept the fact that quantum computers will exist in 10 years, anyone with the foresight to record important conversations now might be in a position to decrypt them when quantum computers come about,” Rasmussen said.

“Public-key cryptography is literally everywhere in our digitized world, from your bank card, to the way you connect to the internet, to your car key, to IOT (internet of things) devices,” Ali Kaafarani, CEO and founder of cybersecurity start-up PQShield, told CNBC.

The U.S. Commerce Department’s National Institute of Standards and Technology is looking to update its standards on cryptography to include what’s known as post-quantum cryptography, algorithms that could be secure against an attack from a quantum computer.

Kaafarani expects NIST will decide on new standards by the end of 2021. But, he warns: “For me, the challenge is not the quantum threat and how can we build encryption methods that are secure. We solved that.”

“The challenge now is how businesses need to prepare for the transition to the new standards,” Kaafarani said. “Lessons from the past prove that it’s too slow and takes years and decades to switch from one algorithm to another.”

Williams thinks firms need to be ready now, adding that forming post-quantum algorithms that take public-key cryptography and make it “even more complex” are not the solution. He alluded to a report from NIST which noted challenges with post-quantum cryptographic solutions.

Original post from CNBC

Bank Failure Scenario Kit - sm2

GET YOUR FREE

BANK FAILURE SCENARIO KIT

  • This field is for validation purposes and should be left unchanged.

All articles are provided as a third party analysis and do not necessarily reflect the explicit views of GSI Exchange and should not be construed as financial advice.

Precious Metals and Currency Data Powered by nFusion Solutions