Quantum Computing: A New Technological Era Brings New Cybersecurity Threats
Brought to you by CYRIN
Quantum Computing: A New Technological Era Brings New Cybersecurity Threats
This month, we turn our attention to how quantum computing is reshaping the world of cyberseceruity and discuss the pros and cons of this emergent and rapidly developing technology that is already shifting the cyber landscape in profound ways.
Much like AI, the speed and power of Quantum Technologies (QT) promise to address some of the biggest and most difficult problems faced by an increasingly digitized, virtual, and hyper connected world.
Forbes predicts that “the speed and power of quantum computing will enable us to tackle some of the most difficult problems that humanity has ever faced.” That same article goes on to say that “scientific discoveries in quantum research during the last few years have been particularly revolutionary, leading to vastly faster and more accurate computers. Technological realities have replaced what were once considered science fiction fantasies.”
With its high processing speed and predictive analytics, Mckinsey & Company forecasts that Quantum Technologies could reach a potential economic value of $2 trillion by 2035. When combined with AI capabilities, quantum computing (QC) represents incredible opportunities, which means a different level and quality of opportunities, risks and vulnerabilities in terms of cybersecurity.
Capabilities and risks of QC
Quantum computing represents a historic shift in computing. Quantum computing operates with quantum bits, or qubits, which can represent 0 and 1 simultaneously thanks to principles like superposition and entanglement. This duality allows quantum computers to perform vast calculations at unprecedented speeds, which could potentially unravel even the most complex encrypted data and improve cyber security measures significantly.
However, like any emergent and sophisticated technology, the speed and robust nature of quantum computing poses cybersecurity risks. The United States and other nations are concerned that hackers are stealing data now to be hacked by quantum computers within the decade. A traditional computer needs a billion years to crack the encryption of today's RSA-2048 standard, while a functional quantum computer might break the code in less than two minutes. The record-breaking processing speed of QC can solve complicated problems, but it may also compromise security, potentially threatening financial systems and disrupting or compromising critical infrastructure.
The scary part is that this “new era” of quantum computing will eventually partner with AI; this convergence represents a seismic shift in cybersecurity, and it is already happening. Futurist Bernard Marr says that marrying this lightning-fast computational power with the pattern recognition and adaptive learning capabilities of artificial intelligence is akin to “giving a genius a superpower,” and these revolutionary technologies will be accessible sooner than we think, with data predictions across industries like financial services that would allow them to potentially predict market trends with “a degree of accuracy that would make today’s best algorithms look like educated guesswork.”
Preparation for this new future should begin now.
A “new frontier”
Experts are divided as to when quantum supremacy may be realized (i.e., when a programmable quantum computer can reliably solve problems with at least the same accuracy and faster than a classical computer). Common estimates range from 3 – 10 years to not until 2042 according to the median of predictions on Metaculus, a forecasting platform. However, these predictions may not account for recent advances in “error mitigation” and other techniques that should enable quantum computers with fewer qubits to operate more efficiently and reliably. As a result, “we may see general-purpose quantum computers earlier than many would have anticipated just a few years ago.”
Some have speculated that the combination of “Quantum computing, cryptographic agility and artificial intelligence (AI) will lead a pack of advancing technologies slated for use by bad actors to steal, gain control or unfairly influence societal and political outcomes. As various technologies and capabilities advance, the global cybersecurity landscape will definitively change.”
Case in point is China, which is expected to spend over $15 billion on their quantum program in the next five years.
A “supercomputer” means heightened security risks
One of the more concerning elements with quantum computing is that it opens up the “harvest now, decrypt later” approach to cyberattacks. If “highly sensitive, long-lived data” is collected and stored for later encryption, malicious actors can plan future attacks now, even while the data is currently safe. This threat, combined with existing vulnerabilities from insider threats, underscores the urgent need for organizations to reassess their cybersecurity measures.
Some cybersecurity protocols are already at risk; for example, public key infrastructure (PKI), which supports many aspects of digital security, including secure web browsing, email encryption, and VPNs, is considered vulnerable. RSA and ECC are heavily used as algorithmic security measures, yet they remain susceptible to quantum decryption, making an even stronger case for continued insider threat monitoring as “encryption methods that have been reliable for decades are becoming increasingly fragile in the face of quantum power.” Any encrypted data such as internet transmissions can be stored, and then later decrypted. Companies need to explore and implement new encryption methods like post-quantum cryptography (PQC) now or risk having sensitive data exposed, stolen, and compromised in the not so distant future.
Organizations are already being warned that to resist attacks from both classical and quantum computers, they must transition to PQC. Gartner predicts that advances in quantum computing will make asymmetric cryptography unsafe by 2029. By 2034, asymmetric cryptography will be fully breakable with quantum computing technologies. That does not mean, however, that the risks are five years away. The prospect of harvest-now, decrypt-later attacks is already a concern, making the post-quantum cryptography transition an urgent priority.
Preemptive “future-proof” solutions
According to the World Economic Forum, tech firms are tackling the risks of quantum computing now in order to avoid problems later. The pace of development in the realm of quantum science and computing has the potential to create substantive security risks in everything from online commerce to critical infrastructure.
The problem is you cannot just swap out one encryption algorithm with another, at least not in most cases. Standards must be formalized, processes and procedures must be laid out, and everyone should be on the same page. As one first step, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has finalized its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer.
Security experts are warning that now that the NIST-approved quantum-safe algorithms are out, there's no excuse not to include them in your current software development or not be able to update your products to them later. Doing so will future proof your products. Otherwise, they may become relics very quickly. Be prepared, there will be surprises. Most people, for example, did not see DeepSeek coming.
How can CYRIN help
While the advancement of quantum computers presents a challenge to existing cybersecurity measures, at CYRIN we understand advanced technologies such as AI, quantum computing and its cybersecurity implications. We continue to work with our industry partners to address the major challenges that these new paradigms represent. We set up realistic scenarios that allow them to train their teams and prepare new hires for the threats they will face. Government agencies have been using CYRIN for years, training their front-line specialists on the real threats faced on their ever-expanding risk surface.
For educators, we consistently work with colleges and universities both large and small to create realistic training to meet the environment students will encounter when they graduate and enter the workforce, including being at the forefront of new and future uses of cybersecurity.
Unless you get the “hands-on” feel for the tools and attacks and train on these real-world scenarios, you just won’t be prepared for when the inevitable happens. The best time to plan and prepare is before the attack. Our training platform teaches fundamental solutions that integrate actual cyber tools from CYRIN’s labs that allow you to practice 24/7, in the cloud, with no special software required. Cyber is a team effort; to see what our team can do for you take a look at our course catalog, or better yet, contact us for further information and your personalized demonstration of CYRIN. Take a test drive and see for yourself!
Image: bpawesome
Watch CYRIN: The Next-Generation Cyber Range
Learn More About How CYRIN Online Training Can Benefit You
You Might Also Read:
DeepSeek: Revolutionary AI, Or The “Sputnik” Of Big Tech?:
If you like this website and use the comprehensive7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible