Quantum Computing: A New Technological Era Brings New Cybersecurity Threats

Brought to you by CYRIN


Quantum Computing: A New Technological Era Brings New Cybersecurity Threats


This month, we turn our attention to how quantum computing is reshaping the world of cyberseceruity and discuss the pros and cons of this emergent and rapidly developing technology that is already shifting the cyber landscape in profound ways.

Much like AI, the speed and power of Quantum Technologies (QT) promise to address some of the biggest and most difficult problems faced by an increasingly digitized, virtual, and hyper connected world.

Forbes predicts that “the speed and power of quantum computing will enable us to tackle some of the most difficult problems that humanity has ever faced.” That same article goes on to say that “scientific discoveries in quantum research during the last few years have been particularly revolutionary, leading to vastly faster and more accurate computers. Technological realities have replaced what were once considered science fiction fantasies.”

With its high processing speed and predictive analytics, Mckinsey & Company forecasts that Quantum Technologies could reach a potential economic value of $2 trillion by 2035. When combined with AI capabilities, quantum computing (QC) represents incredible opportunities, which means a different level and quality of opportunities, risks and vulnerabilities in terms of cybersecurity.

Capabilities and risks of QC

Quantum computing represents a historic shift in computing. Quantum computing operates with quantum bits, or qubits, which can represent 0 and 1 simultaneously thanks to principles like superposition and entanglement. This duality allows quantum computers to perform vast calculations at unprecedented speeds, which could potentially unravel even the most complex encrypted data and improve cyber security measures significantly.

However, like any emergent and sophisticated technology, the speed and robust nature of quantum computing poses cybersecurity risks. The United States and other nations are concerned that hackers are stealing data now to be hacked by quantum computers within the decade. A traditional computer needs a billion years to crack the encryption of today's RSA-2048 standard, while a functional quantum computer might break the code in less than two minutes. The record-breaking processing speed of QC can solve complicated problems, but it may also compromise security, potentially threatening financial systems and disrupting or compromising critical infrastructure.

The scary part is that this “new era” of quantum computing will eventually partner with AI; this convergence represents a seismic shift in cybersecurity, and it is already happening. Futurist Bernard Marr says that marrying this lightning-fast computational power with the pattern recognition and adaptive learning capabilities of artificial intelligence is akin to “giving a genius a superpower,” and these revolutionary technologies will be accessible sooner than we think, with data predictions across industries like financial services that would allow them to potentially predict market trends with “a degree of accuracy that would make today’s best algorithms look like educated guesswork.”

Preparation for this new future should begin now.

A “new frontier”

Experts are divided as to when quantum supremacy may be realized (i.e., when a programmable quantum computer can reliably solve problems with at least the same accuracy and faster than a classical computer). Common estimates range from 3 – 10 years to not until 2042 according to the median of predictions on Metaculus, a forecasting platform. However, these predictions may not account for recent advances in “error mitigation” and other techniques that should enable quantum computers with fewer qubits to operate more efficiently and reliably. As a result, “we may see general-purpose quantum computers earlier than many would have anticipated just a few years ago.”

Some have speculated that the combination of “Quantum computing, cryptographic agility and artificial intelligence (AI) will lead a pack of advancing technologies slated for use by bad actors to steal, gain control or unfairly influence societal and political outcomes. As various technologies and capabilities advance, the global cybersecurity landscape will definitively change.”

Case in point is China, which is expected to spend over $15 billion on their quantum program in the next five years.

A “supercomputer” means heightened security risks

One of the more concerning elements with quantum computing is that it opens up the “harvest now, decrypt later” approach to cyberattacks. If “highly sensitive, long-lived data” is collected and stored for later encryption, malicious actors can plan future attacks now, even while the data is currently safe. This threat, combined with existing vulnerabilities from insider threats, underscores the urgent need for organizations to reassess their cybersecurity measures.

Some cybersecurity protocols are already at risk; for example, public key infrastructure (PKI), which supports many aspects of digital security, including secure web browsing, email encryption, and VPNs, is considered vulnerable. RSA and ECC are heavily used as algorithmic security measures, yet they remain susceptible to quantum decryption, making an even stronger case for continued insider threat monitoring as “encryption methods that have been reliable for decades are becoming increasingly fragile in the face of quantum power.” Any encrypted data such as internet transmissions can be stored, and then later decrypted. Companies need to explore and implement new encryption methods like post-quantum cryptography (PQC) now or risk having sensitive data exposed, stolen, and compromised in the not so distant future.

Organizations are already being warned that to resist attacks from both classical and quantum computers, they must transition to PQC. Gartner predicts that advances in quantum computing will make asymmetric cryptography unsafe by 2029. By 2034, asymmetric cryptography will be fully breakable with quantum computing technologies. That does not mean, however, that the risks are five years away. The prospect of harvest-now, decrypt-later attacks is already a concern, making the post-quantum cryptography transition an urgent priority.

Preemptive “future-proof” solutions

According to the World Economic Forum, tech firms are tackling the risks of quantum computing now in order to avoid problems later. The pace of development in the realm of quantum science and computing has the potential to create substantive security risks in everything from online commerce to critical infrastructure.

The problem is you cannot just swap out one encryption algorithm with another, at least not in most cases. Standards must be formalized, processes and procedures must be laid out, and everyone should be on the same page. As one first step, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has finalized its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer.

Security experts are warning that now that the NIST-approved quantum-safe algorithms are out, there's no excuse not to include them in your current software development or not be able to update your products to them later. Doing so will future proof your products. Otherwise, they may become relics very quickly. Be prepared, there will be surprises. Most people, for example, did not see DeepSeek coming.

How can CYRIN help

While the advancement of quantum computers presents a challenge to existing cybersecurity measures, at CYRIN we understand advanced technologies such as AI, quantum computing and its cybersecurity implications. We continue to work with our industry partners to address the major challenges that these new paradigms represent. We set up realistic scenarios that allow them to train their teams and prepare new hires for the threats they will face. Government agencies have been using CYRIN for years, training their front-line specialists on the real threats faced on their ever-expanding risk surface.

For educators, we consistently work with colleges and universities both large and small to create realistic training to meet the environment students will encounter when they graduate and enter the workforce, including being at the forefront of new and future uses of cybersecurity.

Unless you get the “hands-on” feel for the tools and attacks and train on these real-world scenarios, you just won’t be prepared for when the inevitable happens. The best time to plan and prepare is before the attack. Our training platform teaches fundamental solutions that integrate actual cyber tools from CYRIN’s labs that allow you to practice 24/7, in the cloud, with no special software required. Cyber is a team effort; to see what our team can do for you take a look at our course catalog, or better yet, contact us for further information and your personalized demonstration of CYRIN. Take a test drive and see for yourself!

Image: bpawesome

Watch CYRIN: The Next-Generation Cyber Range


Learn More About How CYRIN Online Training Can Benefit You


You Might Also Read: 

DeepSeek: Revolutionary AI, Or The “Sputnik” Of Big Tech?:  


If you like this website and use the comprehensive7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

 

 

« Exploring The Growing Popularity Of Data Security Posture Management

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Intelligence-sec

Intelligence-sec

Intelligence-Sec is a fully integrated Conferences and Exhibitions Company managing and producing topical events for the security industry.

DataVantage

DataVantage

DataVantage data masking and data management software helps you prevent data breaches, pass compliance audits and meet regulatory requirements such as HIPAA and PCI DSS.

APWG

APWG

APWG is the international coalition unifying the global response to cybercrime across industry, government, law-enforcement and NGO communities.

Software Factory

Software Factory

Software Factory develops custom-built high-performance software solutions and products for applications including industrial cyber security.

Sequitur Labs

Sequitur Labs

Sequitur Labs is developing seminal technologies and solutions to secure and manage connected devices of today and in the future.

FirstPoint

FirstPoint

FirstPoint has developed the market’s most advanced solution for securing cellular devices, including mobile phones and IoT products, by blocking malicious data leakage.

Wolf Hill Group

Wolf Hill Group

Wolf Hill Group, a Slone Partners company, is a national recruitment firm focused on Cybersecurity.

AttackIQ

AttackIQ

AttackIQ delivers continuous validation of your enterprise security program so you can strengthen your security posture and your response capabilities.

Industrial Defender

Industrial Defender

Committed to ICS Cybersecurity. Industrial Defender provides a fully automated solution to discover, track and report on assets across your ICS footprint.

Spike Reply

Spike Reply

Spike Reply is the company within the Reply Group focusing on cybersecurity and personal data protection.

Computer Services Inc (CSI)

Computer Services Inc (CSI)

CSI is a leading fintech, regtech and cybersecurity solutions partner operating at the intersection of innovation and service.

CloudWave

CloudWave

CloudWave, the expert in healthcare data security, provides cloud, cybersecurity, and managed services to healthcare organizations.

Barclay Simpson

Barclay Simpson

Barclay Simpson is proud to have a long history of delivering cyber security, technology and governance recruitment services.

Cyber and Fraud Centre – Scotland

Cyber and Fraud Centre – Scotland

The Cyber and Fraud Centre – Scotland exists to ensure Scottish organisations are as resilient as they can be against cyber and fraud crime.

Secur-Serv

Secur-Serv

Secur-Serv is a security-first managed services provider. We provides Managed IT, Managed Print, Managed Device, and Cybersecurity services to companies of every size.

SecureKloud Technologies

SecureKloud Technologies

SecureKloud is a global leader in the Cloud services arena. Our experience in cloud consulting and servicing for highly regulated industries extends more than a decade.