BACKGROUND:
New findings from Booz Allen Hamilton in examine threats around Chinese advances in quantum computing, in which the country has long invested heavily. Among key findings:
- By the end of the 2020s, Chinese threat groups will likely collect data that enables quantum simulators to discover new economically valuable materials, pharmaceuticals, and chemicals.
- State-aligned cyber threat actors will attempt to gain such data to advance their mission/national priorities.
- China’s potential ability to ultimately decrypt stolen data creates immediate security risks for CISOs managing classified or sensitive data of enduring value.
<p>The arms race to quantum computing ushers in a new era of competitive advantage and cyber risk. CISOs, IT and business leaders should be acutely mindful of this risk and embrace “quantum resistant” zero trust and SASE architectures that transform the traditional security perimeter into one that’s software, identity and trust based. </p>
<p>A significant threat is the continued reliance on username and password-based credentials that can guessed, brute forced, phished or decrypted using advanced and emerging computing techniques. Passwordless authentication promoted by W3C WebAuthN and FIDO Alliance like phone as a token and FIDO2 security keys create an unphishable binding with the user drastically reducing the attack surface for such breaches and making the environment impervious to data breaches and ransomware attacks. Further these improve cost efficiency and reduce user friction enabling ease of adoption for workforce and consumer use cases.</p>
<p>While much of the cybersecurity world wasn’t looking, quantum computing has quietly moved from fantasy to real life. In its latest report on cybersecurity and quantum computing, Booz Allen Hamilton documents some of the concerns of China as both a major player in cybersecurity risks and major researcher in quantum computing. The report notes that China is likely to be collecting sensitive and encrypted files with the intent of decrypting them with emerging quantum technology at some point in the future.</p>
<p>Quantum computing promises computations several orders of magnitude faster than traditional binary computing. But while this may offer the potential to decrypt files through sheer brute force, it doesn’t represent a breakthrough in decryption. And as encryption technologies have gotten more powerful, it’s not at all clear that brute force quantum computing is the answer. Enterprises and governments investing in encryption should make sure they are using the most powerful algorithms available today, so that it may not be feasible to use quantum computing for decryption. At the very least, it may take several years to break the current state of the art in encryption.</p>