Mitigating Risks of Quantum Attacks: Timeline for Critical Industries
Y2Q, the year when quantum computers will become powerful enough to break the current encryption code, is approaching sooner than expected. The moment is dreaded by businesses, governments, and individuals alike because it poses a serious threat to the security of our networks and data.
Quantum computers, when ready, will decrypt today’s asymmetric security protocols that are widely used to secure messages through public channels. It includes popular protocols like TLS/SSL (used to secure HTTPS connections), SSH (used to secure remote access and file transfers), and IPsec (used to secure VPNs).
We do not have a way of knowing precisely the moment when the first fully error-corrected quantum computer will arrive, but we do know that a few industries are more at risk today than others. A calculated estimate is that Y2Q will be in 2030.
So, how should businesses prepare for the inevitable threat?
At risk before 2025
- Banking
- Insurance
- Government Agencies
- Defence
These industries store and process sensitive and confidential information serving as a gold mine for data hackers. The “harvest now, decrypt later” approach is worthwhile because of the sheer power of the data harvested.
For these industries, data is vulnerable whenever it passes between systems and devices. Every touchpoint must be protected to defend against the quantum threat.
Defence companies routinely handle high-value strategic assets and interact with sensitive systems, making data security mission-critical. Quantum security, therefore, becomes a critical part of their value proposition.
At risk between 2025-2030
- Healthcare
- Heavy Industries
- Global Energy & Materials
The healthcare industry is already a significant target for threat actors looking to harvest sensitive information. Healthcare providers are acutely aware of the moral and reputational responsibility required to safeguard patient data. For them, adopting quantum-secured products is not a privilege but a necessity.
Heavy industries and energy companies are at risk of an attack on their patented technologies and confidential manufacturing processes. Materials science, especially nanotechnologies, has the potential for colossal devastation if misused.
At risk after 2030
- Telcom
- Travel & Logistics
- Consumer Electronics
- Consumer Electronics
For telecom companies, quantum computers threaten to expose critical infrastructure to an attack, with potentially devastating consequences. Secure communications apps are also vulnerable. They are often used by journalists, whistle-blowers, and political parties to exchange sensitive information, so the data exchanged via these apps can be particularly damaging in the hands of bad actors.
Semiconductor manufacturers need to assess quantum encryption as they sit high on the supply chain of consumer electronics. The wired and wireless networking businesses should also leverage quantum security as they play a pivotal role in the electronics ecosystem. Other industries need to buckle up as well, but they can afford to join the bandwagon later. The repercussions of a data breach, though paramount, are not as devastating.
Mitigating Risks
At a high level, decision-makers can pursue one of three paths to mitigate the threats posed by capable quantum systems: adopt PQC solutions today, retrofit existing systems to PQC standards at a later date, or take action only to enhance the efficacy of traditional encryption protocols, all while monitoring evolving industry standards and regulations.
The precise decisions will depend on when organisations need to begin mitigation, the performance requirements of cryptography protocols, and the number and distribution of connected devices and systems that require protection.
QNu Labs offers several products to curb the risks and protect data from quantum attacks. From quantum-based encryptions to entropy enhancement services, QNu covers all security bases.
The products Armos, Tropos, and Hodos form the three pillars of quantum-powered security provided by QNu.
- Armos QKD is a state-of-the-art appliance providing unconditional security for critical data through quantum physics.
- Tropos does not rely on deterministic mathematical algorithms; it generates ontic random numbers from a quantum source, making it suitable for all applications.
- Hodos is the next generation of cryptographic protocol recommended by NIST that replaces today's RSA-based vulnerable systems with a quantum-resistant one.
Irrespective of the industry you belong to, the quantum threat is real. It is never too early to start working towards fortifying your business data.
Sources: