While quantum computing could bring benefits to computing and society, it also brings new cybersecurity threats – and the CISA alert warns that critical infrastructure in particular is at risk. Many forms of digital communications and internet-connected systems rely on data encryption to protect them from cyber attackers. Public key cryptography helps to protect information from being viewed by unauthorised intruders – and it’s extremely difficult to crack using today’s computers. But quantum computing will bring much higher levels of computing power and speed, capable of breaking public key cryptography and threatening cybersecurity in a wide range of areas including online banking, secure communications and digital signatures. Researchers have warned that the cybersecurity of infrastructure that supports critical national services – including electricity, fuel, water and transport – could be at significant risk. SEE: Critical infrastructure is under attack from hackers. Securing it needs to be a priority - before it’s too late Much of this is due to the dependence on industrial control systems (ICSs), which have long life cycles and rarely receive updates. This means that critical infrastructure providers who aren’t prepared could be left vulnerable to attacks. It’s therefore recommended that critical infrastructure providers make the necessary preparations to mitigate post-quantum cryptography now, rather than waiting for the technology to become more widespread. “CISA urges ICS organizations to ensure that their hardware replacement cycles, and cybersecurity risk management strategies account for actions to address risks from quantum computing capabilities,” said the alert. “Do not wait until the quantum computers are in use by our adversaries to act. Early preparations will ensure a smooth migration to the post-quantum cryptography standard once it is available.” While the expense and expertise required to develop quantum computing technology are currently restricted to large technology companies, research institutions or nation-states, as it becomes more widely available, it could become a major cybersecurity issue for everyone. “In the hands of adversaries, sophisticated quantum computers could threaten U.S. national security if we do not begin to prepare now for the new post-quantum cryptographic standard,” warned CISA. CISA has previously set out a post-quantum cryptography roadmap to help organisations protect their data and systems and to reduce risks related to the advancement of quantum computing technology. MORE ON CYBERSECURITY
These are the cybersecurity threats of tomorrow that you should be thinking about todayThe stakes ‘could not be any higher’: CISA chief talks about the tech challenges aheadUS taps startup QuSecure for post-quantum cybersecurityNATO cybersecurity center finishes tests of quantum-proof networkTo stop quantum hackers, the US just chose these four quantum-resistant encryption algorithms