Today’s CISO Insights – How to Tackle the Quantum Threat

Craig Debban / Cybersecurity Insiders / 3 May 2023

As you may have noticed, daily headlines around quantum computing and its impact on technologies are becoming commonplace. This is driven by the fact that quantum computers will be able to perform certain types of calculations much faster than the classical computers we all use today. Due to this specific way of processing, quantum computers can also break many of the current encryption algorithms used to protect data. This is why CISOs everywhere should be concerned.

No, the sky isn’t falling, and the everyday use of quantum computers is not occurring en masse just yet. However, criminal and state actors are actively harvesting and storing data by listening in to communications, and this data will be decrypted by quantum computers in the future.   The concept they are practicing is termed steal now decrypt later (SNDL).

In a typical SNDL attack, the attacker gains access to encrypted data by intercepting network traffic, accessing data stores, or by using techniques such as social engineering or malware to gain access to critical information. Most likely his data is protected using current encryption algorithms and keys. By secretly exfiltrating this data, an adversary can decrypt its contents later and use all the gained resources at their disposal. You might think, “So what? It is safe, encrypted, and should take forever to decrypt.” That is a true statement today. However, SNDL attacks rely on the belief that current cryptographic algorithms will be broken and then data will be decrypted with quantum computers on the horizon. Some data has a lengthy shelf-life, and the nefarious organizations are betting these encrypted items will become available in the future while the data still has a great deal of value.

Read the full article from Cybersecurity-Insiders here.