SPEAK WITH AN EXPERT

How quantum mechanics is transforming cybersecurity: A threat intelligence perspective

Quantum computing has been hailed as a transformative technology with the potential to revolutionize numerous industries. From healthcare to finance, it has already demonstrated the capacity to solve complex problems beyond the reach of classical computing. However, quantum computing also poses a significant cybersecurity threat, with the potential to entirely transform the current threat landscape. As such, security teams must be aware of ever-changing attack tactics and threats. Tailored cyber threat intelligence can help your organization gain an external-facing view of its greatest risks, ensuring that you are prepared for the potential of quantum-powered threats.

The benefits of quantum encryption over classical computing

Classical encryption algorithms rely on mathematical problems that are difficult to solve, such as factoring large numbers into their prime factors. However, quantum computers can theoretically break these algorithms using methods that exploit these mathematical operations much faster than classical computers. Because of this, quantum computing can break some of the encryptions used in common security mechanisms used today and expose sensitive data to unauthorized parties and attackers.

The impact on cybersecurity: How and where encryption is used on modern infrastructures

Many common services and systems used in today’s digital landscape rely on encryption, making them most at-risk for attacks that leverage quantum computing. These are the main encryption use cases:

  • Secured communication: All data in transit, including email, web browsing, file sharing, and secure payment
  • Data protection: Data that is encrypted to protect privacy and confidential data
  • Identity verification and digital signatures: Methods used to verify the authenticity of a document or message

Identity verification and secure communication attacks

Many common methods of identity verification and security used today will be vulnerable to attack once quantum-powered tools enter the threat landscape. Among the various identity verification techniques used today, JSON Web Tokens (JWTs) are used widely to represent claims between two parties. JWTs are typically used for authentication and authorization, but they can also be used to represent other types of data.

JWTs are signed using a cryptographic algorithm, ensuring that the token has not been tampered with. However, the cryptographic algorithms that are commonly used to sign JWTs, such as RSA encryptions and the Elliptic Curve Digital Signature Algorithm (ECDSA), can be potentially cracked and decrypted by quantum computers. Tokens are not the only security tool employing RSA encryptions to securely manage data – Secure Shell (SSH) keys and Transport Layer Security (TLS), which implement HTTPs to secure browsers, use them too. APTs could decrypt HTTPs and perform Man-in-the-Middle (MiTM) attacks.

Each of these mechanisms is vulnerable to attack by quantum computers, as they allow for advanced encryption beyond the scope of today’s standard tools.

Here are some potential attacks that can be made possible using quantum computing:

  • Decryption of HTTPs by APT groups performing MiTM attacks
  • Exposure of HTTP and Secure Sockets Layer (SSL) certificates that rely on non-quantum-proof encryption techniques
  • Forging of JWT tokens that are signed with encryption to authenticate as another user

Targeted data leakage attacks may be on the rise

Many security mechanisms for protecting confidential data and meeting compliance and data protection laws rely on data encryption. With current technology, stealing encrypted data may be ineffective for threat actors, as they have no way to make this data readable.

However, this is expected to change with quantum computing, as data will be more accessible to and valuable for threat actors. Therefore, security teams should expect more activity targeting data centers, databases, and the like – and focus more on protecting this data. Relying on traditional encryption will no longer be sufficient. Numerous threat actors have already been found leaking encrypted valuable data to decrypt that data using quantum computers or other advanced tools.

Security teams should expect more activity targeting data centers, databases, and the like – and focus more on protecting this data. Relying on traditional encryption will no longer be sufficient.

High-profile threat actors are exploiting confidential data

It is crucial to consider who might commit these types of high-level cyberattacks. Since quantum technology will not be commercially available (at least in the short term), it’s likely that at first, only high-profile threat actors and nation-state-backed intelligence agencies will leverage this technology. These attackers focus their efforts on long-term, complex, and strategic attacks that remain unnoticed for longer periods of time This means that information will be handled discretely – unlike the way that cybercriminals, who tend to publicly announce stolen data available for sale on different marketplaces and channels, often operate.

Alongside this, some of the most advanced quantum computers are currently being developed by big tech companies with the vision of providing quantum computing as a service (QCaaS) to organizations including private and public institutions, companies, or researchers.

Since confidential data is expected to continue to be targeted, we can also expect the number of blackmail cases to increase. This trend will not occur with low-profile and widespread blackmailing that is more easily identifiable to security teams. Very discrete and powerful blackmail operations against high-profile individuals or users with high-privilege access within systems of interest will be targeted. We should expect more websites containing private sensitive information to be targeted, such as dating services, hotels, credit card companies, surveillance systems, and the like. We may also see the development of new types of attack mechanisms that unencrypt confidential data or secrets.

Leveraging quantum computing powers

Although quantum computing is still in its very early stages, various countries are already competing for the most advanced quantum computers. Because each of these countries have state-backed threat actors and espionage agencies, we should expect Advanced Persistent Threat (APT) groups to leverage state resources to gain access to quantum computing technologies to carry out their attacks.

Once threat actors utilizing these advanced quantum mechanics are identified, and their potential targets are established, a range of threats and challenges will emerge as central elements within the threat intelligence landscape – challenges everyone can predict and should prepare for in advance.

Once threat actors utilizing advanced quantum mechanics are identified, and their potential targets are established, a range of threats and challenges will emerge as central elements within the threat intelligence landscape – challenges everyone can predict and should prepare for in advance.

According to the World Economic Forum, global public spending on quantum technology exceeded $30 billion USD in 2022. China led the way, accounting for roughly half of all global public spending on quantum technology, followed by the European Union at about a quarter. The remaining quarter was divided among nine other countries, including the US, Canada, Japan, and the United Kingdom.

In 2022 alone, the US invested $1.8 billion in funding, the EU $1.2 billion, and Canada $100 million, according to McKinsey Digital. China, however, invested $15.3 billion in 2022, an investment four times that of the total US investment. It’s no coincidence that China is also the country with one of the highest amounts of well-known APT groups and campaigns targeting western governments and companies.

Here are some examples of recent attacks, which include intellectual property companies, tech companies, and more:

Can quantum computing attacks be mitigated?

Stopping these types of attacks is not an easy task. APT groups, in contrast to common cybercriminals, do not carry out low-impact cyberattacks. They have almost infinite financial and human resources, typically carrying out Zero Day attacks that are detectable only once the breach has been completed.

Currently, quantum computing attacks are limited in various aspects:

  • Technological resources: Cybercriminals currently do not have enough resources to carry out large-scale quantum computing-powered attacks. Quantum technology will only be available to certain global powers and their state-backed APT groups. Quantum computing will not become, at least in the short term, widely-used and easy-to-access technology.
  • Nature of the attacks: The main goals of state-backed APT groups are cyberespionage, intelligence gathering, and influence. To carry out these types of attacks, discretion is critical, as attacks are extremely targeted. Because affected sectors of these attacks are easy to forecast, security teams in such sectors can better anticipate and prepare for a potential attack.

Cyber threat intelligence can mitigate the risk to the enterprise

There is much work to do to best protect organizations and individuals from the quantum-computing threat. Specifically, strategic decision-makers must integrate protective measures against current and evolving quantum computing attacks. Zero-trust models can also reduce the impact of these types of attacks, alongside other mechanisms to limit access to sensitive organizational assets. All protective measures must be focused on resilience and preparation surrounding potential future threats.

Strategic decision-makers must integrate protective measures against current and evolving quantum computing attacks.

Giving your security team visibility into the threat landscape surrounding your enterprise can bolster your defenses, against future developments in the use of quantum computing and any APT groups that may utilize similar strategies. Tailored threat intelligence can ensure that your enterprise maximizes protective measures against the tide of threat actors who may potentially start using quantum computing to seize and attack your assets.

To learn more about how to build protective mechanisms that utilize threat intelligence, contact us to speak with one of our Cyber Threat Intelligence experts.