Cybercriminals could rent the access to the incredible computing power of quantum computers, which they could then use to break network encryption algorithms and offer that (as a service) to many more criminals across the globe. Quantum computing’s full implications are still unfolding but considering the recent rise of cybercrime-as-a-service ( CaaS ), the augmentation of CaaS with quantum computing may become a much more imminent challenge for cybersecurity leaders. So, the revival of passive network tapping threats may be a more potent method of attack than ever before. Instead, Security leaders rely on the fundamental notion that the network is encrypted and hence secured. As a result of that, security leaders practically lost the ability to conduct continues security controls and implement compensation controls over their enterprise network. Moreover, because of the strong shift to cloud services along with the work from home ( WFH) trend, today, enterprise’s network boundaries are no longer isolated, well-defined, and protected. Most of today’s security leaders either didn’t live in the era when network tapping devices were used or got used to the fact that this is not anymore, a risk that needs to be addressed. Network tapping devices are passive devices that are used to tap and extract valuable information from network traffic without raising any suspicion. Looking at the growth trajectory of quantum computing, it’s reasonable to foresee that in a matter of a few years, a significant number of encryption protocols that are used today could be vulnerable to quantum-based attacks. Indeed, in December, a team of Chinese scientists published a paper that claimed it had a quantum algorithm that could break RSA with a 372-qubit quantum computer (few commercial organization have this computing power already ) in a matter of hours. By comparison, a classical computer would need longer than the age of the universe to achieve the same. A quantum computer could potentially break these encryption methods by using Shor’s algorithm, which can factor large numbers exponentially faster than a classical computer. Particularly in cybersecurity, the impact could be profound and potentially breathe new life into the cyber-attack practices that leverage older, dormant passive network tapping.įor example, the RSA encryption algorithm (currently considered highly secure) is based on the difficulty of factoring large numbers. This powerful computational paradigm, capable of processing data at unprecedented speeds, is projected to bring transformative advancements across multiple industries. The development of quantum computers, which are powerful enough to break popular encryption technologies, along with the recent rise of cybercrime-as-a-service ( CaaS) propelled by state-sponsored endorsements, may emerge as a major paradigm shift to how cyber security leaders have been viewing and utilizing network encryptions.ĭue to their superior processing capabilities, quantum computers pose a serious threat to current encryption methods. However, the ever-evolving landscape of technology could significantly alter the current approach of protecting the network with an encryption defense layer. Indeed, as the bulk of the organization’s network traffic is now encrypted by either AES or RSA encryptions, the common attack vector of network tapping has vanished and no longer requires mitigation planning and compensation controls by security leaders. The most popular network encryption – AES – has become a must-have standard for every type of organization. The most popular cybersecurity series of conferences worldwide, the RSA, is named after the RSA public-key encryption technology developed back in 1982. The notion of network encryption (also known as ‘data encryption in transit’) is considered an integral part of the organization ‘security hygiene’. For the past few decades, every CISO and cybersecurity leader knows that encryption provides the fundamental defense layer to data and network traffic.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |