Why Enterprises and Governments Must Prepare for Q-Day Now

Written by

In today’s hyperconnected world, enterprises and governments are accelerating digital transformations to revolutionize the way businesses operate – improving efficiency and productivity, creating new revenue streams and delivering value to customers. As part of this effort, governments and businesses alike are investing in quantum computing to help address societal challenges and improve efficiencies and insights.  

While quantum computing has huge potential for good, when in the wrong hands it also has the ability to cause tremendous harm. So what are the quantum threats facing enterprises and governments and why should they start preparing for the impending Q-Day now?

Increasing Use of Quantum Computing by Governments and Enterprises

Across the world, we are seeing governments and enterprises increase investments in quantum computing to tackle issues around sustainability, defense and climate change. Organizations that invest early in quantum computing are more likely to reap significant benefits.

For example, already we are seeing quantum computing help banks run more advanced financial computations and companies like Mercedes Benz shaping the future of electric cars. As the potential to use quantum computing for good appears to be limitless, we can expect companies and countries will continue to leverage its capabilities.

What is the Quantum Threat?

Just as we are able to leverage quantum-speed problem solving for good, it can also be used to wield quantum-speed cyber-attacks. However, this will require a cryptographically relevant quantum computer (CRQC) which does not yet exist. So, if quantum computers haven’t yet arrived, you may ask – why do we need to worry now?

With technology advances, ‘Q-Day’ – the day a viable CRQC will be able to break most of today’s public key encryption algorithms – is moving ever closer. Some experts predict it could be as soon as 2030, so the sooner we can prepare ourselves the better. In fact, governments and enterprises are already at risk; even today, bad actors are employing ‘harvest now, decrypt later’ tactics, to decrypt data for a mass Q-day attack.

In the hands of bad actors, quantum computers carry the potential to impact economies, disrupt critical research or worse, endanger lives. Human-critical networks such as power grids, healthcare networks, utilities, public safety and financial systems, are particularly vulnerable given the potential for financial gain associated with interference in these sectors. The diversity of cyber-attacks that we’re currently seeing across industries indicates that cybercriminals are targeting multiple sectors to find vulnerable systems and victims – no sector is exempt.

To cause disruption, bad actors will use a CRQC to unravel current data encryption protocols that protect sensitive data, making current public key cryptography methods obsolete. They could hijack millions of connected IoT devices to create distributed denial of service (DDoS) botnets that flood IP and optical networks with terabits of data and hundreds of millions of packets per second.

Taking Steps to Mitigate the Risks Now

With public citizen data, national security, financial records, intellectual property and critical infrastructure all at risk, we must prepare our enterprise and critical networks for the possibility of quantum computing threats now. This will involve network modernization, including the updating and upgrading of network infrastructure and protocols, as well as implementing security measures to ensure the safety of communications. A multi-layer approach from the optical core to the IP edge and application layer will be essential in effectively encrypting in-flight network data, according to the transmission and network infrastructure.

Quantum computers are here and becoming accessible around the globe, so now is the time to build quantum-safe networks with advanced cybersecurity protection and post-quantum era encryption. Critical enterprises and governments need to protect themselves – and their critical infrastructure – against these attacks, so they are ready for Q-Day.

What’s hot on Infosecurity Magazine?