By: Shimon Brathwaite
April 8, 2021
Does Ransomware Pose A Threat To The Quantum Computer?
By: Shimon Brathwaite
April 8, 2021
Quantum computing is one of the new technology advancements of the 21st century that has a lot of potential for creative destruction. Quantum computing uses quantum bits rather than regular bits; this allows it to process things much faster than a regular computer. This new technology can have applications in many different areas, and one of them is Cybersecurity. One of the key elements of security on the Internet is encryption to protect our day-to-day communications. If you've ever visited a website that has HTTPS, then you've had communications that were protected by encryption. Hackers also use encryption, namely in ransomware attacks where they encrypt a company's data and demand a ransom to decrypt it and return it to the company. The effectiveness of encryption is heavily reliant on the computer's processing power, and quantum computing will give hackers access to more computing power than ever power.
The Potential Benefit of Quantum Computing for Companies
Ransomware typically relies on encrypting a user's data and charging the victim a ransom to have their data returned. The interesting thing is that if quantum computing is as powerful as most people think it is, then many of the encryption algorithms currently in place may become obsolete. If this is the case, even if a hacker can compromise a company and encrypt their information, it may become an easy task for companies to decrypt their information using their quantum computers. If this becomes possible in the next few years, we may see a decrease in the number of companies forced to pay out ransoms to hackers. Logically, if companies stop paying out to hackers, then this may discourage many hackers from attempting to hack into companies to plant the ransomware. However, this would only be possible if a company could get access to quantum computing technology in the early stages before there is mass adoption of stronger algorithms that are resistant to quantum computing brute-forcing.
The Potential Benefit of Quantum Computing for Hackers
For a moment, let us assume that this occurs in the future: allowing companies to decrypt their information themselves. Many encryption algorithms that people may be using are not strong enough to protect against attacks from quantum computers used by a hacker. This would present a new attack surface for attackers that target those companies that fail to migrate over to a stronger encryption algorithm quickly. Especially for large companies or companies that have been around for a long time, getting people to migrate over to the secure version can be a painful and slow process. Sometimes people may not remember or even know of all the places they use the older version, and they can go without being updated for a long time.
Why the Effect of Quantum Computing on Cybersecurity May Be Overblown
Since the idea of quantum computing has been in development for some time, there are already some public-key encryption algorithms that are considered safe from attacks by quantum computers. For example, if we use advanced encryption standards (AES), AES-128 may not be secure, but AES-256 is expected to be sufficient. So, it would be a matter of companies being able to migrate over to these stronger algorithms in a timely manner.
Whether or not quantum computing is positive or negative will depend on who can adapt the quickest. There is no doubt that the increase in processing power that quantum computing offers can make cyberattacks much more effective and bypass many of the controls that we currently have. However, there are controls in place that can protect against cyberattacks if companies are willing to adapt and improve their security. Also, that same technology used to improve the cyberattacks can be used to generate stronger cryptographic material than previously possible. If I were to give a definitive answer on whether this poses a security threat or not, I would say yes because history has shown that getting people to adopt new standards can take a long time, years most likely. Therefore, the time between mainstream adoption of quantum computing and the time it takes for these new standards to be adopted gives hackers a great opportunity to exploit obsolete technology. If you like a technical breakdown of how quantum computing relates to encryption, you can find an article here.