In the evolving drama of corporate espionage, Bond-like characters navigating the shadowy corridors of the analog age have long since made way for digital protagonists. The likes of Lisbeth Salander, who’ve been hacking their way through the complex web of the information age, are also set to step out of the limelight. We stand at the dawn of the quantum age, where a new chapter in corporate espionage is written. It is a world where mastery of quantum algorithms and how to protect them is the key to power.
Algorithms are already highly valuable to businesses across the globe, of course, but this will be orders of magnitude more significant in the quantum age due to their unparalleled problem-solving power. Imagine algorithms that could be used to develop new materials, revolutionize drug discovery, optimize logistics, predict market trends and even global economic shifts. A single breakthrough could mean performing a key process several times quicker and more efficiently than your closest competitor, directly leading to a dominant position in the market.
As businesses and governments pour resources into developing proprietary quantum algorithms, they will become invaluable, shrouded in secrecy, and fiercely guarded. They will become prized corporate assets and, inevitably, prized targets for corporate espionage. In the hands of a competitor or a foreign nation, these algorithms could tilt the scales of corporate, economic and political power. Protecting these assets will no longer be ‘just’ a matter of cybersecurity but a strategic imperative at the highest levels.
The First Act
Significant advancements and breakthroughs in quantum computing are being made seemingly almost weekly, while commercially accessible quantum computers are already on the market. However, these quantum systems are not yet robust or large enough for widespread practical applications. They are akin to the early classical computers of the mid-20th century – full of potential but limited by current technological constraints.
. This has led to a surge in research on post-quantum cryptography. Governments, the global tech community and international standards organizations are actively engaged in a race to develop encryption standards that can withstand quantum computing attacks.
Even Apple is planning for a post-quantum world. In February, it introduced PQ3, a new cryptographic protocol for iMessage offering what it deems the most substantial protection against quantum attacks.
This first act of the quantum age is one of anticipation and preparation, laying the groundwork for the profound changes quantum computing will bring.
Preparing for a Major Role
Like a double agent, quantum computing plays a dual role in cybersecurity. On one hand, it poses significant threats, such as quantum decryption, which has the potential to break traditional encryption methods. On the other hand, it offers robust solutions like quantum encryption, providing a level of security unattainable by classical computing. This sets the stage for an arms race of epic proportions between those trying to gain access to quantum secrets and those trying to protect them.
This race has in fact already begun, though it is very early stages. For example, in 1994, American mathematician Peter Shor developed a quantum algorithm that could break RSA encryption extremely quickly. The software already exists and is readily available – it is just waiting for the machines to catch up.
To stay ahead of quantum cybercriminals of the future, organizations need to be proactive and invest in education and experimentation with quantum machines and algorithms now. Much like Q in the Bond series, infosec teams will be responsible for developing and deploying the tools needed to keep their prized assets safe from attack, whenever that may be. This process must start now, especially for those working in highly sensitive industries or with highly sensitive data.
Quantum Tools in Defense of the Realm
The field of quantum encryption is still young and will develop in ways we cannot predict. However, we could deploy several promising technologies and techniques—in the words of MI5—to defend the realm.
For instance, quantum key distribution will allow two communicating users to tell whether a third party has tried to eavesdrop or tamper with a transmission. This key distribution system relies on a fundamental aspect of quantum mechanics: trying to measure a quantum system will disturb that system. Someone trying to obtain a key to observe the data packet will introduce detectable anomalies, allowing the rightful owner or recipient to stop the transmission quickly.
Similarly, quantum technology will enable actual random number generation. Random number generators (RNGs) are used in security protocols to create encryption, decryption keys, and one-time passwords. However, today’s RNGs still follow some code, meaning patterns could be detected over a large enough dataset. If this code is cracked, a bad actor could find themselves with the key to a huge digital safe.
However, the numbers derived from a quantum-powered RNG can be generated entirely probabilistically, meaning there is no way to discern what it will come up with. True randomness like this will make it near-impossible to decipher, identify or steal encrypted information, meaning companies that adopt quantum RNG can vastly improve the security of data transfers and communications.
Be Prepared and Embrace Quantum Early
While we continue to get closer to quantum advantage every day, it will not be realized in the short term. So, there is no room for complacency. While Bond was kicking his heels up and drinking a Martini, Salander was tinkering with a Commodore 64 and learning BASIC. We have already reached this stage of the quantum age, and cybersecurity professionals must also learn the basics of quantum computing and quantum algorithms. It is the only way to ensure they can stay ahead of the game, protect their organizations, and ensure the safety of the most valuable digital assets we have ever seen.
