The risk of quantum-powered password decryption is increasing dramatically. Organizations need to submit an inventory of potentially vulnerable systems and prioritize the adoption of post-quantum cryptography standards, the US officials recommend.
Security intelligence explains why businesses have to act now.
Problems
Quantum technology could help and potentially harm day-to-day business operations. In particular, quantum computing adds a new cryptography concern. The issue stems not from passwords themselves but from the process of cryptography, which describes how passwords are encrypted. Current asymmetrical algorithms would require billions or trillions of years to break using a traditional computer. Armed with a quantum device, however, this same process could take just 8 hours. The risk here isn’t about a quantum computer “guessing” the right password. The concern is in their power to break encryption itself.
Solutions
Here are three steps enterprises can take right now to reduce their quantum risk.
Inventory At-Risk Systems
Organizations must get started with post-quantum security. The first step is to create an inventory of at-risk systems. By taking stock of current password-protected apps and services that aren’t up to quantum security standards, businesses can prepare for the next phase of digital protection.
Adopt Symmetric Defenses
Symmetric standards such as AES-256 offer better protection against quantum attacks. It’s a good way to defend current assets as quantum security tools evolve.
Look for Quantum Protection Partners
Quantum protection isn’t something most companies have the time and expertise to implement themselves. As a result, it’s worth finding partners with expertise in this area to help make the security shift.
‘Quantum computers can be programmed with specific algorithms that significantly reduce the time of password decryption. This makes businesses’ digital assets more vulnerable as everything from e-commerce, emails to banking and personal payments includes encryption. We recommend organizations study carefully the Quantum Computing Cybersecurity Preparedness Act and estimate their most vulnerable systems. It would be useful to start working on the adoption of post-quantum cryptography standards. Businesses should choose encryption algorithms that are more resistant to brute-force attacks,’ Artem Mykhailov, ISSP Enterprise Solution Director said.
Comments