Will quantum computing revolutionise cybersecurity? IBM thinks so
The world of cybersecurity has seen rapid advancements over the past decade, as technology permeates more and more aspects of commercial and consumer life. The proliferation of endpoints brought about by the rapidly expanding Internet of Things (IoT) has created an infinitely larger number of ways for cyber threats to enter a company’s network.
Cloud centric cybersecurity firm ExtraHop reported recently that, in 2018, the average dwell time (the time a cyber threat has access to a company’s network before striking) had risen to an average of 101 days, “and that’s just the average. Many organisations have discovered threats that had lurked in their environments for years before being discovered,” writes ExtraHop cybersecurity professional Chase Snyder.
With the industry leading enterprises reeling from one major cyber breach after another, cybersecurity experts are turning to an emerging element of IT, in the hope that it can provide the edge they need against everything from nation state sponsored hackers to Anonymous.
Quantum computers (that use qubits - bits that can exist in multiple states, as opposed to the 1 or 0 that binary can achieve) are exponentially more powerful than the most advanced modern supercomputers. The implication is that quantum computers could “lead to new breakthroughs in science, life-saving medical advances, and financial strategies to live well in retirement. Algorithms could even quickly direct emergency services such as ambulances,” says a collaborative report between The European Sting and the World Economic Forum.
However, the application that has businesses and governments investing billions of dollars in the technology is its ability to overcome traditional encryption.
We find ourselves in the midst of a new arms race. The cybersecurity company that harnesses the power of quantum computing before anyone else will be a great deal closer to making their systems impenetrable, and getting that dwell time number of days a lot closer to the holy grail of zero. The hacker who gets their hands on quantum computing technology first will be able to waltz into the most secure systems on the planet, even potentially cracking blockchain encryption and doing everything from stealing the most secure information on the planet to destabilising the cryptocurrency market. The stakes couldn’t be higher.
As one of the largest and most innovative software companies in history, IBM have their horse firmly in the race. IBM first made quantum computers available through its public cloud in May 2016 with the IBM Q Experience platform. As of today, users have executed more than 28mn experiments and simulations on the quantum cloud platform and published over 180 third-party research papers. IBM Q is one of the world’s most advanced quantum computing initiatives, focused on propelling the science and pioneering commercial applications for quantum advantage.
The company made an announced today that may be the next big step in the race to a quantum cyber secure future. IBM is announcing that it will begin to provide “quantum-safe cryptography services” on the IBM public cloud in 2020 and is now offering a Quantum Risk Assessment from IBM Security to help customers assess their risk in the quantum world.
"IBM Cloud is taking the critical steps needed to help enterprises ensure their data stays secure in a quantum future," said Harish Grama, general manager, IBM Cloud. "Starting in 2020, IBM Cloud will roll out new services that will help keep data secure and private from the emerging cybersecurity challenges presented by future quantum computers."
The technology IBM is deploying is awe inspiring in its scope. "In order to prepare for the impact that quantum computers are expected to have on data security, IBM Research has been developing cryptographic algorithms that are designed to be resistant to the potential security concerns posed by quantum computers," said Vadim Lyubashevsky, cryptographer, IBM Research. "Our jointly developed quantum-safe algorithms, part of a lattice cryptography suite called CRYSTALS, are based on the hardness of mathematical problems that have been studied since the 1980's and have not succumbed to any algorithmic attacks, either classical or quantum. This is why we have made our algorithms open source and have submitted them to NIST for standardisation."
Legend: John McAfee
John McAfee is credited with starting the entire cybersecurity industry. In 1987, he set up McAfee Associates and released VirusScan. Previous antivirus programs had been released, but McAfee’s was the first with mass appeal and was soon a day zero (or at least day one) installation for Windows users as well as corporate clients.
But McAfee was also a hugely divisive character. He dismissed his own software, claimed he never used it, and rejoiced when Intel bought McAfee and took his name off “the worst software on the planet.” He was anti-tax, pro-drugs, anti-war and pro-free trade. He was also a tireless crusader for cyber awareness, and set up a political party called the Cyber Party in order to make a bid for the office of president of the US.
“I am now everlastingly grateful to Intel for freeing me from this terrible association with the worst software on the planet”
McAfee: born in the UK
McAfee was born in Gloucestershire, UK, but moved to Salem, Virginia, where his American father (his mother was English) shot himself when McAfee was 15. McAfee worked at NASA, Univac, Xerox, Computer Sciences Corporation, Booz Allen Hamilton and Lockheed. It was while working at the latter he was given a copy of Brain, the first computer virus for PC, and began to engineer a defence.
Controversy dogged McAfee. He was implicated as a ‘person of interest’ in the search for a neighbour who had been shot. He married a prostitute. He claimed a cocaine baron was writing his biography. He was arrested for possession of an unlicensed weapon and for manufacturing drugs in Belize (later released without charge). There were various other arrests (mainly weapons related) but not much would stick until McAfee’s anti-tax stance caught up with him.
He fled the US as tax authorities turned up the heat on at least four years of non payment of tax and was arrested (again) in Spain in October 2020 at the behest of the US Department of Justice. Charges for fraudulently promoting cryptocurrencies were soon added and he was formally indicted in March 2021. In June 2021, the Spanish National Court authorised McAfee’s extradition to the US, and McAfee was found dead in his cell just hours later in what is widely believed to be a suicide.
Even in death, McAfee courted controversy, having announced that if he was ever found to have committed suicide, it would mean he had been murdered. A slew of conspiracy theories mushroomed in the hours after his death was announced. It’s just what he would have wanted.