‘Harvesting Attacks’ from Hackers Stockpiling Encrypted Information for Post-Quantum Era
(DarkReading) “Stockpiles of stolen information sitting in foreign databases are ready to be exposed the minute there’s a working quantum computer in five to ten years. The time to act is now,” says John Prisco, CEO of Quantum Xchange in this commentary.
In the cat-and-mouse game between cybersecurity and cybercriminals (nation-state or otherwise), a game-changer is in the near future: quantum computing, which is potentially capable of cracking even the most advanced conventional encryption.
Encrypted information stolen by China from the US government and industry is being stockpiled by China. Cheap data storage and the proliferation of valuable data online increases the feasibility and incentive for long-term storage of even the most solidly encrypted data. This offensive strategy is known as a harvesting attack. Attackers constantly find their way into sensitive networks around the globe. Hackers working for China, Russia, Iran, North Korea, and other nations are doing reconnaissance, stealing data, and hiding backdoors and malware in the networks of US agencies and military contractors, nuclear power plants and dams, banks, and Nasdaq.
It may be too late for much of the data that’s already been intercepted, but we can work to protect more of our data going forward — but only if the government takes this threat seriously. Given what’s at stake — and the stockpiles of stolen information already sitting in foreign databases that will be exposed the minute there’s a working quantum computer — we don’t have time to spare. That is estimated to be five to ten years away, and the quantum clock is ticking.