IT disaster recovery, cloud computing and information security news

Critical pathways to protect telcos against quantum-era cyber threats

Details

As part of the Post-Quantum Telco Network Taskforce, GSMA, an industry organization, has published the ‘Post Quantum Telco Network Impact Assessment’. With contributions from members IBM, Vodafone, and others, this provides an in-depth analysis of the quantum security threats facing the telecommunications industry and a detailed, step by step list of potential solutions to prepare for these threats.

GSMA says that the report maps out a clear path for telco organizations to work across their ecosystems to protect data from cybercriminals acting today to tap into the potential power of future quantum computers.

It includes:

  • A telco-specific assessment of the business risk of quantum cyber threats, including four of the highest impact attack types: store now, decrypt later; code signing and digital signatures; rewriting history; and key management attacks.
  • Discussion of standardization for hardware and software changes, such as SIM cards, public key infrastructure, digital certificates, and CPE devices.
  • Specific approaches to quantum-safe algorithms and risk assessment frameworks, including code-based, lattice-based, hash-based, multivariate-based, and hybrid approaches.
  • Timelines of several government plans that have been launched to implement quantum-safe encryption (Australia, Canada, China, France, Germany, Japan, New Zealand, Singapore, South Korea, the UK and the US).
  • Examples of quantum-safe applications for several telco domains, including devices, 5G networks, SIMs, Operating systems, ERP, infrastructure, and the cloud.

According to the report, it is widely considered that by 2032 there will be completion of a large fault-tolerant quantum computer capable of running crypto-analytic algorithms that could threaten current cryptographic approaches. This requires immediate preparation, as some forms of attack may be retrospective (e.g. ‘store now, decrypt later’). Motivated bad actors may be harvesting and storing data now in order to decrypt it once certain quantum computing capabilities become available. As stated in the report, such actors may do this to “undermine the security of data with long-lived confidentiality needs, such as corporate IP, state secrets or individual bio-data.”

Obtain the report.


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

The Hunt for Hidden Risks
The BIA Guide

Additional Resources

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.