The widespread use of quantum computers that can replace traditional computers are a decade or so away. Yet, there is great worry for technology leaders because quantum computers can crack the security codes that protect today’s IT systems and networks.
And the hackers know it, said Dr Volkan Sevindik, chief technology officer of StarHub.
Hackers are stealing and stockpiling encrypted data in massive “steal now, decrypt later” operations banking on future quantum machines to crack it all open, he explained.
By the time the quantum computers arrive, the hackers would be ready to use the machines to exploit the data for their benefit, he said.
“So, before 2029 we need to move critical infrastructure to quantum-safe standards,” he stressed.
“It takes just one link decrypted by a quantum computer to expose all your data,” he told reporters yesterday at the announcement of a StarHub and IBM partnership to develop quantum safe networks.
One of the thorniest challenges for security experts is that most organisations have no idea where their security codes – known as cryptographic keys – live in their IT systems and networks or who has access to them, he added.
Cryptographic keys lock and unlock encrypted data – every time a system sends or receives secure information, a key is used to scramble and unscramble it. Large organisations have thousands of these keys scattered across their networks, systems, and applications.
This is a common concern raised by cybersecurity and technology leaders around the world, said Dr Sevindik.
Many have no catalogue, inventory or map, he noted, explaining that without a list of crypto keys, enterprises cannot take the first steps to make their systems quantum-safe.
Organisations would be flying blind into the quantum era, trying to defend assets they have not fully accounted for yet, he said.
This unsettling concern is driving StarHub to enhance its collaboration with IBM to strengthen its readiness against emerging cryptographic threats, including risks posed by future quantum computers.
StarHub, the second largest telecom operator in Singapore, manages over 20,000 digital assets and more than 600TB of data in its IT system and mobile network.
One area in the collaboration is focussed on strengthening quantum-safe readiness and crypto-agility capabilities for future network environments.
Dr Sevindik said an initial step would be to catalogue the crypto keys in StarHub’s network to discover its cryptographic dependencies, identify vulnerabilities, and build a clear road map to post-quantum standards,
The two organisations have been collaborating for years on network automation and observability to monitor, detect, and resolve network issues in real time.
The quantum-safe push layers on top of that foundation to ensure that security not just a compliance checkbox, but a live, adaptive capability baked into how the network operates.
IBM Asean’s general manager Catherine Lian said: “The threat of “harvest now, decrypt later” is a present-day reality for critical infrastructure.”
She added: “IBM’s post-quantum algorithms, notably, are among those standardised by the US National Institute of Standards and Technology (NIST), so when IBM talks quantum-safe, it’s not vapourware.”
In Singapore, the Infocomm Media Development Authority (IMDA) has expanded its National Quantum-Safe Network Plus programme while the Cybersecurity Agency of Singapore has rolled out a Quantum Safe Handbook and Quantum Readiness Index to help organisations assess their readiness.
