AI, quantum technologies and new cyber threats – are we prepared?
Quantum computing is on the horizon. The emerging computing architecture renders possible a form of ‘super parallel processing’ based on quantum physics that can rapidly solve problems beyond the scope of what a classical computer can achieve.
The technology is fast advancing, with governments investing billions and blue-chip technology heavyweights prioritizing the technology.
Advances in quantum computing risk unraveling data encryption, bringing far-reaching implications for data security to the fore.
“If we see … major advances in quantum computing, very quickly, then all of our attempts to encrypt our data may actually collapse.” – Wendell Wallach, Yale University’s Interdisciplinary Center for Bioethics
What this means is that quantum computers will be incredibly effective at hacking into encrypted data – rendering sensitive data and critical infrastructures, as well as Internet of Things and 5G networks, vulnerable to attack.
‘Download now, decrypt later’
Although the technology is not yet commercially deployed, the security threats are already here.
The ‘download now, decrypt later’ attack vector already sees actors downloading existing encrypted data, to be cracked open once the technology arrives.
“Now, it’s not a matter of if it will happen,” said Mark Jackson of Cambridge Quantum Computing during a panel discussion on AI, quantum technologies and new cyber threats at the recent AI for Good Global Summit. “It’s only when… and you don’t want to wait 10 years before you upgrade your security. You should be doing it now, because it takes time to make this transition.”
Quantum-safe solutions already exist. Technologies such as Quantum Key Distribution (QKD) and Quantum Random Number Generator (QRNG) have been proven to be quantum-safe and ready for large-scale deployment.
“I actually want to take this opportunity to thank the ITU because, this year, they’ve done a great job of creating standards for quantum technologies related to encryption and security.” – Mark Jackson, Cambridge Quantum Computing
However, their use will not be possible without standards to support trust and interoperability across large-scale networks such as 5G and IoT. ITU is building an ecosystem of quantum specialists collaborating to develop standards on the security aspects of quantum technologies.
“There’s a much bigger threat than a lot of people realize, for their current security systems,” says Mr Jackson. “I actually want to take this opportunity to thank the ITU because, this year, they’ve done a great job of creating standards for quantum technologies related to encryption and security. And I think this is doing a great job to kind of elevate the importance to people to show that it’s important enough that we have to create standards … the technology already exists, and they need to take it seriously.”
ITU’s standardization arm, ITU-T, has welcomed a range of new members interested in influencing the development of ITU standards on security aspects of quantum technologies.
The home of ITU standardization work on security aspects of quantum technologies is ITU-T Study Group 17 (SG17), the expert group responsible for ‘building confidence and security in the use of ICTs’. Networking aspects of quantum key distribution are under study in ITU-T Study Group 13 (SG13), the expert group responsible for ‘future networks and cloud’.
Beyond the threats, quantum computing – more specifically, quantum machine learning – has the potential to address challenges faced by society today.
Jackson detailed how quantum machine learning’s unique properties, such as its ability to generate provably random number sequences and identify unseen patterns, can potentially help with data integrity verification and content authentication.
Convergence and unpredictability
Concern about the convergence and unpredictability of emerging technologies was echoed throughout the panel at the AI for Good Global Summit.
“We’re facing right now an era of hybrid emerging cyber threats produced by the combination of powerful dual-use technologies. AI is one of them – AI converging with bio- and cybertech,” said Eleonore Pauwels, Research Fellow on Emerging Cyber-technologies at UN University’s Centre for Policy Research.
“We have absolutely no idea what rate which breakthroughs will take place, or in what order.” – Wendell Wallach, Yale University
Pauwels voiced particular concern for the potential for malware to automate and spread data manipulation in healthcare systems and disintegrate trust in governing institutions. “What is at stake is really the power to manipulate the integrity of data and strategic intelligence within the functioning of countries’ political processes, economic infrastructures, and even now operations, bodies and minds,” said Pauwels.
Looking forward, panelists highlighted the need to employ foresight to address issues before it is too late.
“Foresight, and especially integrating a diversity of knowledge and experiences … would also help us to actually shift the technological design before that’s decided, and before it’s deployed,” said Pauwels. “I’m a big believer in doing foresight anticipation in cooperation with diverse actors.”
An ‘ethical-legal gap’?
“These technologies are appearing at a rapid rate, and they’re converging. We have [a] serious ethical-legal gap – what’s sometimes called the pacing problem – between our ability to put in place policies to attend to the negative consequences,” says Wendell. “Many times, the technologies are so embedded in our society, by the time we recognize what can go wrong … we don’t have effective ways of addressing it.”
Wendell remarked on a global sense of a loss of agency, and drew a metaphor between the state of the world today and the self-driving car. “Technology is in the driver’s seat as a primary determinant of human destiny. And we seem to be deploying technologies because they’re feasible, without necessarily allowing citizens to have an active participation in the world that we’re creating.”
By Pamela Lian, ITU News