Quantum Cybersecurity ‘Must Be Priority’ for Next Administration
Insider Brief
- MITRE is urging the next presidential administration to make quantum cybersecurity a main focus, according to NextGov reporting.
- The group says the 2024 election winner – whether it’s President Joe Biden or former President Donald Trump – will need to prioritize transitioning to new “post-quantum cryptography”.
- While quantum computers are still in development, some experts warn that they could be robust enough to cause cryptographic threats in as little as three years.
The national security think tank MITRE is urging in an advisory document the next US presidential administration to make quantum cybersecurity a top focus, warning that future quantum computers could crack current encryption methods used to secure government and private sector data, NextGov reports.
In the advisory released last week, the federally-affiliated research group said the 2024 election winner – whether it’s President Joe Biden or former President Donald Trump – will need to prioritize transitioning to new “post-quantum cryptography” (PQC) standards to protect against quantum computing advances.
“While it is hard to predict precisely when quantum computing will crack the current encryption, the U.S. government must prepare now to protect data in the context of post-quantum cryptography,” the MITRE report stated, as covered by NextGov.
Today’s cybersecurity systems rely on complex math problems that are difficult for traditional computers to solve, effectively locking out malicious hackers. But quantum computers, still in development, could rapidly decode this encryption by harnessing the ability of quantum mechanics to tackle extremely complex calculations, NextGov reported based on the MITRE advisory.
“It means malicious actors in the coming years may be augmented with new abilities to decode encrypted information currently considered secure,” the report warned, according to NextGov’s coverage.
The National Security Agency has predicted practical quantum computing tools enabling such code-breaking could be available in just 3-5 years via cloud access, as previously reported. The agency has already set a 2035 deadline for transitioning intelligence systems to PQC protections.
The National Institute of Standards and Technology (NIST) has been developing tools to migrate federal agencies to quantum-resistant encryption under a White House mandate. But MITRE said the next administration needs to accelerate these efforts by:
- Assessing the government’s PQC readiness
- Crafting a “cryptographic bill of materials” to catalog systems requiring upgrades
- Leveraging the private sector PQC Coalition for expertise
The report includes warnings of the “record now, decrypt later” attacks, where hackers harvest troves of encrypted data to crack open once potent quantum computers exist.
Based on current classical computing attacks, the stakes are high, MITRE points out: The proliferation of ransomware attacks is becoming a national crisis with high costs to industry and individuals. The Federal Bureau of Investigation (FBI) estimates that losses from cyber crime overall in the United States exceeded $12.5 billion in 2023 alone. The most frequent targets for ransomware attacks in 2023 were the healthcare and public health sector, followed by critical manufacturing and government facilities.”
MITRE is a leading national cybersecurity powerhouse, drawing on over 50 years defending government and industry networks from threats. The non-profit has pioneered game-changing innovations like the CVE vulnerability database and ATT&CK library of adversary behaviors. With multidisciplinary expertise spanning secure architectures to cyber operations, MITRE takes a whole-of-nation approach safeguarding U.S. critical infrastructure while bolstering cyber defenses for allies.
For a more complete understanding of MITRE’s “Don’t Trust But Verify” recommendations, you can read the report here.