G7 cyber group warns financial sector to prep for quantum computing risks

Avatar

A major intergovernmental group on Wednesday called on the financial sector to prepare for “impending threats” brought by developments in quantum computing.

The G7 Cyber Expert Group, which is chaired by the U.S. Department of Treasury and the Bank of England and advises G7 finance ministers and central bank governors on cyber issues, broadly recommended that financial authorities and institutions assess quantum computing risks and develop plans to mitigate them.

It also highlighted recent efforts by the National Institute of Standards and Technology (NIST) and the European Union Agency for Cybersecurity (ENISA) to roll out post-quantum cryptography algorithms that will likely form the basis of new encryption standards.

Computer science and cybersecurity experts say that quantum computers — which theoretically can quickly solve complex problems that would be impossible for conventional computers — are being developed by governments and companies, and could become a reality in the next decade. 

Although these devices are expected to benefit a wide range of sectors, they could also be used maliciously to launch cyberattacks and unlock vast amounts of sensitive data. Traditional cryptographic algorithms that secure financial information and government secrets would likely be easily cracked by quantum computers, the G7 group said.

“In anticipation of large-scale quantum computing becoming prevalent, threat actors may be implementing a ‘harvest now, decrypt later’ scheme to intercept confidential data now with the intent of decrypting it once quantum computers become more capable and widely available,” it added.

As a result, even though quantum computers may be years away, the group is advising financial entities to take action to handle the threats when they arrive. “Such future actions may include creation of an inventory of cryptography use within the entity and its third parties. It may also include planning for the orderly replacement of vulnerable technologies with those that are quantum resistant,” the group said, pointing to various government guides that have been issued in recent years to help companies prepare for quantum computing threats.

“The G7 CEG believes that planning for the quantum transition is important to economic security and prosperity, and strongly encourages financial institutions to provide funding and other resources needed to support it,” said Todd Conklin, the deputy assistant Treasury secretary for cybersecurity and critical infrastructure protection, in a statement.

The G7 Cyber Experts Group, which was founded in 2015, helps set cyber policy for Canada, France, Germany, Italy, Japan and the U.K., as well as the United States. Several financial authorities in these countries have come out with similar warnings and recommendations around quantum computing in recent years.

The U.S. Federal Reserve, for example, warned Congress last year that there are obstacles for the widespread implementation of quantum-resistant cryptography algorithms.

Nation-stateTechnologyGovernmentNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Adam Janofsky

is the founding editor-in-chief of The Record from Recorded Future News. He previously was the cybersecurity and privacy reporter for Protocol, and prior to that covered cybersecurity, AI, and other emerging technology for The Wall Street Journal.

 

Total
0
Shares
Previous Post

Modified LockBit and Conti ransomware shows up in DragonForce gang’s attacks

Next Post

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

Related Posts

Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia

Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe. Recorded Future's Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat group tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) as UAC-0063, which, in turn, overlaps with APT28. The
Avatar
Read More