Tag Archive for: method
Researchers claim method to break encryption using existing quantum computer
/in Computer Security
A group of Chinese researchers has claimed to be able to break a widely used encryption scheme with a quantum computer that already exists, creating a possible boon for surveillance and a crisis for data protection.
The two dozen researchers from seven research institutions in China authored a paper describing a method using a 372-qubit computer to break RSA encryption instead of the theoretical quantum computer with tens of millions of qubits that was previously thought to be needed.
The implications are serious.
CONGRESS WANTS FEDERAL AGENCIES TO DEPLOY QUANTUM-SAFE ENCRYPTION
“Quantum computing has the capability to break the encryption on which most enterprises, digital infrastructures, and economies rely, rendering today’s encryption methods useless,” said Bryan Ware, CEO of LookingGlass Cyber Solutions. “That means that all secrets are at risk — nuclear weapons, banks, business IP, intelligence agencies, among other things, are at risk of losing their confidentiality and integrity.”
Quantum computing is still in its infancy, but cybersecurity experts have worried that quantum computers will eventually become powerful enough to break popular encryption schemes within minutes instead of the thousands of years needed by conventional modern computers. That possibility was supposed to be several years away, however.
Just in December, Congress enacted a law requiring the Office of Management and Budget to prioritize federal agencies’ acquisition of IT systems using post-quantum cryptography in an effort to deal with future advances in quantum computing.
But if the Chinese researchers are correct, the future is now. In November 2022, IBM announced it had built a working 433-qubit computer, larger than the quantum computer the researchers say is needed to break RSA encryption.
Still, the researchers’ claims have been met with skepticism in some cybersecurity circles.
The Chinese research is theoretical, and the underlying research it’s based on is “highly controversial,” Ware told the Washington Examiner. The paper may…
Inside a cyberattack method that targets your cellphone
/in Computer Security
The technique, which claims victims at Twilio and targeted others at Cloudflare, combines text messages intent on luring victims into clicking on a link, leans on the ubiquity of smartphones, seeks to manipulate human nature, and works around an increasingly common defensive measure.
A campaign that relied on the technique gathered steam this summer and targeted more than 130 companies, according to a report from cyberfirm Group-IB last month. The attackers compromised nearly 10,000 user credentials.
The technique works like this:
- Hackers send phony text messages to prospective victims, luring them to click on a link by pretending to be, say, a member of their employers’ IT team telling them that their password had expired or their schedule had changed. Typically known as “phishing” when the lures arrive via email, this is known as “smishing” because it’s a portmanteau of “phishing” and “SMS,” commonly known as texting.
- The link leads to a fake Okta site or another tool that verifies a sign-in, known as multifactor authentication or MFA. (Group-IB named the campaign in its report 0ktapus because of the Okta angle.)
- Once the hackers get the code that their victim unwittingly gives them, they’re able to roam around in the victims’ networks.
The Group-IB figures are dramatic, said Ryan Olson, vice president of threat intelligence at Palo Alto Networks’ Unit 42.
“That means they had success on like 70 individuals per company on average, and I don’t know what all the companies are or how big they are, but that was extremely successful for a phishing attack,” Olson told me. “If you were to send a phishing attack over email, you’re lucky if one in a 1,000 people even sees the email and makes it…
मेरे साथ हुआ अब आपकी बारी || Protect Your YouTube Channel From Duplicate Strikes || Youtube Update
/in Video