The UAE has announced the country’s first quantum computer and is also developing the first post-quantum cryptography (PQC) software library to safeguard confidential data against quantum computer attacks.
Top cryptography expert Dr Najwa Aaraj, chief researcher at the Cryptography Research Centre of the Technology Innovation Institute, noted that even though user data is secured in the UAE, any unprotected data may potentially be a target for a diligent hacker.
“As to why and how such leaks happen, hackers essentially exploit vulnerabilities in computer software and networks to gain unauthorised access,” she told Khaleej Times in an interview.
Breaches at social and professional networking sites, Dr Najwa underlined, were serious incidents as hackers and cybercriminals can use the data to impersonate people and commit fraud even if some of the leaked data is a few years old.
“Since it was posted on the hacking forum for free, the data is potentially available to anyone online, which heightens the risk further.”
How can we protect ourselves against cyberattacks?
Dr Najwa said many organisations do not follow even the most basic of information security rules of having a strong password, ensuring applications have security patches to rectify vulnerabilities or raising awareness of phishing emails.
“In order for organisations to protect themselves against cyberattacks, they should follow common cybersecurity procedures, including using complex hard-to-crack passwords, applying multi-factor authentication and ensuring that their internal computer networks have the required software patches.”
Dr Najwa pointed out that in the UAE, public and private sector organisations follow strict protocols to protect their vital and confidential data but risks remain.
“Like everywhere else in the world, there are some hackers and cybercriminals and other nefarious individuals or organisations who operate in cyberspace and seek access to computer networks or systems they don’t have authorisation to access by exploiting inherent systems’ vulnerabilities. This makes data potentially vulnerable at organisations, which do not take adequate measures, wherever they may be located.”
Asked if hackers or rogue entities can decrypt crucial data like medical records of Covid patients and bank account passwords using a large quantum computer, she said: “I don’t want to comment specifically about patient or banking data but essentially any unprotected data may potentially be a target for a diligent hacker.”
UAE’s shield against quantum computer attacks
Dr Najwa said the advancement of quantum computers can be used by hackers for malicious purposes.
“So, even though there may be cryptographic protocols that protect confidential data using strong cryptographic primitives, hackers try to break these protocols by exploiting implementation flaws or inherent design issues. While such protocols are currently effective, as quantum computing capabilities mature, they can make them less so because they are much faster than classical computers.”
“This ‘quantum threat’ applies to organisations globally, in particular those using a public key infrastructure. This is why post-quantum encryption is one of the safety measures being developed worldwide.”
Dr Najwa noted that the unveiling of the first PQC software library has placed the UAE in the same league of countries with advanced digital data security capabilities.
“The PQC library safeguards confidential data by protecting against quantum computer attacks. International and Emirati researchers at the CRC have developed the PQC software library that supports a wide variety of computer architectures and operating systems and will advance the cryptographic and security capabilities of Abu Dhabi and the UAE.”
“The PQC library has already been integrated in several secure communication products and CRC researchers will continue to develop it through incorporating more schemes in the future,” she said.
Copyright © 2021 Khaleej Times. All Rights Reserved. Provided by SyndiGate Media Inc. (Syndigate.info