EN | KR

Contact Us

Menu

22nd March 2021

Quantum protection for critical national infrastructure

Cybercriminals and hackers target businesses of all verticals and sizes. Whether for account access, financial gain, identity theft or pure nuisance value, the impact of a breach can be felt across the organization and beyond. However, when the target of an attack is part of a nation’s critical infrastructure, a line is crossed, and cyber-crime may become cyber terrorism. The threat level moves beyond financial to existential.

The successful injection of rogue data into utility and communications networks could result in catastrophic harm. The ability to hack the power grid and “turn off the lights” could be a cover for other nefarious acts but may also be an objective in its own right. Disabling internet connectivity, for even a short period of time, can cost millions in lost revenues.

An evolving threat landscape

Since the turn of the millennium, we have seen an alarming increase in the number of state-sponsored attacks targeting critical infrastructure. Foreign states have been accused of everything from tampering with national elections to persistent attacks on energy supply networks. Last year, Australia was subjected to what was called a malicious, large-scale cyberattack by a sophisticated state-based cyber actor. The attacks targeted government, industry, healthcare and other providers of critical infrastructure services.

The traditionally siloed networks serving critical infrastructure operations have become, through necessity, connected to the Internet. Whilst this has facilitated operational efficiencies, like remote monitoring, Smart Grid applications and IoT enabled devices, it has exposed the network to a wide range of threats.

Attacks on power utilities have been among the most high-profile. In 2015/2016 Ukraine suffered major power outages as the result of cyberattacks that were designed to “physically damage the power grid”. However, power generation is not the only critical network so suffer a major breach. Earlier this year, the security incident at the water treatment plant in Florida highlights the existential threat posed by unsecure utility networks.

SCADA networks are common within critical infrastructure organizations and are vulnerable to attack. Like many industrial control systems, SCADA networks rely upon trust, so the integrity and authenticity of data is of paramount importance.

Prevention versus protection

The regularity with which systems are breached suggests traditional prevention technologies do not provide sufficient long-term security. A robust data security stance also demands the use of protection technologies to ensure trust. Cyber security for mission critical applications requires defense in depth, with different layers of protection, and where strong state-of-the art data encryption represents the last line of defense.

High-assurance network encryption, combined with quantum key generation and distribution (QKD) technologies, are already being used to provide long-term data protection for critical national infrastructure. Robust, quantum-resistant encryption solutions are designed to provide security for the effective lifetime of any lost or stolen data. At the same time, quantum technologies that leverage the observer principle (observation causes perturbation) are being used to ensure the integrity and authenticity of command-and-control data as it travels across public and private network infrastructure.

Pioneering QKD for critical infrastructure

As a world leader in the field of quantum key distribution, ID Quantique has been at the forefront of quantum cryptography in the utilities industry. Since 2019, IDQ has been working with Services Industriels de Genève (SIG), Geneva’s utility company. Part of the OPENQKD project, SIG has been leveraging quantum technologies to secure data in motion between data center facilities.

IDQ has also been working in partnership with Hitachi ABB to provide security for its mission-critical networks. The ABB encryption solution leverage IDQ’s hardware based QRNG solution and supports QKD for long-term data protection.

Key recommendations

You need better and new solutions now (check reports from NSA, ETSI, CSA, etc.)
Only QRNG should be used to provide certified and provable randomness
Strong encryption, combined with QKD, should be used to ensure sovereignty and data ownership for the next decade

If you’d like to know more about how to leverage quantum technologies to secure critical national infrastructure or speak to one of our consultants, contact us at info@idquantique.com

Feel free to also watch the replay of our joint webinar with Hitachi ABB Power Grids to find out how:

IDQ and Hitachi-ABB Power Grids are meeting the challenges of securing utilities’ networks
The unique challenges associated with command and control networks for critical infrastructure
How quantum technologies can be used to provide long-term data network security in a post-quantum computing world

Stay one step ahead

Subscribe to our newsletters to receive breaking news, educational materials and product updates.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.

Cookie	Duration	Description
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
li_gc	5 months 27 days	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

Cookie	Duration	Description
SRM_B	1 year 24 days	Used by Microsoft Advertising as a unique ID for visitors.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
CLID	1 year	Microsoft Clarity set this cookie to store information about how visitors interact with the website. The cookie helps to provide an analysis report. The data collection includes the number of visitors, where they visit the website, and the pages visited.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.
ln_or	1 day	Linkedin sets this cookie to registers statistical data on users' behaviour on the website for internal analytics.
MR	7 days	This cookie, set by Bing, is used to collect user information for analytics purposes.
SM	session	Microsoft Clarity cookie set this cookie for synchronizing the MUID across Microsoft domains.
_clck	1 year	Microsoft Clarity sets this cookie to retain the browser's Clarity User ID and settings exclusive to that website. This guarantees that actions taken during subsequent visits to the same website will be linked to the same user ID.
_clsk	1 day	Microsoft Clarity sets this cookie to store and consolidate a user's pageviews into a single session recording.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.n
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gcl_au	3 months	Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and verify ads' clicks on the Bing search engine. The cookie helps in reporting and personalization as well.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
li_sugr	3 months	LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant.
MUID	1 year 24 days	Bing sets this cookie to recognise unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Others

Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.

Cookie	Duration	Description
datatranscw-woocommerce-context-id	session	Description is currently not available.
datatranscw-woocommerce-context-key	session	Description is currently not available.
VISITOR_PRIVACY_METADATA	5 months 27 days	Description is currently not available.
wp11868	1 year	Marketing automation. Automatically sets cookie tracking when visitors engage through form submissions, clickthrough’s in email messages, and web pages containing the Act-On Beacon Tracker.

Home