Security

What’s up with… quantum security, cybersecurity, Dish Network

By TelecomTV Staff

Aug 4, 2022

  • Quantum-proof encryption is blown apart
  • Cybersecurity warnings are hitting home
  • Dish Network keeps losing subscribers

Depending on what you read (and where you read it), quantum computers either don’t exist yet (but soon will) or do exist in some countries where they are being kept hidden in underground facilities along with alien spacecraft, Bigfoot, the Grand Duchess Anastasia, and Börte, the missing first wife of Genghis Khan. Regardless of which way you lean in terms of quantum computers (and you’ll need some serious arctic clothing if you do lean on one), there can be no doubt they are on their way and much is expected of their mooted massive ability to be impervious to decryption. It’s a shame then that one of the encryption algorithms on the list of the US National Institute of Standards and Technology (NIST), regarded as being impervious, was defeated in 62 minutes by two scientists, Wouter Castryck and Thomas Decru, of the Catholic University of Leuven (in Belgium). They applied an antique technology and used one single core of an Intel Xeon CPU six-core chip that was actually released as a product back in 2013. It was only a matter of weeks ago that NIST selected the Supersingular Isogeny Key Encapsulation (SIKE) as one of four new algorithms deemed potent enough to be considered for adoption as a US standard. The algorithm was developed by research teams at several prestigious universities together with Amazon, InfoSec Global, Microsoft and Texas Instruments scientists. Microsoft offered a $50,000 prize to anyone who could crack it, and cracked it duly was. Quantum-proof encryption is increasingly important because it is expected that quantum computers will be able to defeat even the best of today’s encryption algorithms and thus data that is being encrypted now may be decrypted by malign actors in the future, which could be, or indeed would be, disastrous. David Jao, who co-developed the SIKE algorithm with Luca De Feo and Jerome Plut, believes all may not be lost where the algorithm is concerned because the version that NIST is focused on used a single step to generate the key, while a two-step process could provide a “more resilient variant”. Last night I attempted to read the paper written by the aforementioned gentlemen, “Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies”. In fact, I actually did read 90% of it, not that it did me much good. It is several steps up on rocket science and just perusing the one paragraph abstract was more than enough to show me I had met my match – and then some. If you want to have a go, I suggest a quiet sabbatical in a monastic environment reading the beginners guide to Richelot isogenies and abelian surfaces. And good luck with that!

The 2021 Internet Crime Report from the US Federal Bureau of Investigation (FBI) shows there were 847,376 cybersecurity incidents last year that caused some $7bn losses to businesses and enterprises – and that’s just the tip of the iceberg. Back in 2017 the figure was 301,580 incidents, costing some $1.4bn. Businesses, organisations, enterprises, municipalities and governments spend billions on cybersecurity but, particularly where commerce is concerned, all too often the executive top brass in general and boards of directors, in particular, have been oblivious to the huge risks they are taking by not paying sufficient attention to the problems. However, things are changing with more organisations determined to get serious about security after learning the hard way about data attacks - either from personal experience or from hearing the horror stories of friends and competitors who have suffered a breach. Hence the creation of new senior positions, such as chief data protection officer, senior data scientist, chief information security officer, head of cyber defence and so on, who report directly to the CEO and the board. An interesting article from CPO Magazine, published in Singapore, makes some pertinent points. For example, it’s all very well recruiting some heavy-hitters for very senior positions, but many organisations fail to follow through and ensure that security awareness cascades down through the organisation. Furthermore, training has to be a board responsibility, not just that of the IT department. Security has to be a company-wide collaborative endeavour and so the marketing, communications, PR and advertising departments, which have the necessary communications skills, need to be involved from the outset. Then there’s the human factor. People are the most vulnerable part of any organisation. CPO Magazine stresses that cybercriminals are resourceful and flexible, and thus, when faced with improved security environments that are more difficult to penetrate, they will turn their attention to tricking or subverting individuals into giving them access to corporate systems and data. The fact is that cybercriminals need only be successful once to break-in, while companies have to be successful continually, 100% of the time, to keep them out. Effective security is a process, not an event.

Dish Network has reported its second-quarter results for 2022. Net income stood at $523m compared with $671m for the same period last year, while diluted earnings per share were down to $0.82 from last year’s $1.06. Add in another wireless customer loss of 210,000 retail customers, against a 201,000 decrease at the same time last year, and it all points to a steady, if unspectacular, slide for Dish in the wireless part of its operations. Total revenue stood at $4.21bn for the quarter ending 30 June 2022, compared to $4.49bn for the same period in 2021. Read more… 

With the value of non-fungible tokens (NFTs) having plummeted, some people are casting around to find a role other than their current incarnations as over-hyped and vastly over-valued ‘artistic’ assets that don’t actually exist in physical form. NFTs are the serial numbers of individual items of data and media stored across the internet. Owners are registered on the blockchain and thus ownership, whilst private and secure, is publicly verifiable. One hope is that the electronic technology’s “overall utility” will be enough to see it transformed into “a resource for digital identity management and a route to real data privacy”. Only last year, NFTs were must-have digital art assets for people with more money than sense, and the hype had it that sales of NFTs would hit the $90bn mark by the end of this year. Guess what? It won’t. The value of NFTs has fallen precipitately as the cryptocurrency market has contracted – this year it has fallen from a value of $3tn, yes trillion, to less than $900m. Between September and December 2021, the average number of sales of NFTs were in excess of 200,000 a day. Last month that was down to 19,000. A quarter earlier, in June 2022, monthly NFT transactions were worth $4bn. Today that figure is $600m and falling fast. The NFT high-water mark was in December 2021 when an asset called the “Merge” (look it up, you’ll be gobsmacked) was created by a digital artist by the name of Pak. Some 28,983 people purchased a total of 312,000 shares (each one of which is an NFT) valuing the Merge at just under $92m. Mind you, you could have bought a digital painting of the “cobalt blue eyes” of the former US First Lady, Melania Trump, for the digital equivalent of just $180. With so much bandwidth and effort being consumed in the buying and selling of the data belonging to individuals (usually without their clear consent) the idea is that NFTs could permit people to set up encrypted verifiable repositories for their personal data and connect, in complete privacy, with services, apps and websites. It’s certainly an idea. In an interview with the upmarket online broadsheet newspaper The Independent, Emily Wigoder, CEO of the NFT agency Ad Astra, commented: “NFTs are still a relatively new technology, with a vast range of use cases spanning across pretty much every industry… Instead of panicking, we should be using this lull to understand what projects are worth investing our time and energy into and building those to enter the market.”

- The staff, TelecomTV

Email Newsletters

Sign up to receive TelecomTV's top news and videos, plus exclusive subscriber-only content direct to your inbox.

Subscribe

Cookies

TelecomTV uses cookies and third-party tools to provide functionality, personalise your visit, monitor and improve our content, and show relevant adverts.