Category Archives: Internet Security
Only a minority of consumers trust the brands they use. And the Internet of Things (IoT) itself has a trust problem in the consumer sector. Privacy concerns and poor user experience have stymied adoption and created a hesitance among users to trust IoT devices, wrote William Webb and Matthew Hatton in The Internet of Things Myth.
While the adoption of smart-home devices continues to tick upward, privacy and security concerns constrain their use to mainly routine tasks. The most popular smart speaker functionality, for instance, is merely playing music, according to eMarketerresearch.
Meanwhile, IoT device makers continue to face pushback from consumers and regulators over privacy and security. Were in a situation where [IoT manufacturers] are fighting these DDoS [distributed denial of service] attacks and all different types of hacking threats that are out there, said Dilip Sarangan, senior director of research at Frost & Sullivan.
Add to that is the publics frustration with how manufacturers implement Internet of Things security and privacy. Last year, an Internet Societysurvey found that 63% of respondents found connected devices to be creepy. Three-quarters of respondents did not trust IoT device markers to respect their preferences in how data is used.
The situation is unlikely to change until IoT manufacturers become savvier in terms of information governance. Here, we examine common pitfalls to avoid when developing an IoT product.
Believing Open-Source Software Is Bulletproof
Headlines about consumer IoT devices insecurity have remained prevalent in recent years. Most recently, researchers discovered a series of vulnerabilities known asRipple20found in hundreds of millions of IoT devices that extend well beyond the consumer sector. The Ripple20 vulnerabilities affect a vast array of critical IoT devices, including healthcare systems, power grids, smart home devices and more, said Natali Tshuva, CEO of Sternum.
The discovery of the Ripple20 vulnerability is not surprising, said Terry Dunlap, a former National Security Agency employee who is now the CEO of ReFirm Laws. Many IoT devices are built withopen-source components. If there is a flaw in any of these components, its going to get spread far and wide, Dunlap said. While open-source software can provide greater oversight than proprietary software, open-source security researchers and developers cant check for every possible security flaw.
To read the complete article, visit IoT World Today.
View original post here:
Common Internet of Things security pitfalls Urgent Comms - Urgent Communications
US starts work on making virtually unhackable internet a reality; All you need to know about Quantum Internet – The Financial Express
Quantum Loop: For quite some time now, the United States has been working on developing a secure internet, which cannot be hacked. Now, the US Department of Energy (DoE) has released the countrys blueprint for the national Quantum Internet, which the department says would offer the internet world new opportunities and possibilities. Quantum Internet would be developed in the national labs of the department. The department has said that Quantum Internet would one day connect computers to solve incredibly complex challenges, would enable a faster flow of information and open up completely new ideas of economic development and scientific research.
The Quantum Internet would use quantum mechanics in order to transmit information in a more secure manner than is being offered in existing networks.
In order to make Quantum Internet a reality, the department has been working with several universities and industry researchers, and scientists believe that they would be able to come up with a prototype within a decade.
In a statement, the Department of Energy said that important steps towards realising this technology are already being taken in Chicago, which they say has become a leading hub in quantum research.
In February, scientists from University of Chicago and DOEs Argonne National Laboratory in Illinois worked together to entangle photons over a 52-mile quantum loop. This led to the successful establishment of one of the longest land-based quantum networks in the US. This would soon be expanded to connect to the departments Fermilab in Illinois to lead to the creation of three-node 80-mile testbed.
A distinctive feature of the quantum technology-based transmission is that it is exceedingly hard to spy on when the information is being transmitted between locations. This is the trait that scientists hope to use in order to create a network which is virtually unhackable. They believe that initial adopters of such a technology could include banking and healthcare industries, along with applications for aircraft communications as well as national security.
They eventually believe that the use of quantum networks on mobile phones would have broad impacts on the individuals and their lives.
Apart from that, scientists are also looking to understand how the quantum networld could make the exchange of vast volumes of data quickly. The report states that if components can be combined and scaled, then it might be a breakthrough in data communication.
Moreover, networks created by quantum sensors, which are ultra sensitive, could help engineers in monitoring and predicting earthquakes in a better manner or in searching for deposits of gas, minerals or oil underground. Such sensors, they believe, could also be applied in the field of healthcare and imaging.
Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know markets Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.
Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.
Internet Of Everything (IoE) Market Growth Analysis By Manufacturers, Regions, Types and Application Forecast – Market Research Posts
The Internet of Everything (IoE) brings people, process, data and things together to form a networked connection which is more beneficial. The market is still in its nascent stage. The Global Internet of Everything (IoE) Market offers operational efficiency and enables better decision making. Increase in internet usage drives the IoE market growth. A strong demand across several entities high-speed processors, internet security and high network speed equipment sustains demand for IoE.
The Global Internet of Everything (IoE) Market will be growing at a CAGR of 15.3% during the forecast period 20152020.
Increased adoption of IoE by state, federal, and local governments, non-governmental organisations, healthcare organisations, utilities, educational institutions drive the growth of the Internet of Everything (IoE) Market.
Internet proliferation, focus on big data, government initiatives, innovation in manufacturing technology are few growth propelling factors. Data transfer speed is a major constraint in the IoE environment due to the need for high traffic data transfer.
Request For Report sample @ https://www.trendsmarketresearch.com/report/sample/9724
The Global Internet of Everything (IoE) Market is impacted by several technology trends such as mobility, data analytics, social networks, and cloud computing.
Growth potential is high in the emerging markets of Asia Pacific and Latin America. India and China are the fastest growing countries in the developing market. SMEs are the major end users for this technology as it yields them competitive advantage. Increasing FDI investments, improving connectivity, infrastructural investments and government initiatives for digital will positively impact the market.
The Global Internet of Everything (IoE) Market is segmented and analysed by six regions- North America, Western Europe, Asia Pacific, Central Eastern Europe, Latin America and the Middle East & Africa. Each region is analysed in terms of technology, services, applications, and devices.
Segmentation by Technology
The Internet of Everything (IoE) Market is segmented and analysed by Infrastructure and Network Technologies and Application Technologies.
Some of the key industry players include Bosch, Cisco, Ericson, IBM, Intel, and Oracle. The report also includes companies to watch for such as Axiros, Sigfox, and Wireless Logic Group.
Current and predicted business strategies for the leading companies of the market such as Cisco System Inc., PTC Inc. & Qualcomm Technologies, and Intel. Total 23 companies are covered.
Competitive analysis (i.e. current and future key business strategies of the competitors and their regional growth). A detailed competitive profiling of all the major vendors in the market. Competitive benchmarking in terms of product/service offerings, mergers and acquisitions, strategic alliances, business strategies etc.
The report will be useful for the key stakeholders of the IoE market such as technology providers, device providers, and application providers in the following ways:
The report provides an in-depth analysis of the Internet of Everything (IoE) market globally. Bringing out the key insights of the industry, the report aims to provide an opportunity for players ranging from SMEs to larger enterprises and even for the start-ups to understand the latest trends and technologies related to the IoE market.
The report provides a detailed analysis of the global industries in terms of technology, services, applications, devices, verticals and regions. The report entails information related to the latest industry and market trends, key stakeholders, industry pest analysis and competitive landscape. It includes implementation, opportunities and adoption rate of IoE in the industry. It also includes the end user analysis. This analysis was done based on global end user survey.
More Info of Impact Covid19 @ https://www.trendsmarketresearch.com/report/covid-19-analysis/9724
Its not every day you get challenged to hack a business leader. But when Jake Moore, a cyber security specialist at ESET, was invited to a debate with the CEO of a firm in Dorset on internet security, thats exactly what happened.
I bet you cant hack me, the CEO said, laying down the gauntlet ahead of the debate.
Advertisement - Article continues below
Oh, really? Moore thought, raising an eyebrow.
He accepted, but suggested that the best way to get the debate going was to try and hack his business. This would give him three weeks to plan and execute an attack on a man hed specifically told was a target.
For some reason, I got really cocky at this point, Moore says. I said, I bet I could even get your shoe size.
And so began a cautionary tale involving a weak password, a gullible personal assistant and the size of an executives feet.
Moore created a fake LinkedIn profile, using a generated image of an attractive woman, which he suggests is the quickest way to make it look legitimate. The account had about 2,000 followers, mainly men, in about two weeks, which would seem to prove his point.
Next, Moore filled out the profiles employment history, adding lots of fantastic sounding companies and listing ITV as her current employer. He sprinkled in some personal info too, listing Bournemouth University where he actually studied as her alma mater. As he explains later, these bits of information are tailored to the victim.
Advertisement - Article continues below
Now, with the CEO expecting something suspicious to come through any of his inboxes, Moore decided to send a LinkedIn request to his personal assistant instead. It was accepted, straightaway. He followed up with a message: I work for ITV and our production team are planning a programme on how digital marketing companies are coping in the wake of GDPR. We're keen to feature vibrant companies such as yours to jazz up the subject and you guys look ideal. I see you're in Bournemouth too. I studied at Bournemouth University and would love an excuse to visit again
The message, Moore explains, not only has the bait of TV exposure but a personal influence; Hey, were both from Bournemouth. He isnt just making a LinkedIn connection, hes making a friend too. He rounds off the email with a note of urgency: If its something you're interested in, let me know ASAP.
Advertisement - Article continues below
The PA replied quickly, saying the company would love to, believing its an opportunity to raise its profile, while failing to do any background checks other than reading the LinkedIn profile. Moore replied back, asking if he could send through an application form for her boss to fill in. Yes, of course, she said.
So he's there thinking Jake's coming for me, I'm not touching a mouse, Moore says. However, the PA probably storms into his office, you're never gonna guess what: We're going to be on TV!
With Google Forms and some ITV Production Team graphics, Moore created a believable questionnaire. He put all the various details you would expect to see: Name, address, date of birth, and so on, knowing its going to be filled in because the unsuspecting CEO is thinking who cares, Im going to be famous.
So he added more, sexual orientation, disability, ethnic origin and then, shoe size. He tagged it as sponsored by Clarks, making it seem like a product placement spot. He also asked for a password to set up an ITV.com account, with an asterisk compelling the victim to put one in.
The IT Pro Podcast: The secret life of hackers
What its really like to be a professional penetration tester
No joke in about 15 minutes I get a notification that says someone has entered the details, Moore says. I kid you not, his password was Tottenhamhotspurs84. If you were going to start researching someone on the internet where would you start? Probably with someone's Facebook account.
Advertisement - Article continues below
Im not their Facebook friend so I can only see limited things but I found out he was a Tottenham supporter from seeing his profile photos, which are public, and a public post saying happy 30th birthday which told me that he was 30-years old in 2014 so born in 1984.
A few weeks later, Moore was up on stage with the CEO in front of an audience of his employees. As he started explaining the fake LinkedIn account he could see his mark turning red, clearly beginning to piece it together. Moore had the room in stitches as he revealed all the information he was secretly able to extract.
The thing that I still feel slightly bad about was after I released it all and everyone had a good old laugh, the room fell silent and then there was a voice at the back. It was the personal assistant, he says.
I told my mum I was gonna be on TV!
The IT Pro guide to audio collaboration
Make audio a priority for a successful remote working strategy
How malware and bots steal your data
Protect your organisation with a layered defence
Modern networking for the borderless enterprise
5 ways top organisations are optimising networking at the edge
IT managers best practice guide to hybrid cloud
Your blueprint to hybrid cloud success
Read this article:
What are you giving away on social media? | IT PRO - IT PRO
Written by Aashish Aryan, Edited by Explained Desk | New Delhi | Updated: July 28, 2020 7:20:59 am The usage of these apps, the company had in its note said, increased during lockdown in the backdrop of heightened domestic violence cases. (File Photo)
Global cyber-security leader Avast has in a note warned that there was a 51 per cent increase in the use of spyware and stalkerware during the lockdown period from March to June. The usage of these apps, the company had in its note said, increased during lockdown in the backdrop of heightened domestic violence cases.
Spy and stalkerware apps, like viruses and other malware, infect devices that are connected to the internet. While viruses and malware can be detected by anti-virus software, spyware and stalkerware apps disguise themselves as useful and send out stolen data to central servers without the knowledge of the users.
Ironically, most spyware and stalkerware apps disguise themselves as anti-theft applications that can be used to track in case the device is stolen or gets lost, cyber-security experts warn.
A spyware app, which can also be installed remotely, accesses the data usage pattern of the device, gains access to photos and videos as well as other personal information of the user, and then passes it off to a central server.
On the other hand, in most cases, a stalkerware app can be installed only when someone has physical access to the digitally connected device. Though the app works in a manner similar to spyware apps, it goes a step ahead and also gives out the location of the device to a master device which controls the stalkerware app.
Most stalkerware apps work in stealth mode with no trace of the app having ever been installed. Once installed, such apps can allow the master device to control, intercept, and even change your emails, text messages and your communication on social media platforms, a Pune-based cyber-security expert said.
Express Explainedis now onTelegram. Clickhere to join our channel (@ieexplained)and stay updated with the latest
There are two of three-types of spyware and stalkerware applications. For spyware apps, the easiest method is to disguise the spying code inside the unauthorised versions of premium apps.
For example, someone can claim to have a cracked version of a premium app such as Spotify. Now, whoever installs such apps can be remotely tracked easily. Since the code of the application (inside which the spyware codes are hidden) do not spy on the users, such codes pass the scrutiny of anti-virus programmes, said the expert, who also works with government and security agencies.
Stalkerware apps on the other hand, seek explicit permissions at the time of their installation. Once the app is installed in the phone, it can be hidden from the apps menu into the background, from where they continue functioning.
There are some dedicated apps which people install on their partners or their kids phones. When you install such apps, it asks for permissions such as access to gallery locations, call logs among other things. Once you do that, the master device which has a dashboard can see whatever is going on with the other device, Guwahati-based independent cyber-security researcher Indrajeet Bhuyan said.
Also read | Google to restrict ads for tracking technology, spyware
One of the main reasons, experts said, is the increased usage of internet by everyone due to various lockdown measures in place.
With apprehensions around Covid still in place, everything has gone online. Anything and everything which could bought offline from a market is now at your doorstep. But bringing that to the doorstep requires going online, which is where the opportunities for cyber criminals come, the Pune-based expert said.
Another reason, highlighted by the UN Women in a report in April, was security, health, and money worries which was further accentuated by cramped and confided living spaces.
Emerging data shows that since the outbreak of COVID-19, reports of violence against women, and particularly domestic violence, have increased in several countries as security, health, and money worries create tensions and strains accentuated by the cramped and confined living conditions of lockdown, the UN women had said in its report.
The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines
For all the latest Explained News, download Indian Express App.
The Indian Express (P) Ltd
Almost a month ago, the Ministry of Information Technology took the unprecedented step of banning 59 apps/services on the purported grounds that these services were prejudicial to the sovereignty and integrity of India. At the time it was unclear what a ban entailed and how it would be implemented and/or enforced.
However, the subsequent weeks between companies voluntarily suspending their services, Apple and Google de-listing them from their respective app stores and telecom service providers being ordered to block these apps, the ban has been 'technically' enforced from the perspective of an average user that may not want to navigate the world of Virtual Private Networks (VPNs) and TOR. So, for now, it appears that we have the answer to the second question.
Reports now suggest that 47 more apps could be facing a ban with another 275 being monitored closely.
Forests, trees and branches of the internet
In the context of the stand-off between India and China, these moves have and will be portrayed as a strong response to China. As Alex Stamos (former CSO at Facebook) of Stanford's Internet Observatory illustrates there are several overlapping considerations - many of these are applicable to India too.
Thus, as far as the future of the internet in India (and even the world) goes, these developments cannot be viewed in isolation. And must be looked at in combination with recent events in India, its stated position on cyber sovereignty as well as global trends.
Also read: China says it will take 'necessary measures' to protect interests of its companies in India
In early July, the websites of three environmental advocacy groups were blocked without any direct warning/notice. In one of these cases, the Delhi Police issued a notice to a service provider catering to one of these groups citing the Unlawful Activities (Prevention) Act (UAPA). This notice was withdrawn 14 days later and a fresh one citing the Information Technology (IT) Act was subsequently issued.
And while it appears that access has mostly been restored, some telecom providers continue to block the websites in question. Back in May/June, file sharing service WeTransfer was also blocked. And since the relevant sections of the IT Act allow for confidentiality, these orders were not officially released in the public domain.
Though imperfect, it is evident that the capacity to execute these block-lists is improving. Media reports referencing an increase in apps being banned also indicate that a 'framework' for 'constant scrutiny' of the apps operating in India is being developed. With these developments, the groundwork for what can evolve into a separate Indian internet could well be in place. There have also already been experiments with allow-lists as in the case of Jammu and Kashmir in response to the Anuradha Bhasin judgement in the Supreme Court.
Also Read: Indias growing economic reliance on China may be tough to break
And as I've argued in this space before, in multilateral engagements, India does espouse the idea of sovereignty over 'domestic cyberspace'. It has also chosen not to make its comments on the ongoing Open Ended Working Group consultations on developments in the field of information and telecommunications in the context of international security available publicly.
This also needs to be viewed alongside developments in Hong Kong in the aftermath of the passage of the national security law. Companies like Facebook, Twitter, Google, Zoom, Microsoft and even Bytedance (TikTok's parent company) have chosen to pause processing of data requests. And may very well be the first steps towards making the 'special administrative region' of Hong Kong an offshoot or splinter of the Chinese branch of the Internet.
It is also important to note that India's actions have seemingly enabled countries like Australia and the United States to elevate the pitch of their criticism. In July, there have been instances of members from the executive and legislative branches of their governments advocating for bans on TikTok.
Breaking the internet
A recent report by Freedom House points out that 'cyber norms promoted by China and Russia are expanding to countries such as Brazil, India and Turkey' and contends that the subsequent splintering of the internet could result in more governments pursuing the cyber sovereignty model. Another report analysing government responses to disinformation across different countries (based on surveys) for the Library of Congress concluded that foreign intervention and disinformation was considered a threat to national security especially ahead of national elections.
Whether intentional or not, the tendency to pin the blame for disinformation on foreign actors also strengthens the narrative that a domestic or national internet will address disinformation/misinformation. This is likely to result in calls to link real-world identification with presence on the internet and further cleave domestic from international/global spaces. In fact, we have already seen representations to this effect made in Indian courts as recently as May. And the current publicly available draft of the personal data protection bill also proposes voluntary verification.
With the second largest (and still growing) internet user-base, India's actions will play a significant role in shaping the future of the internet. If one were to try and read the tea leaves at this juncture, it appears we are on a trajectory to break the internet, just not in a good way.
(Prateek Waghre is a Research Analyst at The Takshashila Institution)
The views expressed above are the authors own. They do not necessarily reflect the views of DH.
Posted: Jul 23, 2020 12:41 PM CDT
by Alabama News Network Staff
Twitter is now explaining what happened last week when dozens of high profile Twitter users were hacked, sending tweets asking for money.
In a blog post Twitter said it believes the attackers used a social engineering scheme to trick some of its employees to divulgeconfidential information.
The Twitter accounts of Barack Obama, Joe Biden, Warren Buffett, Elon Musk and several others suddenly sent out a tweet, announcing they would be doubling the amount of money followers submitted to a Bitcoin locker. The tweets read the offer was good for only 30 minutes.
The hackers managed to scam followers out of more than $120,000.
As you may know, Twitter announced it is allowing employees to work from home for the rest of the year. It is not known if the employees who were tricked into giving out the information were working from home at the time but some cyber-security experts believe this type of scam is more likely to be successful if employees are not in the office.
Because people are working from home, they have their work laptops at home, especially for people working at companies where there isnt this remote work culture, said Alex Guirakhoo, the leader on the research team at Digital Shadows.
They dont typically allow for remote work and have had to adapt to this new culture of everyone being available to work from home. So people may not have that security culture awareness and they might be accessing personal accounts on their work machines, which they probably shouldnt be, he said.
Email phishing attacks are on the upswing. From the end of February through March, the tech security firm Barracuda Network showed phishing attacks jumped by 667% (according to TechRepublic).
Email phishing typically involves emails to people, in this case employees, with a link that installs malware on the computer. Another frequent method is to pose as a coworker or supervisor and simply ask someone to provide information or access to data.
What can you do as an employee to protect your company? Ask. It isnt as simple as when you were in the office and you could lean over to the person at the next desk and ask about an upcoming meeting, or check with a supervisor face-to-face before divulging information or access. If you are working from home and you get a suspicious email you didnt expect was coming, call the office to double-check.
If you are working from your companys laptop at home or remotely, refrain from conducting any personal business, web browsing, email or social media and do that from a personal computer or mobile device.
Outlook on the Internet Security Software Market to 2025 by Application, End-user and Geography – CueReport
Global Internet Security Software Market 2020 by Manufacturers, Type and Application, forecast to 2025 is a comprehensive study that delivers market data with characteristics, era, and market chain with analysis and developments and increases. The report offers a prompt point of view on the Internet Security Software market, explaining the industry supply, marketplace demand, value, competition, and its analysis of key players with industry forecast from 2020 to 2025. It speaks about the market major leading players, market size over the forecast period from 2020 to 2025.
The Internet Security Software market report offers significant information regarding this business vertical. As per the document, the market is estimated to record considerable growth as well as amass notable gains during the estimated timeframe.
Request Sample Copy of this Report @ https://www.cuereport.com/request-sample/25528
The study elaborates the major trends of Internet Security Software market while evaluating the growth opportunities, industry size, volume of sales and revenue predictions. The report also provides a detailed assessment of the various segmentations and their respective impact on the overall market outlook. Moreover, it analyzes the effect of COVID-19 pandemic on the growth rate as well as remuneration generation of the market.
Request Sample Copy of this Report @ https://www.cuereport.com/request-sample/25528
As per the regional scope of Internet Security Software market:
Other data specified in the Internet Security Software market report:
Some of the key questions answered in this report:
What will the Internet Security Software market growth rate, growth momentum or acceleration market carries during the forecast period?
Which are the key factors driving the Internet Security Software market?
What was the size of the emerging Internet Security Software market by value in 2020?
Which region is expected to hold the highest market share in the Internet Security Software market?
What will be the size of the emerging Internet Security Software market in 2025?
What trends, challenges and barriers will impact the development and sizing of the Global Internet Security Software market?
What are sales volume, revenue, and price analysis of top manufacturers of Internet Security Software market?
What are the Internet Security Software market opportunities and threats faced by the vendors in the global Internet Security Software Industry?
Request Customization on This Report @ https://www.cuereport.com/request-for-customization/25528
U.S. government says quantum internet will herald "a new era of communications."
The internet, that global interconnection of networks, routers and protocols flinging data around the planet, has touched almost every aspect of our lives. It is, arguably, the greatest invention of the 20th century. Unfortunately, it's also a flawed one. The existence of a $173 billion (135 billion) cybersecurity industry highlights the scale of the data protection and privacy issues that consumers, business and governments face when using the internet.
But what if there was a 21st-century alternative that promised to secure the movement of data more completely than ever before?
What if there was a quantum internet that came with a promise of being virtually unhackable?
That's precisely what the U.S. Department of Energy (DOE) has said is to be built to usher in "a new era of communications" and push the U.S. to the "forefront of the global quantum race."
What's more, the DOE announced during a July 23 press conference, a working prototype is expected to be completed within the next ten years. I'll return to the unhackable claim shortly, but first, let's examine just what this quantum internet blueprint involves.
The DOE press conference was held at the University of Chicago and revealed the details of a meeting between DOE national laboratories, universities, and businesses in February, where the plan to build a quantum internet was hammered out.
Emerging from the National Quantum Initiative Act that President Trump signed in December 2018, the participants prepared the strategic ground for a national internet built around the principles of quantum mechanics.
See this MIT Technology Review explainer of quantum communications for a brilliantly accessible overview of the technicalities.
Already in the early stages of development, the DOE hopes that the quantum internet will have a "profound impact on areas critical to science, industry, and national security."
As such, it is not intended as a direct replacement for the internet as we know it. Instead, it would run in parallel as a supplementary network for the banking and health industries as well as serving the national security interest.
The full report blueprint, "From Long-distance Entanglement to Building a Nationwide Quantum Internet," covers all the critical objectives from building and integrating quantum network devices through to expanding the network between cities and ultimately states.
Scientists from the DOE Argonne National Laboratory in Lemont, Illinois, along with those from the University of Chicago, have already created a 52-mile "quantum loop" in the Chicago suburbs. The next step will be to add the DOE Fermilab in Batavia, Illinois to establish an 80-mile testbed.
All 17 DOE National Laboratories will eventually be connected to form the quantum internet backbone, with this working prototype expected to be up and running within a decade. "The Department of Energy is proud to play an instrumental role in the development of the national quantum internet," the U.S. Secretary of Energy, Dan Brouillette, said.
However, as the Washington Post reported, the United States is far from alone in developing quantum networks, with China being the most significant rival. A 1,263-mile quantum link exists between Beijing and Shanghai, dwarfing the U.S. efforts so far.
Paul Dabbar, U.S. Under Secretary for Science, said that the quantum internet brings the country "one step closer to a completely secure internet." As someone who has been involved in the business of online security for three decades, starting around the same time that the term cybersecurity was coined in 1989, Dabbar's last three words make me shudder.
There is no such thing as completely secure. Abrand new and unboxed computer might have had malware installed somewhere along the supply chain, and the operating system will likely have vulnerabilities. Until you open the box, it is effectively Schrodinger's computer: secure and insecure simultaneously.
The DOE statement is somewhat more sensible, in my opinion when it talks of relying upon the laws of quantum mechanics to "control and transmit information more securely than ever before." More securely, not completely securely.
Then it goes and spoils everything by using the phrase "virtually unhackable networks."
A quantum internet will not be unhackable: it will likely be much harder for anyone to eavesdrop on the transmission of encrypted data using quantum key distribution (QKD), but that's not to say it's impossible.
Yes, the decryption keys are sent using qubits in a quantum state, which means that if a hacker were to attempt to observe them in transit, then they are altered, they collapse, the hack attempt is visible and the keys are discarded, new ones generated and the process starts again.
Great, in theory. In practice, and there are plenty of QKD networks operating already, it's the weak spots such as optical fiber termination points, switches and connections that will be targeted by hackers. Not forgetting the human element, be that by way of configuration errors, bad actors or social engineering attacks.
Security does not involve one single point of attack, quantum or otherwise.