Publications
IEEE International Conference on Quantum Computing and Engineering (QCE21):
Cybersecurity for Quantum Computing
With rising cyberattack frequency and range, Quantum Computing companies, institutions and research groups may become targets of nation state actors, cybercriminals and hacktivists for sabotage, espionage and fiscal motivations as the Quantum computing race intensifies. Quantum applications have expanded into commercial, classical information systems and services approaching the necessity to protect their networks, software, hardware and data from digital attacks. This paper discusses the status quo of quantum computing technologies and the quantum threat associated with it. We proceed to outline threat vectors for quantum computing systems and the respective defensive measures, mitigations and best practices to defend against the rapidly evolving threat landscape. We subsequently propose recommendations on how to proactively reduce the cyberattack surface through threat intelligence and by ensuring security by design of quantum software and hardware components.
Mapping the Quantum Computing Threat to MITRE ATT&CK Matrix for Enterprise
The Quantum Computing Threat has been difficult to translate into actionable threat intelligence and operative measures. This work introduces the first mapping of quantum computing TTPs embedded into the taxonomy of MITRE ATT&CK, making it comparable to existing risks and attacks, enabling security professionals to evaluate the emergent threat of quantum computing. We conclude that most techniques used in quantum threats are not novel, but extensions of known sub-techniques. Our findings also map to known detection capabilities, as well as mitigation techniques, which stay effective in response to the emerging quantum threat as it develops.