.IBM, Vodafone and members of the GSMA have released a policy paper outlining critical ways to protect telcos from quantum age cyberthreats. And although the group does not expect a potentially dangerous quantum hacking system to appear until 2032, for a number of areas the threat has ceased to be illusory. Information for long-term storage classified as "Secret" and personal data of citizens are already under attack. We must act immediately.

The Post Quantum Telco Network Impact Assessment document on assessing the impact of quantum technologies on telecommunications networks can be downloaded from this link. This 57-page expert text provides an in-depth analysis of the quantum security threats that the industry is already facing and will soon face even more, as well as a detailed step-by-step list of actions and solutions to prepare to mitigate these threats.

In particular, the paper provides an assessment of the business risks associated with quantum cyber threats for specific telecom operators, including four types of attacks that have the greatest impact: data accumulation now, decryption later; code signing and digital signatures; as well as history modification and attacks on key managers. For example, attackers can already today accumulate information protected to the point of impossibility of hacking in a reasonable time, with the hope of decrypting it after the advent of quantum platforms.

It will be possible to counter future threats only with the adoption of new security standards, which, by the way, are already being developed by the same company IBM. This applies not only to protocols and encryption algorithms, but also to SIM cards, public key infrastructure, digital certificates, and much more. Considering the general inertia of all bureaucratic structures, reasonable fears arise that in ten years it will be either impossible or extremely difficult to seriously change something.

“The emergence of such a technology [quantum cyberthreat] requires immediate preparation, since some forms of attacks can be retrospective (for example, “store now, decrypt later”). Motivated attackers can collect and store data now in order to decrypt it when certain quantum computing capabilities become available. According to the report, such entities may do so to "undermine the security of long-term data such as corporate IP, government secrets, or individual biodata," IBM said in a press release.