In light of the cyberattack on the Municipal Water Authority of Aliquippa, the relevant public and private sector entities must reconsider their approach to critical infrastructure. The US government has identified 16 critical sectors, including water, energy, and telecommunications, that rely on supervisory control and data acquisition (SCADA) systems. However, these systems are increasingly integrated with the Internet, exposing our nation’s vital assets to cyber risks, especially given how mission-critical data travels across large-scale networks.
The threat landscape for critical infrastructure is unique. The goal of attacks on these systems often extends beyond data theft to include service disruptions and chaos, which are particularly attractive to state-sponsored actors or terrorists. As we have seen in past incidents, such as the attacks on the Bowman Avenue Dam in New York in 2013 and three utilities in Ukraine in 2015, the consequences of a breach can be devastating.
A Different Way
Traditional digital networks are prone to vulnerabilities, such as man-in-the-middle attacks, where attackers can eavesdrop or impersonate parties in a communication exchange. Like most systems, encryption is taken for granted – rarely evaluated or checked – causing enterprise encryption to suffer from single points of failure i.e., bugs in software, outdated protocols in use, human error, etc. Add to this, the looming quantum threat and the case is made for how enterprise cryptography must be managed continuously, holistically and through policy.
But a solution must be found, especially given how the PQC (post-quantum cryptography) standardization process is scheduled for completion over the coming months. While the NIST warns that it can take up to 15 years for the full transition to be completed, this poses a problem given how a quantum computer may be available before then. Additionally, there’s no guarantee that the crypto standards selected will not be broken by adversaries or vulnerable to implementation errors.
Making Immediate Sense
This is why we’ve developed solutions like Phio TX that are available today. It secures existing network communications links by preventing the theft of encryption keys. Phio TX uses an out-of-band key distribution architecture over a quantum-safe network, ensuring that even if data and keys travel together, they’re not susceptible to being copied from a single network connection. This FIPS 140-2/3 validated solution does not compromise network performance or reliability and extends the life of existing encryption infrastructure into the quantum era.
Furthermore, Phio TX is vendor-agnostic, integrates seamlessly with leading cybersecurity products, and can be deployed across any network media. This flexibility is crucial as it avoids the capital-intensive scenario of replacing existing infrastructure.
Going Beyond the Tech
Our approach at Quantum Xchange goes beyond the nuts and bolts of technology. We’re also committed to delivering modern security solutions that integrate compliance and are resilient. For us, it’s about helping critical infrastructure operators avoid backdoors and vulnerabilities yet to be discovered.
The incident at the Aliquippa water utility should serve as an important call to action for those who have become complacent with their security. It underscores the urgent need for agile, quantum-safe cybersecurity measures to protect our critical infrastructure. Such solutions must deliver the strongest encryption available now while also taking care of what’s to come in the quantum future. Fundamentally, our nation’s critical infrastructure must remain secure and resilient against any threat.
