3 Ways to Protect Yourself from State-Sponsored Attacks

Share on facebook
Share on twitter
Share on linkedin
Share on email

By Nate Nelson

State sponsored cyber attacks hardly make for exciting news anymore. When Russia hacked SolarWinds, it sparked international headlines for weeks. A few months later China hacked Microsoft, and you’d be hard pressed to find anyone outside the industry who knows about it. Perhaps we’re verging on the point at which state sponsored attacks are too common, too repetitive to feel novel. But they remain as dangerous as ever–you can’t take your eye off the ball now.Here are just a few steps you can take to protect your enterprise against state sponsored attacks…

Training

Almost every single cyber attack that has ever occurred has been the result of some kind of human error. Maybe it began with a server left unprotected on the open internet or, more commonly, a software vulnerability left unpatched. Often, it’s a phishing email sent to a low-level employee. The weakest link in any cybersecurity setup is not the machinery itself, but the people who operate it. Thus, to protect your enterprise against any attack–state sponsored or otherwise–training employees must be priority number one. This applies equally to employees directly involved in security, and those otherwise not involved with it at all.

Zero Trust

It looked like an ordinary software update. It was a software update. How could anyone have known? The SolarWinds attackers took advantage of the trust that companies place in their partners. The assumption that if a third-party provider is trustworthy in and of themselves, that everything they do will also be trustworthy. SolarWinds was a large, established company serving many of the biggest organizations in the world, so of course they could be trusted with complete, unfettered access to your networks. Right? The rise in supply chain cyber attacks, in particular, has accelerated the push towards “zero trust” security. According to the philosophy of zero trust, an enterprise must sever every relationship, every mechanism in their network which relies on trust in an outside party. Only in isolation, with complete control over all inbound information flows, can an enterprise be considered secure enough.

Quantum Key Distribution

The Enigma machine was uncrackable until it wasn’t. Every advanced encryption algorithm ever created might have seemed untouchable, until some engineer discovered a loophole and unraveled the whole thing.

Enterprise cybersecurity relies on the security of information pathways. Even if an origin and endpoint are perfectly secure, any data in transit must also be resilient against spying and tampering. That’s why we have encryption. But encryption only works until it doesn’t.

Quantum key distribution, on the other hand, is provably unbreakable in a lab setting. It works like ordinary public key cryptography, except it goes one step further, leveraging the fundamental laws of physics to protect against tampering. Information takes the form of “qubits”: bits which exist in a superposition of two states–neither 0 nor 1, but some combination of both–until the point at which they’re read by a receiver. Because the act of observation necessarily collapses the dual state of the qubit, any two parties using QKD can know if their data in transit has been sniffed by an outside party.

The problem with QKD however is that it isn’t ready for prime time. It only works in lab environments using special equipment, and only works over short distances. According to the NSA, the limitations are as follows:

Quantum key distribution requires special purpose equipment. QKD is based on physical properties, and its security derives from unique physical layer communications. This requires users to lease dedicated fiber connections or physically manage free-space transmitters. It cannot be implemented in software or as a service on a network, and cannot be easily integrated into existing network equipment. Since QKD is hardware-based it also lacks flexibility for upgrades or security patches.

Quantum key distribution increases infrastructure costs and insider threat risks. QKD networks frequently necessitate the use of trusted relays, entailing additional cost for secure facilities and additional security risk from insider threats. This eliminates many use cases from consideration.

Securing and validating quantum key distribution is a significant challenge. The actual security provided by a QKD system is not the theoretical unconditional security from the laws of physics (as modeled and often suggested), but rather the more limited security that can be achieved by hardware and engineering designs. The tolerance for error in cryptographic security, however, is many orders of magnitude smaller than in most physical engineering scenarios making it very difficult to validate. The specific hardware used to perform QKD can introduce vulnerabilities, resulting in several well-publicized attacks on commercial QKD systems.

Quantum key distribution increases the risk of denial of service. The sensitivity to an eavesdropper as the theoretical basis for QKD security claims also shows that denial of service is a significant risk for QKD.

For these reasons, quantum key distribution won’t help you against state-sponsored attacks. But similar technologies–those that leverage the same quantum principles, without relying on perfect conditions–possibly can.

At Quantropi, we believe that every organization needs to harden today’s defences against attacks. We’re the only cybersecurity company in the world providing the 3 prerequisites for cryptographic integrity: Trust, Uncertainty, and Entropy (TrUE). Powered by quantum mechanics expressed as linear algebra, our patented TrUE technologies establish Trust between any two parties via quantum-secure asymmetric MASQ™ encryption (coming soon); ensure Uncertainty to attackers, rendering data uninterpretable forever, with QEEP™ symmetric encryption; and provide Quantum Entropy as a Service (QEaaS) with SEQUR™ – ultra-random key generation and distribution to enable secure data communications. All Quantropi’s TrUE technologies are accessible via our flagship QiSpace™ platform.

In the end, state sponsored cyber attacks will always leverage the most cutting edge technology–possibly that which isn’t even available to the private sector. They will be first to leverage the power of quantum computers. To protect your enterprise against state sponsored attacks, you’ll have to have quantum in your arsenal, too.

Quantum-secure any application, product, network, or device with the QiSpace™ platform — without having to sacrifice performance or make major investments in new technology or infrastructure. See for yourself how only QiSpace™ offers TrUE quantum security via all three essential cryptographic functions. Leverage asymmetric encryption algorithms (the “Trust” or “Tr” of “TrUE”) via MASQ™, symmetric encryption (“U” for “Uncertainty”) via QEEP™ and strong random numbers (“E” for “Entropy”) via SEQUR™.  Make it TrUE with QiSpace™ — and protect your business, brand, and customer promise. Now and forever. 

To learn more about our quantum-secure solutions, don’t hesitate to get in touch with our experts!

Share on facebook
Share on twitter
Share on linkedin
Share on email

Nik Mahidhara

Prior to joining Quantropi, Nik most recently provided strategic and tactical leadership as Director of Finance overseeing a large corporate treasury department. Here, he managed over $2B in operating funds and $1B in financing. Other responsibilities included cash management and forecasting, liquidity and investments, corporate financing, financial risk management as well as accounting and internal control management. Preceding that, Nik provided assurance, accounting and advisory services focused on high tech clients with PricewaterhouseCoopers (PwC) Canada. Nik has held progressive finance roles in various different environments and holds a Chartered Professional Accountant (CPA) designation and an MBA from the Schulich School of Business.

Pauline Arnold

As James Nguyen’s EA, Pauline Arnold brings more than 40 years of experience in complementary customer service and administrative roles. Prior to Quantropi, she served 20 years as Branch Manager and an assistant in investments, and over 20 years at Metropolitan Life Canada in various aspects of the insurance sector – assisting clients, management and colleagues to complete tasks, solve problems, address questions and achieve goals. She also worked part-time for Royal Lepage Performance for 5+ years as a receptionist & admin, and for 5 years was chair of the TKFG’s charity golf tournament.

Dr. Randy Kuang

Randy holds a doctorate in quantum physics. His research findings have been published in top international journals and named “Kuang’s semi-classical formalism” by NASA in 2012. With a career spanning IT, including with Nortel as senior network researcher & developer, he co-founded inBay Technologies in 2009, serving as CTO of the cybersecurity platform. As the first recipient of a patent for two-level authentication (2011), Randy is a prolific inventor, with 30+ U.S. patents in broad technology fields, such as WiMAX, optical networks, multi-factor identity authentication, transaction authorization, as well as concepts, technologies and industrial applications for quantum key distribution.

Cory Michalyshyn

Cory brings a breadth of experience to the Quantropi team, working fractionally with multiple SaaS technology companies as CFO, and as the CFO with Celtic House Venture Partners. Prior to these roles, Cory was CFO and COO at Solink, and played a lead role in the metrics-led pivot to a direct-sales SaaS model, followed by multiple VC-backed funding rounds and their recognition as one of the fastest growing start-ups in Canada. He qualified as a CPA while serving technology, VC & PE-fund clients at Deloitte, and earned his Bachelor of Commerce at Queen’s University.

Ken Dobell

Ken leads marketing strategy at Quantropi. In high demand as a consultant with 25 years’ experience in performance media and an award- winning creative background, he has completed successful transformations, (re)branding and product development mandates with KPMG, Keurig DrPepper, Fidelity,the Previan Group of companies, Coveo, and numerous others. Previously, Ken pivoted an offline advertising brokerage to a leading-edge, data-driven performance agency as President of DAC Digital, held a progression of international leadership roles with Monster.com in North America and Europe, pioneered a range of multi-channel initiatives as VP Marketing with a global franchisor, and introduced a mobile-first programmatic media offering to Canada within WPP.

Raj Narula, P.Eng.

A seasoned technology executive, business builder and angel investor, Raj has held operational and advisory roles in Recognia (Trading Central), Belair Networks (Ericsson), March Networks (Infinova), Sandvine (Procera), Neurolanguage (ADEC), Bridgewater Systems (Amdocs), Vayyoo (Cafex), TenXc (CCI), 1Mobility (Qualys) and others. Having divided his time among North America, EMEA and Asia-Pac for over 20 years, Raj speaks several languages. He grew up in Asia, Europe, South America and Canada, and holds a B.Eng degree in Mechanical Engineering from the University of Ottawa. He is also a co-founder and Charter Member of the Ottawa chapter of TiE (the Indus Entrepreneur).

Michael Redding

Before joining Quantropi, Mike was Managing Director and co-founder of Accenture Ventures, where he grew a global portfolio of strategic partnerships and 38 equity investments in emerging technology startups.

During his nearly 30 years with Accenture, he incubated and launched technology innovations for enterprises across multiple geographies and industries. Ever-passionate about bold ideas with game-changing results, he speaks frequently on the impact of emerging technology on large organizations.

With a bachelor’s degree in Electrical Engineering and Computer Science from Princeton, and a Master’s in Biomedical Engineering from Northwestern, Mike is a former member of the Board of Directors for the Accenture Foundation and Board Observer for startups Maana and Splice Machine.

Alex He

Alex is a product-oriented project manager who bridges the gaps between the company’s engineering and commercial teams. He has over ten years of experience in the analysis, design and development of enterprise-class applications, with a particular focus on creating optimal user experiences (UX). Ever passionate about cybersecurity solutions that can deliver solid security without unreasonably sacrificing customer convenience, Alex is the lead inventor of a registered patent on user interface security. He is committed to helping ensure that the Agile software engineering team at Quantropi delivers consistently high-quality, high crypto-agility cybersecurity solutions for next-generation communications.

Nick Kuang

As VP Corporate Services, Nick plans, directs and coordinates a wide range of activities aimed at achieving Quantropi’s vision of the Quantum Internet. He has a keen interest in transformative technologies and the possibilities they offer for bettering our everyday lives. A pharmacist by training, Nick nurtures teams with a focus on integrity and collaborative effort, coupled with strong attention to detail. With prior experience in a successful biotech start-up developing point-of-care test kits, he enjoys the fast pace and challenge of the start-up environment.

Tina Wang

Tina develops websites and participates in a range of different projects, using new frameworks for front-end UI, along with Vuejs, Angula, Beego, Ruby on Rails, and Electron. She developed Quantropi’s desktop CipherSpace application by integrating Electron, Webassembly and Go, to ensure a good user experience, as well as perfect operating system compatibility. She is also part of the dynamic and efficient QKD-NODE project team. Tina is always looking for new ways to increase her knowledge, improve her technological proficiency and enhance her strong execution and implementation skills. Prior to Quantropi, Tina served as a full-stack web developer at Sunny Future, where she maintained a WordPress home site and managed the release of new content for the company.

Bond Vo

Bond Vo is the Business Analyst of Quantropi. Along with Quantropi, Bond has been dynamic in accordance with a fast and evolving startup environment and is responsible in a wide range of areas including market research, funding, and more involved in the controller roles to oversee day to day accounting operation as well as build financing models and budget to achieve company’s ultimate goals/objectives. Bond has applied best practices consistently and successfully supports equity, debt, and non-dilutive funding for Quantropi since joint the team. He earned a Bachelor of Commerce concentrated in Finance from Carleton University. Outside of his professional career, Bond also participated in volunteer for the Vietnamese Immigration Student Association (VISA) to help and support students as well as newcomers in Canada.

Dafu Lou

Dafu is Quantropi’s Director of engineering. Prior to Quantropi, he served as a technical leader at Irdeto, a world-leading provider of digital platform security software, where he was responsible for white-box cryptography, cloaked CA secure core, and iOS/android application protection services, among others. Prior to Irdeto, Dafu served as a senior software engineer at SecureNex Systems, where he led the implementation of an SSL-VPN solution and ECC-based secure data storage & PKI. He earned his Ph.D. in electrical engineering from the University of Ottawa in 2009. Dafu is also a part-time professor, teaching VLSI, Cryptography and other subjects at uOttawa.

Jay Toth

Prior to joining Quantropi, Jay was Chief Growth Officer of Kepro, responsible for the organization’s overall growth strategy in government markets. Before that, Jay held a progression of sales leadership and general management roles during his nearly 17 years at Microsoft, including GM, Enterprise Services, State and Local Government & Education, during which period he was responsible for the most complex business in the U.S. subsidiary (with 2,000 customers across the country), nearly doubling revenue from $160M to over $300M. Prior to his career at Microsoft, Jay was VP at Risetime, where he launched and ran a Financial Services practice area; a Principal at Lakefront, where he was responsible for business development and strategic partnerships; and a Manager at Accenture in the Emerging Technology Solutions group. He holds a Bachelor of Science in Mechanical Engineering from the University of Virginia.

Christopher McKenzie

With his extensive experience in software development and strong analytical skills, Chris can handle the entire end-to-end software development life cycle. Prior to Quantropi, he served as Director of Product Development at Sphyrna Security, Inc., where he managed the delivery of security compliance automation and data diode appliance products, and as Commercial Software Development Manager at Cord3, Inc., where he managed the development of an advanced data access policy management product. Chris graduated from Computer Science at Algonquin College and the Ottawa School of Arts in 1998. Read less

Eric Chan

Eric Chan a.k.a. EEPMON is a Crypto / Digital Artist with 15 years in the industry – and Quantropi’s Creative Emissary. His hybrid fractal/digital creations have been seen in fashion, comics to museums and has exhibited worldwide. EEPMON’s collaborations include Canada Goose, MARVEL, Snoopy, Microsoft Xbox, Canada Science & Technology Museum and was a TEDx performing artist. In 2018 he represented Canada on its first Creative Industries Trade Mission led by Canada’s Minister of Heritage and serves on the Canadian Museums Association‘s Board of Directors. At the same time, he is currently completing his Master of Information Technology – Digital Media at Carleton University. 

Patricio Mariaca

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum quis mauris justo. Vestibulum vel nulla vel tortor dignissim auctor. Donec porta semper lacus, id mollis metus pretium at. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Nam malesuada ullamcorper metus, eget facilisis tortor posuere sed.

Talk To Us

Marco Pagani

Marco Pagani began his long and successful career as a senior executive in Ottawa’s high-tech sector in 1985, with Nortel Networks (then Bell-Northern Research). He rose across two decades to become president of several Nortel Business Units, managing more than 2,000 employees and over $1 billion in revenue. Having gone on to advise numerous organizations, as well as guide a range of companies through complex, critically necessary turnarounds, he is particularly respected for placing a strong emphasis on ethics and corporate governance in building the culture of the corporate and not-for-profit organizations he leads and supports.

Lawrence O’Brien

Lawrence O’Brien is a founder of Calian Group and former Mayor of Ottawa. Larry founded Calian Technology Ltd. in 1982 with a $35 investment and built it into a $200M/ year profitable, dividend-paying public company by 2006. As the CEO of Calian, Larry executed an IPO in 1993, completed five significant acquisitions, and managed the overall strategic growth of Calian from 1982 until 2006. After retirement from Calian in 2006, Larry served as the 58th mayor of Ottawa and proceeded to push forward four major economic development projects, including a Light Rail Transit tunnel in the core of the city, a new Convention Centre, now known as the Shaw Centre and a new trade show facility and a major urban renewal project that rebuilt 40 acres of dilapidated downtown Ottawa called Lansdowne Park into a vibrant, destination for citizens and tourist.

Dat Nguyen

Dat Nguyen has executive experience with top global consultancies such as IBM, Accenture, Ernst & Young (EY), and decacorn start-up Grab at C-Level roles.

During 20 years of consulting, Dat has worked with multiple companies across Canada, the USA, the Caribbean, and the Asia Pacific with CEO roles and leadership such as CEO for Accenture Vietnam, CEO of Grab Vietnam, and Partner of EY Consulting leading the technology practice (including Cybersecurity) in Indochina (Vietnam, Laos, Cambodia).

Dat is a tech entrepreneur, a co-founder, and a digital ecosystem builder. He is passionate about new and innovative technologies and is involved in multiple companies across verticals such as AI, Blockchain, Web3, Cybersecurity, InsurTech, and FinTech. Dat is currently a member of the ASIA CEO Club.

Dat earned the Executive Education at Harvard University, John F. Kennedy School, and received the Executive Certificate in Public Leadership in 2018.

Tanya Woods

Tanya Woods brings more than a decade of successful strategic advocacy experience to her role at the Chamber of Digital Commerce Canada. Tanya most recently served as the Interim Executive Director for the Blockchain Association of Canada and is a champion for Canada’s digital innovation ecosystem, domestically and globally. Tanya has held senior-level positions in the industry, representing national and multinational organizations in the telecommunications, technology, and entertainment sectors, including BCE Inc., Microsoft, Hut 8 Mining, and Nintendo. She has also advised and represented the Government of Canada in global trade negotiations and on the growth of the country’s blockchain ecosystem. Tanya is a global public speaker and published author with degrees from the London School of Economics, Ottawa University, and American University Washington College of Law. She was named among the top 10 “Leading TechWomen in Canada” by the Government of Canada, a “Trailblazer” by the Canadian Broadcasting Corporation, and a “Top 40 under 40” in Canada’s Capital by the Ottawa Chamber of Commerce and the Ottawa Business Journal.

Renato Pontello

Renato has 30 + years of experience as a trusted legal advisor and strategist. As an executive he has assisted numerous companies and their Boards of Directors to plot out and implement significant growth, diversification and reorganization plans in challenging circumstances. He was lead counsel on the sale of Zarlink Semiconductor’s $680 million dollar business as part of a takeover bid. At Zarlink he negotiated significant development, manufacturing, supply, distribution and IP licensing agreements with leading suppliers (eg Cisco, Nokia, Ericsson, Medtronic, Starkey, TSMC, Global Foundries, etc.). Renato has been involved in M&A, restructuring, financings and commercial contracts for dozens of companies. He also provides legal support in regards to intellectual property, securities, real estate leasing and employment law. He represents clients mostly in the SaaS, wireless, proptech, quantum, renewables, e-commerce, engineering and real estate conversion space.

Timothy Stapko

Timothy Stapko is a senior software engineer at Microsoft with 20+ years of experience in the information technology industry specializing in embedded systems, IoT security, security (SSL/TLS), and 9+ years of experience leading projects and a team of engineers on two commercially successful implementations of TLS for resource-constrained embedded systems (including cryptography, X.509, DTLS, HTTPS, etc.). Tim also has experience with US federal information standards (e.g., FIPS) and other standards and certifications (e.g., Common Criteria/EAL) and specializes in C, C++, FIPS 140-2, Linux, SSL, TLS, TCP/IP

James Nguyen

CEO James Nguyen co-founded Quantropi – a quantum-secure communications company – alongside Dr. Randy Kuang in 2018 with a mission to preserve Truth & Trust across the world’s digital economy. Prior to leading Quantropi, James was Chief Investment Officer & VP Asia Operations for a group of private and public real estate, mining, energy storage, and manufacturing interests, where, in his responsibilities for strategy, banking and global expansions, he secured large-scale investments and partnerships for commercializing graphene applications across multiple industries. A Top Forty Under 40 recipient in 2021, and a graduate of Carleton University in Economics, James previously achieved success managing a mid-market portfolio (professional services, public sector, Asian markets) at RBC for over a decade. James is an active speaker and panelist at quantum & cybersecurity conferences, has held advisory positions with start-ups, and gives back as community volunteer and mentor.