Scroll Top

CISA panicked by possible Q-Day quantum computer public key cryptography hack


An unresolved public key cryptography hack has experts panicking about a Chinese quantum computer that’s powerful enough to crack Western encryption.


Love the Exponential Future? Join our XPotential Community, future proof yourself with courses from XPotential University, read about exponential tech and trendsconnect, watch a keynote, or browse my blog.

A cyber security official at the US State Department had noticed something unusual. An internal IT security system, nicknamed “Big Yellow Taxi,” had flagged unusual activity on its corporate Microsoft account.  The tech team quickly raised its concerns to Microsoft, hopeful that the alert was just a false positive.


This new tech could help you get through airport security in just 30 Seconds


What rapidly emerged, however, was that a Chinese government hacking group – codenamed Storm-0558 – had compromised the E-Mails of hundreds of US government officials.

An official US government post-mortem included one frightening possibility: that China had developed a quantum supercomputer, capable of cracking all Western encryption and rendering cyber defences useless.

Victims of the hack, discovered on 15 June last year, included Gina Raimondo, the US commerce secretary, the US Ambassador to China, and dozens of high ranking officials and politicians across America and the UK.

Nine months later and experts at Microsoft and US officials at CISA – the US cyber defence agency – are still unpicking what happened. China’s hackers had been able to steal or forge a digital key – the “cryptographic equivalent of crown jewels,” US officials said in a report.


China unveils their revolutionary ZKZM-500 laser assault rifle


This key could be used to unlock crucial parts of the US government’s digital infrastructure, cracking open email accounts belonging to high-ranking officials around the world. The hackers stole 60,000 emails from the State Department alone, although it is still unclear how this was achieved.

On June 26, 10 days after the US government discovered the Chinese hack, Microsoft launched an “all-hands-on-deck” investigation that ran overnight, uncovering the loss of the secret key.

“Microsoft developed 46 hypotheses to investigate,” the CISA report said, “including some scenarios as wide-ranging as the adversary possessing a theoretical quantum computing capability to break public-key cryptography.”

The CISA report adds: “As of the date of this report, Microsoft does not know how or when Storm-0558 obtained the signing key.”


The US and China are developing supersonic submarines


Another possibility raised in the government report is that an insider stole the information years ago. A Microsoft spokesman declined to comment.

Cyber security sources note that a quantum-powered hack would be the “least likely” scenario. One industry source says the probability China has cracked such a huge technical problem is less than zero. Given the catastrophic nature of the attack, experts say Microsoft had to rule out a range of possible causes.

In a March blog post, Microsoft said: “Our leading hypothesis remains that operational errors resulted in key material leaving the secure token signing environment.”

But the disclosures by US officials shows how seriously the threat of China’s quantum advances are being taken by the world’s most valuable technology company.


An autonomous Blackhawk just successfully completed its first mock rescue mission


A secret quantum computer developed by a rival power would “absolutely be a nightmare scenario”, putting critical private information at risk of being stolen, says Sebastian Weidt, chief executive of Brighton-based start-up Universal Quantum.

The development of quantum computers remains in its infancy, but the technology is seen as crucial to future national security. The advanced machines are very different to a modern supercomputer, relying on properties of quantum physics and particles to conduct advanced calculations at speeds that traditional supercomputers could never compete with.

In theory, this should allow them to far outstrip the capabilities of traditional computers, which rely on binary ones and zeros to operate. A major fear is they could be used to easily break modern coding systems and access private information.

“Offensive use of quantum computing would render most modern techniques to secure data in transit and data at rest useless,” says Adam Maruyama, chief technology officer at cyber security company Garrison and a former intelligence officer. “Because today’s security ecosystem puts so much stock into the strength of encryption algorithms, this would be a disaster.”


NASA's Martian autonomous cybersecurity defence test is a resounding success


The development of a quantum system by a rival nation in secret is also being taken seriously by security officials in the US and the UK. Officials have dubbed the advent of such technology as “Q-Day” and have been urgently researching so-called “post quantum cryptography”, which could be resistant to such a machine.

Multiple start-ups have been trying to develop systems that could apply uncrackable new encryption techniques to the internet to defend against a quantum hack.

The US is viewed as a leader in quantum technology, but only just, and tech giants including Google and IBM claim to have made great strides towards building functional computers.

But China has been racing to catch up. According to McKinsey, Beijing has earmarked $15.3bn (£12.1bn) for quantum computing projects. In 2020, Chinese scientists claimed to have developed a quantum computer that had achieved “quantum supremacy” by solving a physics problem millions of times faster than a traditional supercomputer. However, such breakthroughs remain in the esoteric realms of particle physics with few practical applications.


This pyramid shaped lens eliminates the need for solar panels to track the Sun


Quantum computers themselves are totally unlike a typical computer. These intricate creations are large, spindly, often built with materials such as gold or rare earth metals, while operating in cryogenic chambers well below freezing to enhance its quantum properties.

As for codebreaking, most quantum and cyber security experts agree even China is years away from developing such a computer.

“The science is simply no way near there yet,” says one industry source.

Weidt, of Universal Quantum, adds: “It is highly unlikely that [Microsoft’s] encryption was broken by a quantum computer. As far as we know today significantly larger quantum computers than we have available today will be needed for such a task.”

Regardless of how it conducted last year’s hack, the US says the sting “struck the espionage equivalent of gold” in a report that was scathing of Microsoft’s security readiness.


6G takes on a new roll helping China create better hypersonic weapons systems


The government report accused Microsoft of a “cascade of avoidable errors” in the run up to the incident. It also criticised Microsoft for putting out misleading public statements which claimed it had uncovered the origin of the leaked key, when in fact it had not.

It failed to correct the record for more than six months.

Microsoft’s internal investigations have ruled out the possibility that an insider stole the key used to hack the US government. It disclosed it had uncovered a separate hack in 2021 by Storm-0558 of an engineer’s laptop, who had joined from a company it had acquired, which could be linked, but the US government said it had seen “no specific evidence to such effect.”

A quantum intrusion may have been the most far-out scenario explored by Microsoft, but the US government’s assessment says the company remains in the dark over the truth.

“Nine months after the discovery of the intrusion, Microsoft says that its investigation into these hypotheses remains ongoing.”

Related Posts

Leave a comment


1000's of articles about the exponential future, 1000's of pages of insights, 1000's of videos, and 100's of exponential technologies: Get The Email from 311, your no-nonsense briefing on all the biggest stories in exponential technology and science.

You have Successfully Subscribed!

Pin It on Pinterest

Share This