Passive Network Tapping
For decades, CISOs and cybersecurity leaders have relied on encryption as the primary defense for data and network traffic. Network encryption, also called data encryption in transit, is a core part of organizational security hygiene. The RSA conference, one of the most well-known in cybersecurity, is named after the RSA public-key encryption technology developed in 1982. Today, AES is the most widely used encryption standard and a critical safeguard for all organizations. With most network traffic encrypted using AES or RSA, network tapping was once a major threat but now seems largely mitigated, requiring less active planning or compensating controls.
Network Encryption and Quantum Computers
However, the evolving technology landscape could change how networks are protected with encryption. Quantum computers, capable of breaking popular encryption methods, are becoming a real threat. At the same time, cybercrime-as-a-service (CaaS), sometimes backed by state actors, is on the rise. Together, these trends may shift how cybersecurity leaders view and use network encryption.
Quantum computers threaten current encryption methods with their superior processing power. This revolutionary technology can process data at unprecedented speeds and promises to transform many industries. In cybersecurity, it could revive old attack methods, including passive network tapping.
RSA Encryption Algorithm and Network Tapping Risk
The RSA encryption algorithm, still considered highly secure, relies on the difficulty of factoring large numbers. A quantum computer could break it using Shor’s algorithm, which factors numbers exponentially faster than a classical computer. A classical computer would take longer than the age of the universe to do the same.
In December 2023, a team of Chinese scientists published a paper claiming they had developed a quantum algorithm capable of breaking RSA with a 372-qubit quantum computer in just hours. Considering the rapid growth of quantum computing, it’s reasonable to anticipate that within a few years, many encryption protocols in use today could become vulnerable to quantum-based attacks.
Passive Network Tapping Devices
Passive network tapping devices intercept and extract data from network traffic without detection. Many security leaders never encountered these devices, and others now see them as an obsolete risk.
However, with the strong shift toward cloud services and the widespread work-from-home (WFH) trend, enterprise network boundaries have become blurred and difficult to secure. As a result, many organizations have lost the ability to conduct continuous security controls and implement compensating measures across their networks. Instead, security leaders have relied on the assumption that encryption equals safety.
The return of passive network tapping, combined with quantum computing, could break that assumption. It may become an even more dangerous threat.
Cybercrime-as-a-Service and Network Tapping
Quantum computing’s full implications are still unfolding but considering the recent rise of cybercrime-as-a-service (CaaS). The augmentation of CaaS with quantum computing may become a much more imminent challenge for cybersecurity leaders. Cybercriminals could soon rent access to quantum computing power to break encryption algorithms, offering these capabilities as a service to a global network of attackers.
Some of the most damaging breaches, like Sony Pictures (2014), RSA SecurID (2011), Anthem (2015), and Yahoo (2013), used brute-force attacks to crack encryption keys or passwords. Quantum-enabled CaaS could make these attacks far more powerful.
Attackers could use passive network tapping devices to capture encrypted data and apply “Store Now, Decrypt Later” (SNDL) tactics, waiting until quantum computing makes decryption possible.
The Next Phase of Network Security
The full impact of this convergence may still be years away, but it could seriously affect the security of businesses and individuals. Cybersecurity leaders must stay informed and rethink their defense strategies now.
Financial institutions will likely experience the first wave of this new threat, followed closely by government agencies. Financial organizations represent a clear, profitable ROI to cybercriminals, making them prime targets.
Detecting and Preventing Network Tapping
Two strategies can be considered to mitigate the risks posed by quantum computing and CaaS. These include:
Adopting Quantum-resistant Encryption
This encryption protects data even against quantum computers. The new field of ‘post-quantum cryptography’ includes developing algorithms that are secure against quantum computers. But they are not yet as widely used as traditional encryption algorithms. Already in 2016, NIST announced a competition for programmers to propose new post-quantum encryption algorithms. Since then, the results remain mixed. This approach is complex, costly, and requires nonstandard encryption and decryption devices. In today’s fast-moving cyber threat landscape, cybersecurity leaders cannot know if they are ahead or falling behind.
Adding the Tapping Protection Security Layer
This measure includes augmentation of the organization’s security stack by going back to basic cybersecurity best practices. Implementing security controls, monitoring, and the proper protection of these looming threats. This is straightforward, easy to implement and ensures that no tapping device (even as simple as a passive Throwing Star LAN, PlunderBug or an unmanaged switch hub) can be connected to the network without being discovered and controlled. For example, Sepio’s platform offers an outstanding way to implement this additional defense layer. Providing full visibility and control over any hardware assets in the enterprise network. Including full coverage of the endpoint’s environment (which may be outside of the enterprise’s security boundaries) all the peripheral assets, and more (macsec).
Preparing for the Return of Network Tapping
The rebirth of rebirth of passive network tapping via quantum computing used by CaaS is not a mere possibility. It’s a forthcoming reality we must prepare for. It is time to rethink our security strategies. To evolve alongside technology and redefine the boundaries of what we consider secure.
