Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats - Related to education, massive, future, ransomware, cloud

Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats

Google Cloud has revealed quantum-safe digital signatures in Google Cloud Key Management Service (Cloud KMS) for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers.

The feature, currently in preview, coexists with the National Institute of Standards and Technology's (NIST) post-quantum cryptography (PQC) standards, the final versions of which were formalized in August 2024.

"Our Cloud KMS PQC roadmap includes support for the NIST post-quantum cryptography standards (FIPS 203, FIPS 204, FIPS 205, and future standards), in both software (Cloud KMS) and hardware (Cloud HSM)," the firm's cloud division noted.

"This can help end-people perform quantum-safe key import and key exchange, encryption and decryption operations, and digital signature creation."

The tech giant noted its underlying software implementations of these standards – FIPS 203 (aka ML-KEM), FIPS 204 (aka CRYSTALS-Dilithium or ML-DSA), and FIPS 205 (aka Sphincs+ or SLH-DSA) – would be available as open-source software.

Furthermore, it's working with Hardware Security Module (HSM) vendors and Google Cloud External Key Manager (EKM) partners to enable quantum-safe cryptography across the platform.

By adopting PQC early on, the idea is to secure systems against a threat called Harvest Now, Decrypt Later (HNDL) that involves threat actors harvesting encrypted sensitive data today with the goal of decrypting them at some point in the future when a quantum computer powerful enough to break existing key exchange protocols and algorithms become a reality.

"While that future may be years away, those deploying long-lived roots-of-trust or signing firmware for devices managing critical infrastructure should consider mitigation options against this threat vector now," Google Cloud's Jennifer Fernick and Andrew Foster introduced.

"The sooner we're able to secure these signatures, the more resilient the digital world's foundation of trust becomes."

Quantum-safe digital signatures in Cloud KMS is available in preview for both ML-DSA-65 (FIPS 204) and SLH-DSA-SHA2-128S (FIPS 205), with API support for hybridization schemes planned for future rollout if the cryptographic community arrives at a broader consensus.

In cybersecurity, too often, the emphasis is placed on advanced technology meant to shield digital infrastructure from external threats. Yet, an equal......

Cybersecurity requires creativity and thinking outside the box. It’s why more organizations are looking at people with soft skills and coming from out......

Human communication is multimodal. We receive information in many different ways, allowing our brains to see the world from various angles and turn th......

Massive Sicherheitslücken bei Gebäude-Zugangssystemen entdeckt

Sie sollen kontrollieren, wer in ein Gebäude hineinkommt – doch allzu oft sind entsprechende Zugangssysteme ein Einfallstor für Cyberkriminelle. Zu diesem Schluss kommen Forscher der IT-Sicherheitsberatung Modat. Das Ausmaß ist demnach enorm.

Das niederländische Unternehmen veröffentlichte eine Studie, bei der rund [website] falsch konfigurierte Zugangssysteme, beziehungsweise Access Management Systeme (AMS) auffielen. Sie verteilen sich über verschiedene Weltregionen und Sektoren wie Baugewerbe, Gesundheitswesen, Bildungswesen, Fertigung, Ölindustrie und staatliche Einrichtungen. Die Autoren sprechen von einem weltweiten Problem.

AMS authentifizieren ihre Benutzer mit Methoden wie Passwörtern, biometrischen Merkmalen oder Multi-Faktor-Authentifizierung und autorisieren ihre Zugriffsrechte anhand festgelegter Richtlinien. Wenn sie versagen, bringt das zwei zentrale Probleme. Zum einen können sich Unbefugte Zugang zu den Gebäuden verschaffen. Zum anderen bieten die fehlerhaften Systeme unerlaubten Zugriff auf allerlei sensible Daten.

Und das ist nicht zu unterschätzen: Mitarbeiterfotos, vollständige Namen, Identifikationsnummern, Details zu Zugangskarten, biometrische Daten, Kfz-Kennzeichen und in einigen Fällen sogar vollständige Arbeitspläne und Zugangsdaten zu Einrichtungen waren laut den Forschern in diversen Fällen ungeschützt. Besonders brisant seien die biometrischen Daten, die bei einigen modernen AMS zugänglich waren. All das ist eine Angriffsfläche für Phishing, Identitätsdiebstahl, Social Engineering und andere Betrugsformen, um sensible Daten abzuschöpfen.

Die meisten Fälle konzentrieren sich auf Europa, die USA, den Nahen Osten und Nordafrika. Die Länder mit den meisten fehlerhaften Geräten waren demnach Italien ([website], Mexiko ([website] und Vietnam ([website] Deutschland wird in der Studie nicht explizit erwähnt und taucht in der Top-10 nicht auf, auf Platz 10 liegt Inden mit etwa [website] Fällen. Die Studie erwähnt nicht, welche Zugangssysteme welcher Hersteller betroffen sind.

Wired reported this week that a 19-year-old working for Elon Musk‘s so-called Department of Government Efficiency (DOGE) was given access to sensitive......

Australia has become the latest country to ban the installation of security software from Russian enterprise Kaspersky, citing national security concerns......

Google Cloud has presented quantum-safe digital signatures in Google Cloud Key Management Service (Cloud KMS) for software-based keys as a way to bull......

Reducing ransomware recovery costs in education

2024 continued the trend of ransomware attacks in the education sector making headlines. The year opened with Freehold Township School District in New Jersey canceling classes due to a ransomware attack. Students at New Mexico Highlands University missed classes for several days while employees experienced disruption of their paychecks after a ransomware attack. The attack on the Alabama Department of Education served as a reminder that all school systems are vulnerable.

Ransomware attacks in education decreasing.

The year closes with some positive news about ransomware in the education sector. Sophos State of Ransomware in Education 2024 found that ransomware attacks on educational institutions decreased in 2024. Attacks on higher-education institutions dropped from 79% reporting attacks in 2023 to 66% in 2024. Lower education saw a similar decrease, from 80% in 2023 to 63% in 2024. However, the attack rates for both are still higher than the global cross-sector average of 59%.

Not surprisingly, a recent study also found that students are impacted by ransomware attacks on the education sector. A study from Action1 found that the majority (64%) of education IT workers research that ransomware impacts education quality. Researchers found the reasons for the attacks are multifold, including that 44% devote only 10% of their IT budget to cybersecurity and the majority of schools (78%) do not employ cybersecurity specialists.

In an NPR article, Noelle Ellerson Ng with the School Superintendents Association expressed that the reason for targeting the education sector is that schools are often low-hanging fruit. Additionally, she points to the fact that school systems, which collect a lot of valuable data from both students and employees, often are the largest employers in a community.

“That makes it very, very ripe,” says Ng. “And then you layer on the fact that [the data] is so sensitive and so longitudinal and so personal, and there’s a huge vulnerability.”.

Reducing cyber risks in the education sector.

Even with the decline, schools should continue to focus on reducing their vulnerabilities.

Here are some ways schools can reduce ransomware risk:

Install antivirus and anti-malware software on all devices. Be sure to also include tablets and phones. Make sure that updates and patches are installed on a timely basis.

By filtering out potentially malicious links and files, you can reduce the chance of students or employees falling victim to a phishing scheme. Use multi-factor authentication (MFA). Because ransomware attacks can start with unauthorized access, educational organizations should take extra steps to ensure that every user who logs in is who they claim to be. With MFA, people must use email, text or token in addition to a password, adding an extra layer of security.

While the decrease in attacks was positive, Sophos’ investigation found a troubling trend — the recovery costs have more than doubled for ransomware attacks in education. Lower-education organizations reported a mean cost of $[website] million to recover from a ransomware attack in 2024, compared to $[website] million. Researchers found the increase even higher in higher education, more than four times higher from 2023 to 2024 ($[website] million to $[website] million).

Back up your data. In addition to backing up data in real-time, educational institutions should take precautions to secure the backups, such as by using air-gapped backups as well as immutable backups that cannot be erased. Sophos found that costs for lower-education institutions whose backups were compromised were five times higher ($3 million versus $562,500) than those who had a backup to revert to.

In addition to backing up data in real-time, educational institutions should take precautions to secure the backups, such as by using air-gapped backups as well as immutable backups that cannot be erased. Sophos found that costs for lower-education institutions whose backups were compromised were five times higher ($3 million versus $562,500) than those who had a backup to revert to. Segment the network. When a ransomware attack happens on a segmented network, cyber criminals can encrypt only the portion of the network that they accessed. By reducing the amount of data breached and the systems impacted, schools can significantly reduce recovery time and costs.

When a ransomware attack happens on a segmented network, cyber criminals can encrypt only the portion of the network that they accessed. By reducing the amount of data breached and the systems impacted, schools can significantly reduce recovery time and costs. Create an incident response plan. Often, the recovery is extended due to schools not containing the ransomware quickly enough. Additionally, business disruption also adds to the recovery time. With an incident response plan, employees know exactly what to do when a ransomware attack occurs by including the four fundamentals of a response plan — planning, detection, recovery and post-incident actions.

Propensity for paying ransom has increased.

Recovery costs are also increasing due to the changes in the ransom payment patterns and amounts. When an educational organization pays the ransom to gain access to their data, that exponentially increases the recovery costs.

The Sophos findings found that the decision to pay the ransom has increased in both higher and lower education. In 2023, 56% of educational organizations attacked by ransomware paid the ransom, compared with 67% in 2024. The number of higher-education institutions paying the ransom also increased from 47% to 62%.

Additionally, the amount of the ransom has increased, which also adds to the rising recovery costs. The average ransom in lower education was $[website] million, with 44% of demands of more than $5 million. Higher education demands also increased to $[website] million. Ransoms in critical infrastructure sectors, such as education, tend to be higher due to the urgency of restoring operations as well as the sensitive nature of the data. Additionally, cyber criminals increasingly use double extortion, demanding a ransom to unencrypt the data and then a second ransom to not make the data public, which increases recovery costs.

The future of ransomware attacks in education.

While the decrease in attacks is positive, educational organizations must pay attention to the rising recovery costs. Because every dollar spent in education towards recovering from an attack means money is not available for learning, the costs of ransomware recovery are even more impactful than other sectors. By proactively taking steps to both reduce risks and reduce recovery costs, educational organizations can keep their focus on what matters most — educating students.

In cybersecurity, too often, the emphasis is placed on advanced technology meant to shield digital infrastructure from external threats. Yet, an equal......

Welcome to your weekly roundup of cyber news, where every headline gives you a peek into the world of online battles. This week, we look at a huge cry......

Ransomware doesn't hit all at once—it slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the sur......