Social Engineering Attacks on the Rise: QWERX Can Help
The primary threat to system security in the post quantum age will not be the quantum computer. It will continue to be social engineering.
No matter how fast or smart a quantum computer might become, the primary mode of attack on information networks in the post-quantum age will not change. As long as there are credentials to steal and there are humans that can be targeted to give up the credentials, social engineering will remain the primary means of attack. Not surprisingly, Verizon's 2023 Data Breach Investigations Report (DBIR) found that 74% of all breaches include the human element. Why? Because the system architecture is the weak link: not the strength of any given encryption key.
The only truly effective way to defeat social engineering attacks is to eliminate the use of static device credentials that can be stolen. By removing vulnerable credentials, the human vulnerability is also mitigated; there will be no reason to target a user because they are no longer the guardian of a static credential.
QWERX has designed and patented this simple architecture. Our secure device authentication software, QWERX Enterprise Secure Perimeter (QESP), replaces static credentials and keys with ephemeral keys. QESP employs symmetric key cryptography to authenticate all authorized devices across a network using an ephemeral key that immediately disappears after each use, leaving behind nothing to steal or copy. The continuous verification process is repeated multiple times per second, with a new, quantum-proof key generated each time. Ephemeral keys cannot be stolen because they are never exchanged and constantly rotating; once a unique key is used, it will never be used again. This process runs in the background without any user involvement, and it is not possible for a user to intentionally or unwittingly provide access to the keys.
By eliminating static credentials from the secure device authentication process, QESP automatically blocks 100% of data breaches that begin with stolen device credentials.