UK NCSC Announces 2035 Deadline for Quantum-Proof Transition

U.S. and Dutch Authorities Take Down 39 Domains in Global Fraud Bust

In a coordinated effort, law enforcement agencies in the United States and the Netherlands have successfully dismantled 39 domains associated with a widespread Business Email Compromise (BEC) fraud network. The scam, which targeted businesses and individuals worldwide, involved sophisticated tactics to deceive victims into transferring funds to fraudulent accounts.

The operation, which was months in the making, involved collaboration between multiple agencies and international partners to track down and shut down the fraudulent domains. This joint effort serves as a testament to the commitment of authorities to combat cybercrime and protect individuals and businesses from falling victim to such scams.

The BEC fraud network was responsible for defrauding countless victims out of millions of dollars through deceptive emails and fake websites. The takedown of these domains is a significant blow to the criminal organization behind the scheme and will undoubtedly disrupt their operations moving forward.

Authorities are urging individuals and businesses to remain vigilant against BEC scams and to report any suspicious emails or websites to law enforcement. By working together and staying informed, we can all play a role in combating cybercrime and safeguarding our online security.

This successful operation highlights the importance of international cooperation in combating cyber threats and sends a clear message to criminals that law enforcement agencies are united in their efforts to bring them to justice. As technology continues to evolve, it is crucial for authorities to stay one step ahead of cybercriminals and protect the public from falling victim to their schemes.

Webinar: Safeguarding Your Software Development Teams from Software Supply Chain Attacks with New OnDemand Strategies

December 5, 2023

Massive Data Breach: 120,000 Alerted by Georgia Hospital and Nursing Home

February 10, 2025

The UK’s National Cyber Security Center (NCSC) has set a 2035 deadline for critical infrastructure operators to transition to post-quantum cryptography, anticipating the advent of quantum computers that could potentially compromise current encryption algorithms. In a recent advisory, the NCSC outlined a structured timeline aimed at technical decision-makers and risk owners within large organizations and operators of critical national infrastructure. The guidance includes a phased approach, urging organizations to assess their IT systems and draft a migration plan by 2028, transition high-priority systems by 2031, and complete the overall shift by 2035.

Emphasizing the importance of this transition, the NCSC suggests that organizations view this migration as a chance to enhance their overall cybersecurity resilience. Although quantum computing remains largely in the research phase, experts warn that the transition to post-quantum computing is urgent, as a “cryptanalytically relevant quantum computer” could emerge in the early 2030s. Such a computer would have the capability to decrypt information currently safeguarded by traditional encryption methods.

In response to these impending changes, the U.S. National Institute of Standards and Technology (NIST) finalized three post-quantum encryption algorithms in August 2024, setting a precedent for cryptographic standards worldwide. Tech giants, including Google and Microsoft, are also preparing for this technological shift by integrating post-quantum capabilities into their products. The NCSC advises organizations to upgrade to platforms that support post-quantum cryptography, replacing outdated public key cryptography components and phasing out existing IT services.

One of the significant challenges highlighted by the NCSC is the replacement of existing web public key infrastructure and industrial control system protocols, due to their incompatibility with post-quantum cryptography. The agency recommends flexibility in migration plans to accommodate future developments in the ecosystem. Tim Callan, chief compliance officer at Sectigo, noted that systems reliant on RSA and ECC cryptographic algorithms would face difficulties in integrating new algorithms and would require substantial overhauls.

In conclusion, organizations are urged to begin their transition to post-quantum cryptography without delay to ensure security and compliance in the quantum era. While the task is challenging, early and strategic planning can facilitate a smooth transition, safeguarding critical infrastructure against future threats posed by quantum computing advancements.