SOPA Images / Contributor / Getty Images ZDNET’s key takeaways AT&T’s $177 million settlement is for data breaches in 2019 and 2024. Claim up to $5,000 (first breach) and $2,500 (Snowflake hack), or both. File claim by Nov. 18, 2025, either online or by mail. If you’re a current or former AT&T customer, here’s some […] More

Quantum computing is ready for mainstream deployment, where it already is being tapped to resolve real-world business challenges. Use of the technology to crack cryptography and encryption codes, however, still has some ways to go.In particular, D-Wave Systems CEO Alan Baratz believes it can take at least another decade before factoring will be viable on quantum computing systems and used to undermine current cryptographic tools. And this was likely the case whether the gate-based system, along with its volatile error correction, or D-Wave’s annealing technology was tapped to factor the large code volumes used in cryptography tools, Baratz said in a video call with ZDNet. That said, D-Wave had an internal security team that monitored activities on its systems, he revealed, whilst acknowledging that it was still too soon to determine the types of hacking tools that could or had been created on quantum computers.

The Canadian quantum computing vendor does not specifically focus on cryptography, but its technology has been used to power intrusion and threat detection applications. It also has presence in the US, UK, and Japan, where it has 20 paying customers in the Asian market. Its cloud-based Leap quantum computing application is available in Singapore via Amazon Web Services (AWS). A Deloitte Consulting report echoed Baratz’s views, stating that quantum computers would not be breaking cryptography or run at computational speeds sufficient to do so anytime soon. However, it said quantum systems could pose a real threat in the long term and it was critical that preparations were carried out now to plan for such a future. On its impact on Bitcoin and blockchain, for instance, the consulting firm estimated that 25% of Bitcoins in circulation were vulnerable to a quantum attack, pointing in particular to the cryptocurrency that currently were stored in P2PK (Pay to Public Key) and reused P2PKH (Pay to Public Key Hash) addresses. These potentially were at risk of attacks as their public keys could be directly obtained from the address or were made public when the Bitcoins were used. 

Deloitte suggested a way to plug such gaps was post-quantum cryptography, though, these algorithms could pose other challenges to the usability of blockchains. Adding that this new form of cryptography currently was assessed by experts, it said: “We anticipate that future research into post-quantum cryptography will eventually bring the necessary change to build robust and future-proof blockchain applications.” Mathematician Peter Shor in 1994 published a quantum formula that he said could break most common algorithms of asymmetric cryptography. It suggested that, given a large enough quantum computing system, the algorithm could be used to identify a private key that matched its corresponding public key to impersonate digital signatures. A team of engineers and researchers in Singapore last year also announced plans to tap quantum cryptography technology to enhance network encryption tools, so these could be ready to mitigate security risks when quantum computing became mainstream. Specifically, they were looking to use “measurement-device-independent” quantum key distribution (MDI QKD) technology and hoped to their research could pave the way to a new class of “quantum-resilient encryptors”.Quantum ready for mainstream enterprise applicationWhile the technology has yet to break cryptography, quantum computing is ready for mainstream adoption and already is tapped to address real-world enterprise challenges. Pointing specifically to D-Wave’s proprietary annealing technology, Baratz said this allowed quantum computing to scale more easily and be less sensitive to noise and computational errors, to which gate-based systems were prone. Currently in its fifth generation, D-Wave’s quantum computers clock more than 5,000 qubits and capable of supporting commercial rollout “at commercial scale”, he said. This, he added, was a stage that no other market players had been able to achieve thus far with the gate-based model. Commonly adopted in the industry today, the gate system made quantum computers tough to build and sensitive error. Its most stable state currently generated about 30 qubits, which was sufficient to power mostly research work and unlikely to be used to solve business problems at scale for another seven to 10 years, he said. “Error rates on [gate-based systems] are so high you can’t really do anything with them, even with small problems,” he added, noting that a competitor last year said it was able to solve a specific optimisation problem on its quantum computer. However, this was possible once out of every 100,000 attempts, he said. Quantum computing runs on principles of quantum mechanics that include probabilistic computation.  Baratz said annealing technology, designed specifically for optimisation purposes, had a higher influence on the probability of outcomes and, hence, was less sensitive to errors. It also learnt from where it ended with the previous computation to finetune future ones.”When you lose coherence, you end up with garbage. With annealing, when you lose coherence, you settle into a [potential] solution and restart the computation to try and improve the solution,” he said. Gate-based model, in comparison, could not do that since it would lose coherence after every computation rather than pick off from the previous run. A grocery using D-Wave to enhance a portion of the customer’s logistics system was able to solve an optimisation problem in two minutes per week per location, where previously it took 25 hours per week per location, he noted. There currently are more than 20,000 developers worldwide that have signed up to access Leap, with some 1,000 regularly using the service each month. Paying customers fork out an estimated $2,000 an hour to run computations on D-Wave computers. Baratz noted, though, that its systems could not solve all quantum computing issues because annealing was designed specifically to solve optimisation problems, which were common challenges for businesses. Gate-based systems, on the other hand, would be able to solve any computation problems once the error rates were reduced — something he said likely would not actualise for at least another seven years.So while D-Wave’s annealing-powered quantum computers were limited to solving optimisation problems, they were capable of solving real-world business challenges today, he said. Its systems also were on a path to building a universal error correction system by leveraging the technology it had, he added. To date, more than 250 applications had been built with D-Wave systems, most of which used Leap and spanned various use cases including financial modelling, scheduling, protein folding, and manufacturing optimisation, the vendor said. RELATED COVERAGE More

A North Korean hacking group known to have targeted security researchers in the past has now upped its game through the creation of a fake offensive security firm. 

The threat actors, believed to be state-sponsored and backed by North Korea’s ruling party, were first documented by Google’s Threat Analysis Group (TAG) in January 2021. Google TAG, specialists in tracking advanced persistent threat (APT) groups, said at the time that the North Korean cyberattackers had established a web of fake profiles across social media, including Twitter, Keybase, and LinkedIn.  “In order to build credibility and connect with security researchers, the actors established a research blog and multiple Twitter profiles to interact with potential targets,” Google said. “They’ve used these Twitter profiles for posting links to their blog, posting videos of their claimed exploits, and for amplifying and retweeting posts from other accounts that they control.” When members of the group reached out to their targets, they would ask if their intended victim wanted to collaborate on cybersecurity research — before sending them a malicious Visual Studio project containing a backdoor. Alternatively, they may ask researchers to visit a blog laden with malicious code including browser exploits.  In an update posted on March 31, TAG’s Adam Weidemann said that the state-sponsored group has now changed tactics by creating a fake offensive security company, complete with new social media profiles and a branded website.  The fake company, dubbed “SecuriElite,” was set up on March 17 as securielite[.]com. SecuriElite claims to be based in Turkey and offers penetration testing services, software security assessments, and exploits. 

A link to a PGP public key has been added to the website. While the inclusion of PGP is standard practice as an option for secure communication, the group has used these links in the past as a means to lure their targets into visiting a page where a browser-based exploit is waiting to deploy.  In addition, the SecuriElite ‘team’ has been furnished with a fresh set of fake social media profiles. The threat actors are posing as fellow security researchers, recruiters for cybersecurity firms, and in one case, the HR director of “Trend Macro” — not to be confused with the legitimate company Trend Micro.  Google’s team linked the North Korean group with the usage of Internet Explorer zero-day back in January. The company believes that it is likely they have access to more exploits and will continue to use them in the future against legitimate security researchers.  “We have reported all identified social media profiles to the platforms to allow them to take appropriate action,” Google says. “At this time, we have not observed the new attacker website serve malicious content, but we have added it to Google Safebrowsing as a precaution.” Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

goc/Getty Images Amidst equal parts elation and controversy over what its performance means for AI, Chinese startup DeepSeek continues to raise security concerns.  On Thursday, Unit 42, a cybersecurity research team at Palo Alto Networks, published results on three jailbreaking methods it employed against several distilled versions of DeepSeek’s V3 and R1 models. According to […] More

In October, the Currency (Restrictions on the Use of Cash) Bill 2019 passed the lower house. The proposed Bill, if passed, would essentially block the purchase of goods over AU$10,000 via cash and as the explanatory memorandum [PDF] details, it would also introduce offences for entities that make or accept cash payments of AU$10,000 or more. […] More