Quantum computing is now more than a mere buzzword, with big technology players purchasing quantum systems or designing their own. Substantial tech investment is also happening in a seemingly unrelated field: remote health care. A study from Research and Markets noted that the Internet of Things (IoT) health care market is headed for 37.6 percent compound annual growth rate over the next four years as companies look for ways to supply doctors and patients with the data they need on demand.
There’s a crossover here, however: quantum security. With health care data among the most popular cybercriminal targets, IoT devices notoriously lacking in effective safeguards and quantum computers on the brink of an encryption/decryption breakthrough, health agencies need a security prognosis and treatment plan as soon as possible.
Before diving into security concerns, it’s worth breaking down the basics of quantum computing. The simplest explanation starts with the binary numbering scheme: 1 and 0 are the only options. Traditional computers rely on binary as the foundation of their memory; bits in memory can be either 1 or 0 at any given time.
Quantum computing, meanwhile, relies on what are known as qubits that may have values of 0, 1 or a quantum superposition that encompasses both of these states. At least five qubits are required to perform any type of meaningful calculation. At scale, however, quantum computers may be able to outperform even the most advanced classical computers in specific areas.
Consider traditional data security tools, which rely on factoring large prime numbers to produce encryption and decryption keys. The more powerful the computer, the larger the possible prime and the longer it takes mainstream computers to factor the same value. As noted by ZDNet, factoring a 232-digit prime number would take two years using current methods. Quantum computers, meanwhile, excel at this kind of task thanks to their unique structure and could soon outstrip even the fastest classical machines.
But health care companies have more to worry about than the rise of quantum security threats. According to TechRepublic, health data remains the “lowest-hanging fruit” for cybercriminals: Half of all health data breaches are criminal attacks, and the industry has lost more than $6 billion as a result.
A study from the Ponemon Institute argued that “data breaches in health care remain consistently high in terms of volume, frequency, impact and cost” and noted that health care is more susceptible to data breaches than other industries. More worrisome? Patients are now experiencing the long-term effects of data loss in the form of identity theft.
The IoT Effect
Despite the troubling track record of health care databases and networks, however, the industry is under pressure to increase availability of internet-based services. As noted by Modern Health Care, hospitals have now achieved a 96 percent electronic health record (EHR) adoption rate but still struggle to share this information with relevant agencies such as laboratories or outside care facilities.
IoT suggests a solution to this problem: By supplying doctors and nurses — both locally and those in remote locations — with mobile devices capable of connecting to hospital networks, it’s possible to streamline communication and enhance collaboration. This is just the tip of the IoT iceberg. Patients outfitted with wearable devices, carrying easily accessible smartphones and tablets, create a massive pool of usable information for medical practitioners and the promise of better treatments directly informed by data.
The problem? IT security tends to be second (or third, or fourth) priority when designing IoT devices. Consider drug infusion pumps: Last year, security researcher Billy Rios found that it was possible to hack these devices and change the delivered dosage. The result? Increased efforts to mobilize health care may have the unintended consequence of ramping up security threats; not only is patient data up for grabs, but limited IT security could actually put lives at stake.
Guarding the Door With Quantum Security
So how does the health care industry combat existing security gaps, design for IoT and prepare for an influx of quantum computing that may render current security methods useless? It takes advantage of inherent quantum properties.
Here’s how it works: Any time a connection is established — for example, between a doctor’s office and patient looking for personal health data, or a hospital network and a patient’s drug pump — a string of random numbers are continuously sent back and forth along the connection as photon pulses. These are saved in one of three states: on, off or on-off.
Should an attacker try to modify, intercept or even view this data stream, the quantum state of these photons changes, alerting security pros that someone is trying to breach the link. This is especially useful for devices at distance. If they’re supported by a strong connection, key transmission and breach detection become almost instantaneous. Better still? Even if attackers are using traditional methods rather than quantum computers, their interference causes an observable state change that can be addressed immediately.
For health care agencies, continuing breaches are a source of stress. The news that IoT networks bolster this risk shouldn’t come as much of a surprise.
But there’s a silver lining here: With health care lagging on IT security, there are no existing complications and no security treatment plans in place that could produce unexpected side effects. In other words, it’s possible for health care to adopt a long-term strategy that should safeguard current infrastructure, bolster IoT adoption and lay a solid foundation for future quantum security.