Thales spoke with Euronews Next at the Mobile World Congress about the current cybersecurity threats.
Cyberattacks on critical infrastructure, such as government departments and hospitals, are becoming increasingly likely and the consequence of a well-connected world that did not adequately secure everything.
ADVERTISEMENT
ADVERTISEMENT
"We have more probabilities of getting hacked, getting data compromised," said Eva Rudin, senior vice president of mobile connectivity solutions at Thales.
"As we multiply the endpoints, the connectivity points, we increase the threat surface,” she said at the sidelines of the Mobile World Congress in Barcelona.
“We need to build that trusted connectivity where people have real confidence that whatever they’re doing in their daily lives, they will be fully protected," she added.
Artificial intelligence (AI) has made the cybersecurity landscape even more challenging.
Rudin warned that AI-powered attackers can now identify and exploit vulnerabilities at a speed no human team can match, fundamentally shifting the balance between attack and defence.
Thales aims to fight fire with fire when it comes to AI, framing it as an AI versus-AI contest, deploying machine learning across its own security solutions to keep pace with adversaries who are doing the same.
“We need to be even more protected with AI. Everything is not black with AI, AI is something that we are using to improve our response for our protection, so we use AI as well to make our solutions better, so it's kind of AI against AI,” Rudin said.
However, cyber threats do not just apply to critical infrastructure, but also in homes.
Connected devices in homes can also be a concern, as many devices, such as smart speakers or cameras, do not have strong cybersecurity protections, Rudin said, adding that without expert knowledge, it is difficult to know which devices to trust.
Regulation is the only realistic remedy, she said, and with Europe’s Cyber Resilience Act, entering force in 2027, there will be mandatory security requirements on connected devices sold across the EU.
Regulation is also key on an international level, as a coordinated attack on smart metering infrastructure could disable an entire national electricity grid. The conflict in Ukraine has shown how civilian infrastructure can be taken offline through cyber means. “Having that cybersecurity regulated… I think it’s the best insurance we can get for the future,” Rudin said.
The quantum clock
The most urgent and perhaps the least visible security challenge Thales is confronting involves a weapon that does not yet fully exist.
Called Q-Day, meaning when a quantum computer so powerful is built, it could break the public encryption systems that protect our online conversations, bank accounts, and most vital infrastructure, wreaking havoc on governments and businesses.
Thales believes that uncertainty is itself the problem: with critical infrastructure having operational lifespans of decades, the time to embed quantum-safe security is now, not when quantum computers are imminent.
"A car designed today will come to market in three years and be in use for another 20 years," Rudin noted. "Who knows where we will be on quantum computers in 20 years? That is why we have to start preparing now, for all critical objects and critical systems."
The threat is compounded by a technique already being deployed by sophisticated state and criminal actors called harvest now, decrypt later, which means attackers are intercepting and stockpiling encrypted communications today, in the expectation that future quantum machines will be able to unlock them.
Defence secrets, cryptographic keys, governmental communications and even personal data that remains valid for years, such as names, dates of birth and identity documents, are all potentially at risk.
'We need to protect the data today'
But Thales has shown that security can be upgraded remotely and instantly, directly on SIM and eSIM cards already in use.
The company demonstrated that eSIM cards already deployed in the field can be updated over the air with quantum-resistant cryptographic algorithms, replacing the vulnerable encryption used today without requiring new hardware. The company calls this capability “crypto agility".
Thales says it has a roadmap across all its products and software solutions, aligned to emerging industry standards, for the transition to quantum-safe cryptography. The company’s mathematicians are also actively contributing to the development of the next-generation algorithms that will form the foundation of that transition.
But the window to replace the algorithms protecting data before quantum computers exist to break them is limited.
“We need to protect the data today,” Rudin said. “The industry should already be protecting itself now.”
