Harald A. Summa, Chairman Diplomatic Council Quantum Leap
The European Central Bank has warned European banks in a recent letter about growing cyber risks from artificial intelligence, while also pointing to the strategic importance of quantum computing. In parallel, the Diplomatic Council Quantum Leap (DCQL) initiative is advancing the build-out of quantum-secure infrastructure at the Frankfurt financial center.

The European Central Bank (ECB) has sharpened its warnings about a new generation of cyber risks. In a letter to European banks, the banking supervisor points out that artificial intelligence opens up new possibilities for attackers: from automated vulnerability scanning to highly scaled attack campaigns and more complex attacks on critical financial infrastructure. At the same time, the ECB points to a second technological development of strategic importance – progress toward powerful quantum computers.

According to the letter, the ECB expects significant institutions to take immediate and proactive measures against the heightened risks. The ECB also announced it would address the risks that quantum computers pose to today’s encryption methods separately. Progress toward practically usable quantum computers would have a significant impact on the cybersecurity landscape, the ECB stated. The introduction of Post-Quantum Cryptography (PQC) would take a longer period, but must begin now.

The Diplomatic Council Quantum Leap (DCQL) initiative, which is building a quantum-secure communications hub at the Frankfurt financial center and calling on institutions to connect, sees the letter as confirmation of its position. Quantum security should no longer be treated as a matter for the future but understood as a task for the present, explained DCQL Chairman Harald A. Summa. DCQL is itself an advocacy initiative involved in projects to build quantum-secure infrastructure; its assessments should be viewed against this background.

According to DCQL, the damage does not only arise once powerful quantum computers become available. Attackers can already intercept and store encrypted data today in order to decrypt it later – an approach known as “harvest now, decrypt later.” Data with long protection requirements, such as financial transactions, customer data, identities, or trade secrets, are considered particularly at risk.

Many security procedures used today rely on public-key cryptography such as RSA or elliptic curve cryptography (ECC). These are considered secure against classical computers but could in principle become vulnerable to sufficiently powerful quantum computers. International standardization bodies and technology providers are therefore already working on the transition to quantum-resistant methods.

DCQL recommends a risk-based approach for financial institutions: first identifying particularly sensitive communication links, such as data center connections carrying sensitive data. In parallel, an inventory of the cryptography in use (“Cryptographic Bill of Materials,” C-BOM) is necessary to identify outdated or future insecure methods and replace them step by step. Building on this, banks should establish crypto-agility – the ability to flexibly exchange encryption methods. Alongside PQC, DCQL names Quantum Key Distribution (QKD) as a complementary building block for transmitting cryptographic keys based on quantum-physical principles.

DCQL is currently building a platform at the Frankfurt financial center that is intended to bring together banks, insurers, data centers, and infrastructure operators. Part of the project is the Secure Frankfurt Financial Exchange (FFX), a data infrastructure and platform initiative relying on a quantum-secure Key Distribution Platform (KDP) offered on a rental basis. According to DCQL, those involved in building it include Dr. Florian Fröwis, Director Quantum Security at DCQL and a specialist at ID Quantique, a provider that is part of the quantum computing company IonQ.

Jürgen Fiedler, board member and Chief Risk Officer at FNZ Bank and former Chief Risk Officer at Deutsche Bank, assesses the development from a risk management perspective: the threat posed by AI is no longer hypothetical, and the speed at which vulnerabilities can be identified and exploited is changing the risk landscape. Cyber resilience is therefore no longer solely a question of IT security at individual institutions but a factor in the stability of the financial system. Regarding quantum technology, he said, the challenge is that many market participants still classify the risks as a distant future scenario.

By Jakob Jung

Dr. Jakob Jung is Editor-in-Chief of Security Storage and Channel Germany. He has been working in IT journalism for more than 20 years. His career includes Computer Reseller News, Heise Resale, Informationweek, Techtarget (storage and data center) and ChannelBiz. He also freelances for numerous IT publications, including Computerwoche, Channelpartner, IT-Business, Storage-Insider and ZDnet. His main topics are channel, storage, security, data center, ERP and CRM. Contact via Mail: jakob.jung@security-storage-und-channel-germany.de

Leave a Reply

Your email address will not be published. Required fields are marked *

WordPress Cookie Notice by Real Cookie Banner