Ahmad Almorabea (Senior Penetration Testing Consultant at TCC) has worked extensively with cryptographic protocols and published numerous papers on the subject of cryptography – and with nearly a decade of experience in incident response threat hunting, threat intelligence and digital forensics, he brings a great depth of perspective to this work.
As a podcaster on The Cyber Riddler, he’s adept at communicating the complexities of cyber threats, and framing them in real-world situations so the gravity of those threats can be clearly understood.
We caught up with Almorabea to find out what he’s most excited about (and most worried about) when it comes to cryptography and quantum computing. Here’s what he told us.
What was the first thing you ever hacked?
“The first thing I hacked was the vBulletin Forums. I was learning how to program in PHP and then understood how I could find a bug in PHP code. Afterwards, I was able to understand how to write and anticipate what hackers are looking for.”
How do you think cryptography will evolve over the next few years – and is there anything you’re particularly excited about?
“I believe cryptographic algorithms will be able to search in encrypted texts without the need for understanding the actual texts available. And it’s a big step towards having our privacy back.
“I’m excited about the improvement happening in cryptographic algorithms using AI. In scenarios where learning models need to be applied on sensitive data, AI cryptography plays a vital role in preserving privacy.”
Is there a risk that industries/governments will be too slow to implement quantum-safe cryptography before quantum computing technology progresses?
“Yes, there’s a risk. Quantum computing’s advancement could potentially break current encryption methods. If industries/governments don’t act swiftly to adopt quantum-safe cryptography, sensitive data could be vulnerable in the future. And there are many aspects in cryptography that could be broken, while Quantum computing advances (i.e. key derivation, encryption algorithms, PKI and more).”
What’s one thing you wish everyone knew about cybersecurity?
“I want everyone to know that cybersecurity was founded to guard your valuable data from bad guys. Sometimes having security in your products or carrying out cyber security best practices in handling your data could be tedious – but cybersecurity is there to protect you all the time.”
Finally, what did you gain from Black Hat MEA 2023?
“The best thing about Black Hat MEA is that the main focus is not on promoting vendors – instead, there’s a focus on promoting great and highly informative research and researchers from around the globe. There’s time to socialise and learn new things from these great speakers.”
P.S. - Mark your calendars for the return of Black Hat MEA in November 2024. Want to be a part of the action? Register now!