Hackers are increasingly preparing for the advent of quantum computing, which could potentially break current cryptographic methods and decrypt stolen data en masse. In anticipation, they are already harvesting encrypted data to be decrypted in the future, a tactic known as “harvest now, decrypt later.” This method poses a growing threat as quantum computing evolves, promising unprecedented processing power and rendering many modern encryption algorithms ineffective.
Currently, many organizations use encryption to protect sensitive information such as databases, communications, and internal networks. Cybercriminals, however, are exfiltrating encrypted data in large quantities, banking on the future decryption capabilities of quantum computing. Today’s classical computers use bits that represent either a one or a zero, while quantum computers use qubits that can exist as both simultaneously, a property called superposition. This allows quantum computing to vastly outperform classical computers, particularly in decryption tasks.
For example, breaking a 2,048-bit Rivest-Shamir-Adleman encryption with classical computers would take 300 trillion years, but a quantum computer could do it in seconds. Although this technology is not yet widely available, advancements in quantum research mean it could become accessible within the next decade. Hackers are therefore collecting encrypted data now, waiting for the day when they can exploit quantum computing to decrypt it.
Hackers are primarily interested in personally identifiable information such as names, addresses, and social security numbers, which enable identity theft. Account details, like company credit card numbers and bank credentials, are also prime targets. With quantum decryption capabilities, attackers will no longer be limited to data storage systems. They could intercept information in transit, eavesdrop on encrypted communications, and compromise both client-side and server-side encryption.
The consequences of quantum-driven decryption could be devastating. Businesses may not even realize they have been breached until hackers use quantum computing to decrypt years of stolen data, resulting in identity theft, account takeovers, and regulatory fines. The financial implications are severe, as data breach costs are rising annually. Furthermore, organizations will no longer be able to rely on traditional encryption methods to secure data, communications, or digital signatures.
Despite the fact that widespread quantum computing use is still some years away, businesses must act now to protect themselves. One crucial step is adopting post-quantum cryptographic standards, which are being developed by the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA). These new encryption methods will be resistant to quantum attacks. In addition, companies should enhance breach detection systems to identify network intrusions early, and consider using quantum-safe VPNs to protect data in transit.
Lastly, organizations should evaluate the sensitivity of their data and decide whether to move it to more secure storage, such as paper-based systems or isolated local networks. Taking these proactive measures will help mitigate the risks posed by quantum computing as it evolves. While the full impact of this technology is still years away, preparing for its inevitable arrival is essential for maintaining cybersecurity in the future.
www.venturebeat.com/security/harvest-now-decrypt-later-why-hackers-are-waiting-for-quantum-computing/