Table of contents

What Are Quantum Computing Cybersecurity Threats?

6 min. read

Table of contents

Quantum computing's risk to cybersecurity refers to the potential for cryptographically relevant quantum computers (CRQC) to break modern encryption standards. By utilizing Shor's algorithm, these systems can solve complex mathematical problems—such as prime number factorization—that underpin public-key infrastructure (PKI), rendering current digital protections for sensitive data and communications effectively obsolete.

A minimalist presentation slide features a white background with faint, high-tech geometric patterns of lines, dots, and small squares. Large, bold black text in the center reads 'What Are the Cybersecurity Risks of Quantum Computing?'.

Key Points

Quantum computing threatens current encryption: Future cryptographically relevant quantum computers could break public key algorithms such as RSA and elliptic curve cryptography.
Harvest now, decrypt later is a present-day risk: Attackers can steal encrypted data now and store it until quantum computers can decrypt it later.
Cryptographic discovery is the first step: Organizations need to know where encryption is used before they can migrate safely.
PQC migration will take years: Updating protocols, certificates, applications, vendors, hardware, and identity systems is complex.
Crypto-agility matters: Organizations need systems that can adopt new cryptographic algorithms without major disruption

Quantum Computing’s Risk to Cybersecurity Explained

"The Internet relies heavily on both public-key encryption schemes and digital signatures to ensure the confidentiality and authenticity of digital communications. However, many of these widely used cryptosystems could be broken by quantum algorithms, running on large-scale fault-tolerant quantum computers. Such machines do not yet exist, but could conceivably be built in the not-too-distant future."

- NIST, Post-Quantum Cryptography, and the Quantum Future of Cybersecurity,
Yi-Kai Liu and Dustin Moody

While classical computers process information in bits (0s or 1s), quantum computers use qubits, which leverage superposition and entanglement to perform massive parallel calculations. This computational leap is a double-edged sword.

In cybersecurity, this power enables a quantum machine to bypass the mathematical "trapdoor" functions that keep passwords, banking details, and state secrets private. Specifically, the RSA and Elliptic Curve Cryptography (ECC) protocols, the backbone of the internet, rely on the fact that factoring large numbers takes classical supercomputers thousands of years.

A powerful quantum computer could achieve this in minutes.

Line graph titled 'Factoring efficiency: classical vs. Shor's algorithm' with the vertical axis labeled 'Number of operations' and the horizontal axis labeled 'Number of digits.' Blue curve labeled 'Classical algorithm' rises steeply at first and continues upward across the graph. Red curve labeled 'Shor's algorithm' starts lower, increases slightly, and then levels off well below the blue curve. Caption below reads 'Shor's algorithm factors large numbers far faster than classical methods, threatening RSA and ECC once quantum computers scale.'

The significance of this risk cannot be overstated. It introduces a "delayed breach" scenario where data stolen today remains a liability for decades.

For C-suite executives and security leaders, this shift transforms quantum readiness from a laboratory curiosity into a strategic governance imperative. The transition to quantum-safe standards involves more than just a software patch. It requires a complete inventory and overhaul of the cryptographic assets embedded in every layer of the enterprise stack.

As nation-state actors invest heavily in quantum capabilities, the window for achieving "quantum-safe" status is narrowing, making early adoption of NIST-standardized algorithms (NIST PQC standards) essential for long-term business resilience.

Diagram titled 'Quantum computing cybersecurity risks'. The diagram is centered on a red diamond labeled 'Core quantum capability' and surrounded by three concentric layers showing how quantum computing affects cybersecurity. The middle layer, labeled 'Primary impacts', contains four red boxes for 'Encryption (RSA, ECC, DH)', 'Authentication (digital signatures)', 'Integrity (blockchain immutability)', and 'Trust (identity and communication protocols)'. The outer layer, labeled 'Real world risks', connects to eight smaller red squares positioned around the perimeter. Clockwise from the top, they read: 'Breaking public-key encryption – Shor's algorithm breaks RSA, ECC, and DH'; 'Harvest now, decrypt later – Data intercepted today could be decrypted once CRQCs exist'; 'Weakened secure communications – TLS, HTTPS, and VPNs lose confidentiality and authenticity'; 'Exposed IoT ecosystems – Lightweight devices are difficult to update for quantum resistance'; 'Undermined blockchain integrity – Quantum attacks could falsify transactions or duplicate coins'; 'Forged digital signatures – Attackers could impersonate users or vendors'; 'Geopolitical imbalance – Early CRQC nations gain disproportionate intelligence advantage'; and 'Endangered critical infrastructure – Long-lived OT/ICS systems can't easily migrate'. The background includes faint grid lines and connecting lines that link the central capability through the primary impacts to the outer real-world risks, visually illustrating cascading effects from the center outward.

8 Quantum Computing Threats to Cybersecurity

The transition to the quantum era introduces specific technical and operational vulnerabilities that threaten the integrity of the modern digital world.

1. Breaking Asymmetric Encryption (PKI)

The most significant risk is the collapse of Public Key Infrastructure (PKI). Current asymmetric encryption, such as RSA and Diffie-Hellman, relies on mathematical problems that quantum computers running Shor’s algorithm can solve almost instantly. This vulnerability exposes web traffic (HTTPS), secure email, and virtual private networks to total decryption.

2. "Harvest Now, Decrypt Later" (HNDL) Attacks

Horizontal process diagram titled 'Harvest now, decrypt later (HNDL)' showing five sequential steps connected by arrows. Step 1, in a blue square, reads 'Data exfiltration' with subtext 'Steals encrypted traffic or files.' Step 2, in a lighter blue square, reads 'Cold storage' with subtext 'Keeps ciphertext for years.' Step 3, in an orange square, reads 'Advances in quantum computing' with subtext 'Waits for quantum systems.' Step 4, in a white square with a blue lock icon, reads 'Decrypt later' with subtext 'Shor's breaks RSA/ECC.' Step 5, in a purple square, reads 'Use the plaintext' with subtext 'Read, sell, or forge identities.' Small text under several steps notes 'Years can pass' to indicate elapsed time between stages.

HNDL attacks involve threat actors actively collecting encrypted data today with the intent of decrypting it once quantum technology matures. This makes current encryption a temporary shield. For data with long shelf lives, such as national security secrets or genetic information, the breach has effectively already occurred; only the revelation is delayed.

Unit 42 research indicates a shift toward pure data exfiltration, which attackers use as long-term leverage. As detailed in the Unit 42 Global Incident Response Report, this aligns with the strategic risk of HNDL, where data stolen today is archived for future quantum decryption.

Organizations should prioritize quantum-safe migration for data types that Unit 42 identifies as high-risk, such as proprietary source code, healthcare records, and sensitive legal documentation.

3. Forgery of Digital Signatures

Digital signatures verify the authenticity of software and communications. Quantum computers can calculate the private keys from public keys, allowing attackers to forge signatures. This enables the distribution of malicious software updates that appear legitimate, compromising the global software supply chain.

This risk affects:

Area	Example Risk
Software supply chain	Malicious updates signed as trusted software
Certificate authorities	Forged certificates used in man-in-the-middle attacks
Identity systems	Impersonation of users, devices, or services
Financial systems	Fraudulent transactions or records appearing valid

4. Compromise of Secure Boot Processes

Many hardware systems use cryptographic checks during the boot process to ensure only trusted code runs. Quantum-enabled forgery allows attackers to inject boot-level persistent threats. Once the secure boot is bypassed, the entire operating environment is untrusted, and traditional security tools may fail to detect the intrusion.

5. Vulnerability of Financial Transactions and Ledgers

The financial sector depends on cryptographic hashes and signatures to authorize wire transfers and secure blockchain transactions. Quantum computing can undermine these proofs of ownership and authorization. This risk could lead to unauthorized fund transfers and a total loss of trust in digital financial ledgers and decentralized finance (DeFi) platforms.

6. Decryption of Historical Data Backups

Organizations often store decades of encrypted backups for compliance and historical reference. These archives are prime targets for quantum-capable adversaries. If these backups are not re-encrypted with quantum-resistant algorithms, an organization's entire history of sensitive communications and strategic planning could be exposed simultaneously.

7. Identity and Access Management (IAM) Failure

Most modern IAM systems use certificates and tokens protected by classical cryptography to prove identity. A quantum attacker could impersonate high-level administrators or C-suite executives by breaking the underlying authentication protocols. This would grant them unfettered access to cloud environments and internal data centers without triggering standard "stolen credential" alerts.

8. Obsolescence of Legacy IoT and Embedded Systems

Many internet of things (IoT) devices and industrial control systems have hardcoded cryptographic libraries that cannot be easily updated. These systems lack the processing power to handle the larger key sizes required for post-quantum algorithms. This creates a permanent class of "quantum-vulnerable" infrastructure that may remain in use for decades, providing a backdoor into critical networks.

Get your quantum readiness assessment

The assessment includes:

Overview of your cryptographic landscape
Quantum-safe deployment recommendations
Guidance for securing legacy apps & infrastructure

Get my assessment

Quantum Threat and Readiness Timeline

The timeline for a quantum computer capable of breaking modern encryption remains uncertain, but the risk is no longer theoretical. Experts increasingly describe it as a question of when, not if.

Chart titled 'Quantum threat & readiness timeline'. The chart presents a two-track horizontal timeline spanning 2024 through 2035, showing parallel developments in quantum technology progress and cybersecurity readiness milestones. The top track, labeled 'Quantum technology progress', uses light blue background accents and lists milestones by year group. For 2024, it states that industry investment in quantum technology grows by nearly 50 percent to about $2 billion, with research shifting from scaling qubits to improving stability and error correction. The 2025 entry notes expert consensus that a cryptographically relevant quantum computer could emerge within a decade and mentions early hybrid quantum-classical systems demonstrating reliable logical qubits. The 2026–2028 group describes steady progress in qubit coherence and fault-tolerant design with public and private research advancing scalable prototypes. The 2029–2031 group highlights fault-tolerant systems achieving multi-day stability and global discussions on estimating Q-Day and assessing geopolitical implications. The 2032–2035 group shows large-scale quantum computers reaching commercial viability and legacy public-key encryption becoming increasingly vulnerable to quantum attack. The lower track, labeled 'Cybersecurity readiness milestones', uses orange highlights and lists corresponding security responses. For 2024, it cites NIST finalizing the first post-quantum cryptography standards FIPS 203–205 and governments beginning formal cryptographic inventories. The 2025 milestone mentions agencies publishing quantum-readiness roadmaps and hybrid cryptography pilots in cloud and network systems. The 2026–2028 span lists expanding cryptographic agility frameworks and vendor certification programs. The 2029–2031 range shows large-scale migration to quantum-safe cryptography and a growing focus on supply-chain coordination. The 2032–2035 period notes that PQC and hybrid encryption become global standards and fully.

Still, today’s quantum systems are not yet capable of breaking RSA or elliptic curve cryptography at scale. Many researchers place that milestone sometime in the 2030s.

The problem is timing. A CRQC may be a decade away, but post-quantum cryptography migration can also take years. Organizations need time to inventory cryptography, assess exposure, test new algorithms, coordinate with vendors, and modernize infrastructure.

The real deadline is not Q-Day. It is the preparation window before it. Organizations that wait for certainty will likely be too late, which is why NIST, CISA, and NSA urge planning now.

Process diagram titled 'Quantum Readiness Journey: From Planning to Implementation'. The diagram shows five sequential steps arranged horizontally along a dotted line with icons inside outlined diamond shapes. Step 1, labeled 'Quantum-readiness roadmap', includes a magnifying-glass icon and text that reads 'Assess systems relying on vulnerable cryptography.' Step 2, labeled 'Cryptographic inventory', features a list icon and text that reads 'Catalog algorithms, protocols, and keys to set migration priorities.' Step 3, labeled 'Cryptographic agility', displays a gear-and-arrows icon and text that reads 'Design systems to support algorithm swaps and PQC standards.' Step 4, labeled 'Hybrid cryptography', shows two linked rings and text that reads 'Run classical + quantum-resistant algorithms in parallel for continuity.' Step 5, labeled 'Operational rollout & coordination', uses a network-diagram icon and text that reads 'Align vendors, supply chains, and internal systems for transition.' The first four steps are rendered in gray and light blue, while the fifth step is highlighted in bright blue, indicating completion or progression.

How Organizations Can Prepare for Quantum Cybersecurity Risks

Organizations should treat quantum readiness as a phased security modernization effort, not a single encryption swap. CISA, NSA, and NIST have urged organizations to begin preparing through quantum-readiness roadmaps, inventories, risk assessments, and vendor engagement.

Phase	Action	Purpose
Discover	Identify where cryptography exists across systems, applications, certificates, protocols, and vendors	Build a cryptographic inventory
Assess	Determine which systems use quantum-vulnerable algorithms and which data has long-term sensitivity	Understand exposure
Prioritize	Rank systems by data sensitivity, business criticality, regulatory impact, and migration complexity	Focus on the highest-risk areas first
Pilot	Test NIST-approved PQC and hybrid approaches in controlled environments	Reduce implementation risk
Migrate	Update cryptographic systems, protocols, certificates, applications, and vendor dependencies	Move toward quantum-resistant protection
Monitor	Track performance, compatibility, vendor updates, and evolving standards	Avoid blind spots
Optimize	Improve crypto-agility and retire vulnerable algorithms over time	Make future migrations easier

Post-Quantum Cryptography (PQC) Standards

The National Institute of Standards and Technology (NIST) has released standardized PQC algorithms, including ML-KEM and ML-DSA. These lattice-based mathematical structures are designed to resist attacks from both classical and quantum systems. Migrating to these standards is the only proven defense against the impending quantum threat.

Diagram titled 'The building blocks of quantum-safe cybersecurity'. The diagram presents five stacked 3D horizontal layers, each representing a component of quantum-safe security architecture. From bottom to top, the layers are labeled 'Post-Quantum Cryptography (PQC)' with the subtext 'Foundation', 'Quantum Key Distribution (QKD)' with the subtext 'Secure exchange', 'Quantum Random Number Generation (QRNG)' with the subtext 'Entropy source', 'Hybrid cryptography' with the subtext 'Transitional compatibility', and 'Governance, testing, & certification' with the subtext 'Operational readiness'. Each layer is colored in a distinct shade of blue or orange and arranged in a vertical stack that gives a floating, tiered appearance. Thin dotted lines extend from each layer to matching icons and explanatory text aligned on the right side.

The Role of Crypto-Agility

Organizations must achieve crypto-agility, or the ability to update cryptographic providers and algorithms without modifying the underlying application code. This flexibility is essential because the quantum threat landscape is evolving. If a current PQC algorithm is found to be vulnerable, agile organizations can swap it out in hours rather than years.

Security Layer	Quantum Risk	Mitigation Strategy
Web Traffic	TLS/SSL Decryption	Implement PQC-enabled TLS
Identity	Signature Forgery	Migrate to ML-DSA signatures
Storage	HNDL / Backup Theft	AES-256 Symmetric Encryption
Hardware	Secure Boot Bypass	Update to PQC Root of Trust

Consequences of Failing to Prepare Before Q-Day

Failing to prepare for post-quantum security doesn't just create operational risk. It creates a systemic trust problem that could take years to repair. Failing to prepare for Q-Day could leave organizations exposed to large-scale cryptographic failure.

Q-Day will not only threaten encryption. It will threaten the systems, identities, and trust relationships built on top of it.

Quantum Computing Cybersecurity Risk Examples

Scenario	Risk	Business Impact
Encrypted traffic is captured today	Data may be decrypted later by quantum-capable attackers	Exposure of confidential communications
Legacy VPN uses vulnerable key exchange	Remote access may become insecure	Unauthorized access risk
Code signing relies on vulnerable signatures	Attackers may forge trusted software updates	Supply chain compromise
Certificates cannot support PQC algorithms	Authentication systems may fail or lag behind standards	Operational disruption
Sensitive archives are encrypted with quantum-vulnerable methods	Long-term records may be exposed	Regulatory, legal, and reputational damage

Quantum Computing’s Threats to Cybersecurity FAQs

Industry forecasts from 2026, including reports from Forrester and Google Quantum AI, suggest that "Q-Day"—the point when quantum computers can break mainstream public-key cryptography—is likely to arrive by 2030. Rapid advancements in logical qubit error correction have accelerated this timeline from previous 2035 estimates.

Yes, symmetric encryption is more resilient than asymmetric encryption. While Grover's algorithm provides a quantum speedup for searching keys, using AES-256 effectively doubles the security and maintains a quantum-resistant level of protection for stored data.

MFA that relies on FIDO2 or hardware security keys using ECC or RSA is vulnerable. To remain secure, MFA providers must move toward quantum-safe certificates and PQC-based exchange protocols to prevent attackers from intercepting or forging authentication tokens.

Detecting data exfiltration is the only way to identify an HNDL attack. Once the data has left your network, there is no way to know if it is being stored for future quantum decryption. This underscores the importance of proactive data loss prevention and robust encryption-at-rest.

The first step is a comprehensive cryptographic inventory to identify systems relying on vulnerable algorithms. This allows organizations to create a "Cryptographic Bill of Materials" (CBOM) and prioritize high-value, long-lived data for immediate migration to NIST-approved PQC.