The moment where quantum computers break encryption appears to be getting closer
dem10/Getty Images
Quantum computers could cause a global security crisis that makes the once-feared millennium bug, or Y2K, look quaint. This infamous computer risk was averted through the persistent behind-the-scenes work of engineers across the world, but whether the new threat will be tackled similarly is an urgent yet unresolved question.
Most digital communications and transactions are protected by cryptography based on mathematical problems that are unsolvable by conventional computers but are solvable by a sufficiently capable quantum computer. Researchers have understood this since the late 1990s, but the day when this capable-enough quantum computer comes online – or Q-Day – was thought to be very far in the future. Much has changed since.
Working quantum computers are now a reality, and recent leaps in how to use them are bringing Q-Day ever closer.
Since the beginning of 2026, several studies have found that the two most common encryption methods, RSA-2048 and ECDLP-256, could be broken by quantum computers projected to exist by the end of the decade. Cybersecurity experts, including those at Google, whose team authored one such bombshell study, are pointing to 2029 as the year by which everyone needs to be ready for this quantum threat.
Solutions do exist in the form of a suite of algorithms called post-quantum encryption (PQC) – but how much of our deeply digitised world will adopt them in time?
“[Experimental] timelines can move faster than expected, and that alone is a reason to act. The institutions that start now will be in a very different position to those that wait,” says Philip Intallura at HSBC Group bank.
“The message that we’ve been giving to pretty much all our customers is, ‘Please, don’t take this lightly,’” says Ramana Kompella at technology giant Cisco. “The time to prepare your infrastructure towards these quantum threats is today. In fact, it may have even been yesterday.”
Kompella says that Q-Day is a more sinister threat than Y2K because it could happen more surreptitiously. The danger of Y2K was that the world’s computers couldn’t properly represent years later than 1999, and so everything from banking servers to airplane navigation systems would simultaneously malfunction at the turn of the millennium. In comparison, Q-Day could happen any time and without fanfare; your most sensitive information could get stolen without anyone noticing.
One such specific threat is “harvest now, decrypt later” attacks, in which hackers may already have sensitive data and could decrypt it with a quantum computer in the future.
Rebecca Krauthammer at the PQC firm QuSecure says that this is extremely worrisome for information related to national security, banking, healthcare and the pharmaceutical industry. The risks include hacking credit cards and stealing launch codes for weapons, sensitive medical files or trade secrets.
“Banks, insurers, healthcare providers, and critical infrastructure operators face existential risks. Even ‘secure’ data in transit or at rest today could fuel future blackmail, espionage, or fraud,” wrote Brian Lenahan at the think tank Quantum Strategy Institute in a blogpost.
Krauthamer says that experts in quantum cybersecurity have been expecting developments like the recent slew of studies on the shortening timelines towards Q-Day, but the past month has seen an exceptional volume of interest in PQC. “This is one of the biggest catalyst moments I’ve seen,” she says. She estimates that her team has seen a tenfold increase in inquiries from businesses looking to become more quantum-safe. Making the switch to PQC by 2029 is ambitious but realistic, she says.
Many telecommunications and banking institutions are already working on it, while others, like hospitals, are falling behind, says Krauthamer. Intallura says that HSBC has been working on being more quantum-safe for several years, and Kompella says that many of Cisco’s products already include some level of post-quantum security.
Hidden vulnerabilities
There are plenty of apps that are already using PQC, including the messaging app Signal and Flo, an app for tracking the menstrual cycle. Others are working on it, such as the Google Chrome web browser, which aims to be quantum-safe by 2027.
But application upgrades alone won’t suffice, says Martin Charbonneau at Nokia. Upgrading security for entire digital systems, where the organisations involved often don’t have a precise understanding of all their technology, is a more formidable challenge.
Every part of a business’s network is a potential vulnerability. Adversaries could attack things like a user getting a push notification or authenticating their credit card at a store, but they could also attack a remote server that’s just booting up, or intercept communication between two internal machines, such as hospital computers exchanging patients’ files. For many companies, the first challenge in deciding how to become quantum-safe will be identifying all the different points of vulnerability, especially if they have legacy software and devices that are decades old, says Kompella.
While firms like Cisco and Nokia are large enough to have internal quantum research teams, most are not. Krauthammer says that her team is currently working with three organisations that will have to spend an estimated $100 million to switch to PQC over the course of three to 10 years. Many companies will also quickly find themselves under pressure to move to PQC by 2027, when this will become a requirement for working with the national security arm of the US government.
But even if everything goes according to plan, one industry could remain in trouble: cryptocurrency. In their study, researchers at Google and the Ethereum Foundation suggested that the first sign Q-Day has happened may be a hacker stealing cryptocurrency such as bitcoin by intercepting a transaction or targeting old and idle wallets. Unlike banks that can make sweeping decisions about implementing PQC from the top down, cryptocurrencies are decentralised and expected to take longer to decide whether and how to make the shift as they seek consensus among many users. Bitcoin, in particular, has struggled to make changes to its algorithms, such as to reduce its environmental impact.
But cryptocurrency is no longer just a fringe interest. Pension funds, charities and companies increasingly include it as part of their investment portfolios. It is sufficiently embedded in the global economy that if it lost value because it was shown to be unsafe, more people than just cryptocurrency enthusiasts would lose money, says Stefano Gogioso at the University of Oxford. Several cryptocurrencies that already implement quantum-safe practices surged up to 50 per cent in value in the day following the release of the most recent studies.
Ultimately, Q-Day could be averted much like Y2K was – if governments and businesses across the world can move fast enough. But the barriers are higher this time around because the threat is complex and it’s not known exactly when it will happen.
It’s for those reasons that Krauthamer thinks that people need to make noise about it. “There needs to be a lot more bottom-up pressure from people using services. They should say, ‘Hey, to trust that you’re going to keep my data safe today and tomorrow, I need to see that you are adopting post-quantum cryptography,’” she says.
Topics: