Cybersecurity firm Kaspersky warns that current encryption methods protecting sensitive data are vulnerable to future decryption by quantum computers, potentially within the next decade. The company identifies a critical risk in the ‘store now, decrypt later’ tactic, where actors harvest encrypted data for future exploitation, and highlights vulnerabilities in blockchain technologies like Bitcoin’s Elliptic Curve Digital Signature Algorithm. Kaspersky, protecting over a billion devices and serving 200,000 corporate clients, urges governments, businesses, and infrastructure providers to begin transitioning to post-quantum cryptography now to avoid systemic vulnerabilities.

The Looming Threat of ‘Store Now’

Threat actors are currently harvesting encrypted data with the intention of decrypting it in the future, once quantum computing capabilities advance. This tactic poses a risk to sensitive information transmitted today, potentially exposing diplomatic exchanges, financial transactions, and private communications years after their initial transmission.

The primary concern is that encrypted data possessing long- ‘term value is already vulnerable to future decryption. This suggests that security measures implemented today will determine the resilience of digital infrastructure for decades to come.

Sergey Lozhkin, Head of Kaspersky Global Research & Analysis Team for META and APAC, states that systemic vulnerabilities may arise if adaptation to these risks does not commence immediately, as such vulnerabilities cannot be retroactively fixed.

Decrypt Later’

The evolving threat extends to blockchain and cryptocurrency networks, which are not immune to quantum-related risks. Bitcoin’s Elliptic Curve Digital Signature Algorithm (ECDSA), reliant on elliptic curve cryptography (ECC), is particularly vulnerable, potentially enabling the forging of digital signatures and attacks on crypto wallets.

Tampering with blockchain transaction history is also a potential risk, undermining trust and integrity within these networks.

Looking ahead, developers and operators of advanced ransomware may adopt post-quantum cryptography to protect their malicious payloads, potentially rendering ransom recovery impossible without payment. Currently, quantum computing does not offer a means to decrypt files locked by existing ransomware, with data protection relying on traditional security solutions and collaboration.

Vulnerabilities in Blockchain and Cryptocurrency

Potential risks to blockchain and cryptocurrency networks include attacks on ECDSA that secure crypto wallets, and the forging of digital signatures, threatening Bitcoin, Ethereum, and other cryptocurrencies.

Tampering with blockchain transaction history also represents a potential risk, undermining trust and integrity.

Developers and operators of advanced ransomware may begin adopting post-quantum cryptography to protect their malicious payloads, potentially designing ransomware resistant to decryption by both classical and quantum computers.

Preparing for a Post-Quantum Future

Transitioning to post-quantum cryptography will require years of effort, and preparations must begin immediately. Coordination between the cybersecurity community, IT companies, and governments is essential to address the emerging risks. Policymakers should formulate clear strategies for migrating to post-quantum algorithms, while businesses and researchers must begin implementing new security standards without delay.

The most critical risk does not reside in the future, but in the present, as encrypted data with long-term value is already susceptible to future decryption. Governments, businesses, and infrastructure providers must adapt now, or risk systemic vulnerabilities that cannot be retroactively fixed.

Source：https://quantumzeitgeist.com/kaspersky-warns-quantum-computing-threatens-long-term-data-security/