A Threat Intelligence Perspective on Quantum Computing and Cybersecurity
Published by:
Aree Kang
Published on:
July 7, 2026
Actionable threat intelligence
SecAlliance’s cyber threat intelligence services focus on what matters: mapping threats to your environment, prioritising real risks, and giving your teams concrete actions to take. Move beyond generic feeds and start using intelligence that truly shapes your defence.
As the cybersecurity community contends with rapid advances in AI, other emerging technologies and their challenges risk being overlooked. Quantum computing threats to cryptography and cybersecurity are particularly concerning: many intelligence agencies have warned that ciphertext harvested today could be decrypted retroactively with a quantum computer in the coming future. Hence, the quantum threat is a present concern.
Yet it remains difficult to understand or defend against threats if their effects are not felt today. Furthermore, the “quantum threat” is not a monolithic concept; different sectors face distinct threat landscapes not only because of the different types of data they handle, but also because of the capabilities and intent of threat actors that seek to cause them harm.
This is why a cyber threat intelligence lens can help us better understand quantum computing threats; it allows us to go beyond abstract warnings and assess uneven risks across different industries.
Quantum computing and its implications for cybersecurity
A cryptographically relevant quantum computer (CRQC) is a quantum computer powerful enough to run algorithms like Shor’s algorithm to break widely used public-key cryptography (asymmetric key cryptography), such as RSA and elliptic-curve cryptography (ECC). Public key cryptography underpins secure key exchange and digital signatures across modern systems: when you log into a website, the Transport Layer Security (TLS) protocol checks the site’s certificate using digital signatures to verify the identity of the website. It then uses key exchange to create a shared symmetric key that encrypts data exchanged between your browser and the website, such as passwords you enter. Public key infrastructure (PKI) is the system of certificates, certificate authorities, and trust rules that binds public keys to identities, enabling this authentication process. Symmetric key cryptography (e.g. AES) is less affected by quantum computing, as its keys can be brute-forced using Grover’s algorithm, which is not as fast as Shor’s and can be mitigated with larger key sizes.
Experts estimate the development of a practical CRQC within the early-mid 2030’s, with aggressive estimates even suggesting 2029. Migrating public key systems to use post-quantum cryptography (PQC) is the most practical and reliable mitigation against quantum threats to cryptographic systems. A recent study estimated that migration could take five to 15 years; the larger the organisation, the longer the migration process. The government, financial services, and telecommunications sectors are leading in the PQC migration process, but most other industries have not begun the necessary work. However, all organisations face threats from quantum computing to various degrees.
The quantum threat
Threat intelligence enables the prioritisation of assets at greatest risk of attack by asking who is interested in abusing quantum capabilities, why, and how. This helps organisations develop an informed, on-the-ground defence and PQC migration strategy.
SecAlliance evaluates cyber threats using the following equation:
Threat = Capability x Intent
Nation-state-aligned actors are almost certain to be the main class of threat actors capable of building and running a CRQC with the intent to use it for malicious purposes in the foreseeable future. However, they will likely deploy CRQCs to achieve broadly the same objectives observed in cyber activity today, such as intelligence collection, prepositioning, and intellectual property theft.
At present, the US is a global leader in research, manufacturing and commercialisation of quantum technologies, accounting for 44% of global private sector investment by 2025. However, China is narrowing the gap in various domains, supported by a robust government-led industrial policy and strategy. It is likely that the US will lead in CRQC development, with China closely trailing in second place in the near term.
Russia has achieved milestones in quantum computing, but is likely to face challenges from sanctions, export restrictions, budget constraints and strategic diversions. Iran and North Korea have also publicly pledged investment in quantum R&D, but are likely to face similar challenges that will curb their ability to develop a CRQC. These states are likely to focus on classical cyber capabilities, including AI, or defensive capabilities against quantum threats.
Meanwhile, cybercriminals have intent but lack capability. Some argue that cybercriminals will be able to access quantum computers via quantum-as-a-service (QaaS) providers. However, providers implement contractual and regulatory guardrails that make it highly unlikely that cybercriminals can casually rent quantum computing services to run Shor’s algorithm. There are also some wildcard scenarios, such as a commercial actor being contracted or funded by the government. However, these would still arguably fall within the nation-state actor class.
In summary, the main concern is well-resourced state actors targeting high-value, long-lived assets. How then can these assets be targeted?
Harvest Now, Decrypt Later
First, ‘Harvest Now, Decrypt Later (HNDL)’ is an attack in which a threat actor exfiltrates encrypted data and later uses a quantum computer to decrypt it.
This strategy requires that threat actors:
conduct mass surveillance of data and traffic
store it long-term until a CRQC is available
And decrypt the data with the CRQC.
While data storage is relatively trivial, maintaining sustained access to communication infrastructure and, above all, achieving quantum computing capacity capable of breaking current cryptographic algorithms, are not. This limits the viable threat actors to nation-state actors with sufficient resources to conduct all three steps.
Capable state actors are almost certainly harvesting data from other governments, including sensitive diplomatic, defence and military communications and intelligence. Strategic sectors such as defence, advanced technology, and manufacturing are also likely to be targeted, as trade secrets and intellectual property remain strategically viable and valuable for many years.
While harvesting and storing vast amounts of data are still plausible for well-resourced nation-states, running jobs on a CRQC to decrypt the harvested data will initially be very costly, then gradually decrease. Early CRQC use is therefore likely to be resource-constrained, forcing adversaries to prioritise the highest-value targets first.
For instance, various sources point to personally identifiable information (PII), as well as personal healthcare and financial data, as being at risk of HNDL. These can certainly be useful to state actors, but the value of certain types of data diminishes if they expire before being decrypted, like credit card numbers.
At present, it is difficult to determine whether observed data theft attempts are motivated by future quantum capabilities. Regardless of the motivation, however, large-scale theft of encrypted data—both past and present—could be abused in future decryption attempts. The following are examples of likelyhigh-valuetargets of HNDL data exfiltration attacks by sector, based on known past cyber operations:
Trust Now, Forge Later
Often overlooked compared to HNDL attacks is the threat to digital signatures.
Digital signatures are used to ensure the authenticity, integrity and non-repudiation of various digital messages and documents, including software distributions, financial transactions, and legal contracts.
Digital signatures use public key cryptography: a private key is used to sign the cryptographic hash of a message, and a public key is used to verify that the message is from a trustworthy source and has not been tampered with.
In public key cryptography algorithms like RSA, the private and public keys are mathematically related, but it is infeasible to derive a private key from a public key using classical computing power, which is why they are considered safe. However, a CRQC can perform this math in a few days or even hours, derive the private key, forge the digital signature and impersonate the message's owner to hijack trusted operations. This is known as the ‘Trust Now, Forge Later (TNFL)’ attack.
Compared with HNDL, TNFL often depends less on present-day data harvesting. In many public PKI use cases, public keys and certificates are already broadly available and will be relied upon for years or decades; threat actors can collect this information now or later. However, if a target uses private PKI, then the present-day collection of internal validation information, such as timestamp and revocation evidence, may be advantageous, or even necessary, for a forged signature to be accepted by the target’s certificate validation process. This realistically puts private PKI targets at a risk of present-day classical data exfiltration of internal trust material.
Private keys stolen via other methods on classical systems have long enabled threat actors to achieve malicious objectives:
What quantum computers could do is enable the scaling of private key calculation. While in the above examples, threat actors had to gain access to protected key storage to acquire the private keys, TNFL simply enables the sweeping collection of public keys and the subsequent reverse engineering of private keys within mere hours.
Unlike HNDL, which mostly compromises data confidentiality, TNFL can actively exploit trust and erode the integrity and authenticity of the impacted system. Some confidentiality breaches, such as unauthorised access to top government secrets or intellectual property worth billions, are indeed worst-case scenarios for some sectors. However, in many cases, digital signature forgery has a much more dynamic impact, enabling a kill chain that often culminates in malware deployment and/or arbitrary code execution.
For example, firmware shipped in energy grids, medical facilities and devices, manufacturing equipment, and telecommunications infrastructure is all signed using public-key cryptography. A threat actor can use private keys generated by quantum computers to sign malware, disguise it as legitimate firmware or software, and infiltrate critical systems.
In theory, any security function that depends on vulnerable public-key cryptography for signatures, authentication, certificate validation, or key establishment is potentially exposed, including code signing, document signing, PKI-backed identity, TLS, many VPNs, and secure email (S/MIME).
However, like HNDL, TNFL attacks are likely to focus on high-value assets, especially if they have long lifespans. Critical industries such as energy, telecommunications, and defence manufacturing are likely targets of TNFL attacks targeting firmware signing keys.
Additionally, high-value PKI targets include intermediate and root CA signing keys, because control of those keys could enable a threat actor to mint trusted certificates, intercept communications, and undermine trust across large parts of a certificate hierarchy.
So what?
The quantum risk becomes more concrete when viewed through the lens of threat intelligence. The key question is not simply when a CRQC arrives, but which actors are most likely to use it, against which assets, and for what strategic effect. From that perspective, the danger is already taking shape in the mass collection of ciphertext or public keys today, which leaders and defenders must recognise and act against.
In the long term, HNDL threatens long-lived confidentiality, while TNFL raises an equally serious challenge to trust, integrity, and operational resilience across critical systems. For leaders, this means the work to reduce exposure must begin now, by identifying high-value data, vulnerable trust anchors, the adversaries most likely to target them and how. Ultimately, organisations must strive for cryptographic agility to build resilience against the challenges of migration itself, as well as incumbent quantum threats.
SecAlliance provides detailed and timely analysis to clients via our dedicated ThreatMatch platform, including our monthly Geopolitical analysis and bi-annual PESTLE-M Horizon Scanning assessments. For more information, please contact info@secalliance.com.