NEW DELHI: The debate around the timeline of quantum computing’s impact is brewing. While Nvidia CEO Jensen Huang believes quantum computing may be about 15 years away, D-Wave System’s CEO Alan Baratz insists it’s ready for primetime, citing Mastercard and NTT Docomo’s use of their quantum computers for real-world operations. Regardless of the timeline, cybersecurity must adapt quickly to counter the looming threats, experts say.
The concern stems from quantum computing’s rapid calculations and processing powers – these have applications ranging from drug discovery to artificial intelligence and financial models, but criminals can also exploit these capabilities to mount cyberattacks.
“One of the most insidious threats posed by quantum computing is the Store Now, Decrypt Later (SNDL) attack, a cryptographic technique that involves storing encrypted data for an extended period before decrypting it. Threat actors are already swiping up lots of encrypted information and stockpiling it until quantum computers can crack it open for them in the future,” said Pete Membrey, chief engineering officer at ExpressVPN.
Virtual private network (VPN) companies are among those leading the way in countering these cybersecurity threats through ‘post-quantum encryption’. This technology is designed to counter equally capable algorithms created to break current encryption standards.
VPN usage is growing worldwide as users seek to secure their data and anonymize web browsing. These apps are evolving into comprehensive security suites, becoming a cornerstone for cybersecurity across devices and platforms, particularly for unsuspecting consumers and small businesses.
“While we’re still far from an actual attack that can threaten real-world encryption systems, we remain cautious. We need to battle-test new quantum-resistant algorithms, and standardize their use across the whole ecosystem. That means collaboration, being transparent, and peer-reviewing others’ technology,” says Bart Butler, CTO of Proton.
Proton uses the OpenPGP standard for encryption and plans to layer post-quantum encryption for its services, including Proton Mail and VPN.
ExpressVPN recently released upgrades to strengthen post-quantum cryptography across its apps, enabling the Lightway encryption protocol by default. “At ExpressVPN, we recognised early that quantum computing poses an unprecedented threat to today’s encryption standards. That is why we were one of the first movers in the VPN industry to implement post-quantum encryption—it is our way of evolving with the challenges to protect and future-proof our users’ data,” added ExpressVPN’s Membrey.
NordVPN’s version 8.1 allows Android users to enable post-quantum encryption. Nord Security researchers believe encryption methods like RSA and ECC are particularly at risk from quantum algorithms like Shor’s algorithm.
“A VPN service should not rely solely on the new algorithms. We need to take a hybrid approach—combining quantum with classical cryptography to make our users as safe as possible from all threats,” Butler explained.
The success of VPN and cybersecurity investments relies on algorithms specifically designed to withstand quantum attacks. In late 2024, the U.S. National Institute of Standards and Technology (NIST) confirmed quantum-resistant encryption standards, finalising three of them.
“Post-quantum cryptography is no longer a theoretical discussion, it’s an immediate priority,” says Carlos Moreira, founder and CEO of SEALSQ, a quantum computing company. These new standards provide direction for developing post-quantum encryption based on math problems that are difficult for both conventional and quantum computers to solve.
Quantum computers use qubits, which can represent 0, 1, or a combination of both simultaneously, allowing them to process data much faster than traditional computers. This capability makes them a potential tool for mounting lethal cyberattacks if security layers are not prepared.
“In 2025, we’ll see the first tangible signs of quantum computing’s impact on cyber security,” predicts Paal Aaserudseter, sales engineer at Check Point, a cybersecurity firm.
Industries handling complex and sensitive data, such as banking, healthcare, and telecom, are at risk. Consumers too cannot rest easy in the face of this emerging threat. VPN companies are at the forefront of developing post-quantum encryption to counter these dangers and protect users’ data in the quantum computing era.
