Harvest Now, Decrypt Later: The Hidden Quantum Threat

There's a security threat happening right now that most organizations don't realize: adversaries are collecting encrypted data today, planning to decrypt it with future quantum computers. This "harvest now, decrypt later" (HNDL) attack is perhaps the most immediate quantum computing risk facing organizations.

How HNDL Attacks Work

The attack is conceptually simple:

• Attackers intercept and store encrypted communications today
• They wait until quantum computers can break the encryption
• They decrypt the stored data, accessing sensitive information

This requires patience but minimal technical sophistication today. Nation-states with vast storage capacity are the primary actors, but organized crime and corporate espionage shouldn't be discounted.

Who's at Risk?

Any organization with data that retains value over time faces HNDL risk:

Ask yourself: would this data be valuable to an adversary in 10 years? If yes, HNDL is a concern.

Evidence of Active Harvesting

While difficult to prove definitively, multiple indicators suggest HNDL attacks are already occurring:

• Intelligence agencies have acknowledged the threat publicly
• Unexplained increases in encrypted traffic interception at certain network points
• Nation-state actors investing heavily in both quantum computing and data storage
• Underground markets for bulk encrypted data collections

The NSA has explicitly warned about this threat and is requiring post-quantum cryptography for national security systems.

The Math of Data Longevity

Consider a simple formula: if your data has value for X years and quantum computers can break encryption in Y years, and X > Y, your data is at risk.

With conservative estimates of 10-15 years to cryptographically relevant quantum computers, any data with 10+ years of sensitivity should be protected with post-quantum cryptography today.

Mitigation Strategies

Protecting against HNDL requires a multi-faceted approach:

• Implement PQC now: Use quantum-resistant algorithms for new communications
• Forward secrecy: Ensure session keys can't be derived from long-term keys
• Data minimization: Don't retain data longer than necessary
• Network security: Reduce interception opportunities
• Hybrid encryption: Combine classical and post-quantum for defense in depth

Implementation Priority

Focus your post-quantum migration on the highest-risk data first:

• Data in transit over public networks
• Long-term stored secrets and keys
• Communications with extended confidentiality requirements
• Data subject to regulatory retention requirements

HNDL attacks represent a clear and present danger that requires action today, not when quantum computers arrive. The data being harvested now cannot be retroactively protected—only data encrypted with quantum-resistant algorithms going forward is safe.