In Focus Resource Center > Insights

Why Your Business’s Cybersecurity Doesn’t Stand a Chance Against Quantum Hacking

February 26, 2025 - Imagine how long ago the pyramids at Giza were built — now double it. That is how long a standard computer would take to crack a securely encrypted message. In 2019, Google built a quantum supercomputer that could do it in just over three minutes.

Quantum computing leverages quantum particles to complete calculations exponentially more efficiently than the best classical processors today. The technology has applications for everything from developing more efficient batteries to creating cleaner fertilizers and pioneering new drugs.

Unfortunately, just as researchers can use quantum to make cutting-edge discoveries, bad actors can use it to hack into sensitive databases. The increased computing power that quantum provides will render many modern security practices meaningless. Your company’s most sensitive data will be at risk — and today’s encryption standards will not be able to protect it.

Organizations currently have a short window to act to protect themselves from these future threats. Once quantum computing arrives, there may be no turning back. In this article, we cover what you must know about quantum computing and the quantum hacking threat. In the next article in this series, we explain what you can do about it.

First, let’s take a look at what quantum computing is and what makes it so powerful.

What is Quantum Computing?

Traditional computing relies on ones and zeroes known as “bits,” which act like an on/off switch. These bits form the basis of everything computers do, from displaying text to storing files and sending and receiving information.

Instead of using binary bits, quantum computing uses quantum particles, known as quantum bits or “qubits.”

Quantum particles behave differently than matter in the physical world — quantum particles can hold a “superposition,” meaning that more than one quantum particle can be in the same place at the same time. Quantum particles also exert a drag on surrounding particles and grow “entangled,” so by measuring one, you learn about all.

That means computers running on qubits can calculate more, faster — like the power of compound interest applied to circuit boards. Every qubit can represent a zero, a one, both zero and one, and be superimposed onto one another.

According to researchers at IBM, “Two qubits can compute with four pieces of information, three can compute with eight, and four can compute with sixteen.” This means that quantum computers can compute many things simultaneously, instead of classical computers, which have to complete each step one by one.

Today, quantum computers must run at extremely cold temperatures so scientists can take accurate readings. This involves specialized hardware, which is only available in cutting-edge research labs today. But it will not stay that way forever. Most of us now hold computing power in our pockets, which, just decades ago, took up an entire room. As quantum technology develops, bad actors will eventually access it.

Why Quantum Hacking Will Upend Your Security Standards

Your company probably uses one of two encryption standards: RSA (an initialism of the three researchers who invented it) or elliptic-curve cryptography (ECC). Both rely on math equations that are relatively simple to perform but difficult to reverse-engineer, making them secure.

In essence, your company’s encryption presents hackers with a mathematical challenge that would take them 10,000 years to solve.

RSA relies on randomly selecting very large prime numbers that are hundreds or thousands of digits long and multiplying them to generate a public and private key. The security relies on the fact that while it is technically possible to factorize these very large prime numbers, the computing power required makes it impractical. ECC does something similar, but with adding two points on a curve.

Quantum computing can complete these challenges in three seconds. Finding the prime factors of a huge integer (as in RSA) or reverse-engineering two points on a curve (as in ECC) is trivial. Data that is securely encrypted by our current standards will be open and available in a matter of minutes.

The good news is the technology is not there yet. But it soon will be.

When Will Quantum Hacking Arrive?

It is difficult to pinpoint an exact timeline on when quantum hacking will pose a threat, but given the pace of development, we estimate that we have only years to prepare.

Chinese researchers have already found a way to break 80-bit RSA encryption using a hybrid quantum and classical computing architecture. This technology could easily be used to decrypt passwords or sensitive data — and it will not stay in the realm of research scientists for long if bad actors know they can leverage it for their own malicious purposes. This means companies must start working quantum cybersecurity into their strategic plans.

It is especially critical to address security gaps now since bad actors are even more incentivized to harvest vulnerable data now that quantum computing is on the horizon. Even if they cannot decrypt it yet, they know they will likely be able to decrypt it in the future when quantum computing resources are more widely available. This is called the “harvest now, decrypt later” approach. It is like stealing a locked safe, knowing that they will be able to figure out the code within the next few years.

So, what can you do now to ensure your company is not caught unawares? We will tackle that in the next issue in this series.

In the meantime, are you interested in discussing your business’s cybersecurity readiness? Reach out to our Cybersecurity Practice.

Related Insights

All Insights

Our specialists are here to help.

Get in touch with a specialist in your industry today. 

* Required

* I understand and agree to Citrin Cooperman’s Privacy Notice, which governs how Citrin Cooperman collects, uses, and shares my personal information. This includes my right to unsubscribe from marketing emails and further manage my Privacy Choices at any time. If you are a California Resident, please refer to our California Notice at Collection. If you have questions regarding our use of your personal data/information, please send an e-mail to privacy@citrincooperman.com.