Are you ready for Harvest Now, Decrypt Later (HNDL) attacks?

For years, data encryption was seen as a digital fortress. That assumption is now being shattered by the emergence of quantum computing.

“Harvest now, decrypt later” or HNDL attacks are becoming a major cybersecurity concern.

So, what exactly do they entail?

This tactic, also known as “store now, decrypt later” or “retrospective decryption,” involves cyber adversaries, from nation-states to advanced criminal organizations, amassing and storing encrypted data today to decrypt it later, when current encryption methods will be rendered obsolete by quantum computing.

Although the stolen data may remain unreadable for years, the approaching reality of quantum computing means that sensitive information, including personal records, financial transactions, and classified communications, could eventually be exposed. This prospect undermines the long-term security of data that individuals and organizations depend on today. As the timeline for practical quantum decryption shortens, comprehending and preparing for HNDL attacks has become a vital imperative for anyone invested in the future of data privacy and security.

Interested in our security guide for CISOs?

What staggering leaps in quantum computing mean for hackers

Quantum computing, an interdisciplinary field merging computer science and engineering, aims to unlock the potential of quantum technology. The core promise of quantum computing lies in its ability to process information in ways fundamentally different from classical computers. While traditional supercomputers rely on bits that represent information as either a 0 or a 1, quantum computers leverage “qubits.”

These qubits possess the extraordinary ability to exist in multiple states simultaneously, a phenomenon known as superposition, and to be interconnected in a complex manner called entanglement. These unique properties allow quantum computers to perform calculations and execute commands that are currently beyond the wildest imaginings of even the most powerful supercomputers.

Tech implications

In a potentially near future, the implications of this technological leap are staggering. Problems that would take conventional computers years, if not millennia, to solve could be tackled by powerful quantum computers in a matter of hours or even minutes. This accelerated problem-solving capability extends across a vast array of disciplines. As such, quantum computing holds the key to breaking current encryption standards, necessitating the development of new, quantum-resistant cryptographic algorithms.

Cybercriminals are currently employing a “harvest now, decrypt later” attack strategy, predicated on the hypothetical future capability of quantum computers to decrypt present-day technologies. This involves the theft and storage of data belonging to individuals, organizations, and nations, which then poses a future breach risk for the victims.

Four of quantum computing’s key advantages

Before going any further, it is important to note that quantum computing would not only be useful to bad actors.

It is a hugely positive force for technology.

Here is a non-exhaustive breakdown of some positive benefits of quantum computing.

• Achieving faster problem solving: Unlike traditional computers that process data in a sequential manner, quantum computers can leverage unique properties like superposition and entanglement to perform an exponentially large number of computations simultaneously for certain problems. This allows them to find solutions much faster for specific tasks, such as searching through large, unstructured databases.
• Accelerating drug and material discovery: Quantum computing has the power to speed up the development of new drugs and enhance manufacturing processes within the chemical industry. This also includes the potential to invent room-temperature superconductors, which could eliminate power loss during electricity transmission, making energy use far more efficient.
• Addressing environmental challenges: Quantum computing could play a role in green transition efforts, such as desalinating seawater and even removing carbon dioxide from the atmosphere to help combat climate change.
• Boosting artificial intelligence and data analysis: These powerful computers can greatly improve the processing of vast amounts of data from various sources, including sensors, medical records, and stock market information. They can also enhance capabilities in image and speech recognition and enable real-time language translation.

How can we break down a HNDL attack?

Now, despite the endless benefits that come from the development of quantum computing, we cannot dismiss the fact that it will also be a fertile ground for more sophisticated cyber attacks, including HNDL.

So, what would this look like?

The idea of an HNDL attack is essentially to collect encrypted, unreadable data now, in the assumption that quantum computers will be able to decipher it in the near future. The concept of HNDL relies on three main steps.

1. Harvest now: The first step of an HNDL attack would be to get hold of the encrypted data. Both network-transferred and device-stored data are appealing targets for hackers. This can be a wide range of content, including credentials, confidential emails, corporate secrets or even military messages. The main goal here is not to decipher the data in question, but rather to gather as much information as possible and save it for later.
   
2. Wait: As previously mentioned, current technology in terms of quantum computing does not allow us to decipher today’s encrypted information. Malicious actors cannot therefore use the encrypted information they harvested. The information is currently archived, until it becomes possible to use.
   
3. Decrypt later: It is estimated that, within the next five to ten years, quantum computing will be mature enough to allow users to decipher encrypted data. Attackers can then use the information they archived and gain access to possibly sensitive information.

What kind of data is prioritized in an attack?

Attackers prioritize data with lasting value, such as government communications, financial records, intellectual property, personal data, and business data, to exploit it once quantum decryption is viable.

Although it is not currently possible to bypass cryptographic methods, based on the breakthrough of asymmetric cryptography in the mid-1970s such as RSA and ECC, they will eventually become obsolete. This fact is widely acknowledged by both the private sector and governmental institutions. Google CEO Sundar Pichai stated that “in a five to ten year frame, quantum computing will break encryption as we know it today.”

The National Security Agency also mentioned in a Bericht that “a sufficiently large quantum computer, if built, would be capable of undermining all widely-deployed public key algorithms.”

What are the associated risks with HNDL attacks?

As we can see, although not immediate, the development of quantum computing poses substantial and interconnected risks related to HNDL attacks.

The primary risk is that encrypted data, once considered secure, will become vulnerable. This directly leads to highly sensitive information falling into the wrong hands, threatening various sectors from national security to personal privacy. Let’s take a look at these associated risks, beside the obvious exposure of highly sensitive information.

Compromise of current cryptography: Asymmetric cryptography, which is widely used for secure communications like secure websites (HTTPS), secure email (PGP and S/MIME), digital signatures, and Public Key Infrastructure (PKI), is particularly at risk. Quantum algorithms, specifically Shor’s algorithm, can efficiently solve the complex mathematical problems that underpin the security of these schemes, causing them to collapse entirely. This means the foundational protection for much sensitive information today will become vulnerable in the future.

Vulnerability from insufficient entropy: Encryption heavily relies on cryptographic keys generated from highly complex sequences of random numbers, known as entropy. Current methods for generating this entropy appear to not be resilient to quantum hacking. Indeed, these methods can produce slightly predictable patterns, making keys only statistically random rather than truly random. This issue is exacerbated in virtual environments where randomness generation can slow dramatically under machine loads. Attacks can specifically target encrypted data with substandard entropy making it easier to decrypt later.

Facilitation of new criminal activities: The development of quantum computing will pave the way for new types of ransom demands. It could also enable or intensify other criminal activities like social engineering and phishing, by making account credentials and personal information readily available to criminals. Once quantum computers mature, malicious actors might even leverage “quantum-as-a-service” solutions for decryption through cloud-based platforms.

What are the clearcut mitigation strategies you need to know?

In light of these risks and the escalating threat of quantum attacks, you need to familiarize yourself

• Adopt post-quantum cryptography: Transition from classic encryption methods to post-quantum cryptography (PQC) becomes vital. PQC is supposedly the main defence against quantum attacks. According to the National Institute of Standards and Technology (NIST), post-quantum cryptography’s methods must be founded on mathematical problems which both traditional and quantum computers are unable to solve. To lead the efforts towards adopting these algorithms, in 2024 the NIST developed technical standards to follow for PQC. As the practical application of Post-Quantum Cryptography remains unclear, organizations must consistently enhance their encryption techniques to safeguard their sensitive data.
• Data minimisation: Limiting the impact of future breaches begins now. The objective is to restrict the collection and storage of data to only what is necessary.
• Adopt crypto-agility: With the rapid evolution of quantum computing, companies must design flexible systems that can efficiently update their encryption to keep pace with new technologies.
• Threat monitoring and detection: HNDL hinges on two critical pillars: early detection and sustained exploitation. Therefore, robust early detection mechanisms are paramount to an organization’s defense. Effective monitoring and detection tools, capable of analyzing network traffic, encrypted communications, and data access patterns, could offer a viable solution against this evolving threat.

Einpacken

Although not yet operational at scale, the development of quantum computing and the risks it entails is inevitable. While the widespread adoption of quantum computers promises advancements across various fields, including science, technology, and environmental protection, it also creates new opportunities for malicious activity.

The concept of HNDL exemplifies the security risks tied to these emerging technologies. It is therefore essential for companies and institutions to prepare for this transition by educating themselves on quantum threats and implementing appropriate mitigation strategies.

CybelAngel’s Credential Intelligence helps organizations proactively detect and respond to infostealers and malware threats across exposed digital assets, which could potentially be exploited by malicious actors to harvest encrypted data in a HNDL attack.