Recent reports of extensive, multi-year cyber espionage campaigns targeting British citizens and critical infrastructure have brought a new vulnerability into sharp focus. As detailed in recent media reports, including The Times, intelligence agencies like GCHQ are warning of an “unrestrained campaign of malicious cyber-activities,” potentially compromising the personal data of almost every UK citizen.
This unprecedented theft of data today could become a profound threat to tomorrow’s security landscape. The strategy behind this mass harvesting is known as “Harvest Now/Decrypt Later” (HNDL), and it brings into focus the timeline of the quantum age.
The Quantum Timeline
The HNDL strategy is based on the premise that while the vast majority of stolen data is protected by current, secure encryption standards, the rapid advancement of quantum computing will soon render those safeguards useless.
Current encryption relies on mathematical problems that are too difficult for conventional computers to solve in a reasonable timeframe. However, experts warn that the emergence of cryptographically relevant quantum computers, which leverage algorithms like Shor’s, could allow malicious actors to crack even the most secure forms of encryption within months, not years. This data could include anything from personal banking passwords and encrypted messaging to top-secret military communications.
Adversaries are collecting terabytes of information today, betting that future quantum decryption capabilities will grant them unfettered access to sensitive, competitive, and even compromising data that could be used for espionage, blackmail, or sabotage years down the line.
The NCSC has already identified complex state-sponsored cyberattacks, such as the ‘Salt Typhoon’ campaign, targeting vital sectors globally, underlining that this is an active, aggressive posture. For businesses, this means that data currently deemed secure might already be compromised and awaiting decryption.
Quantum Readiness
For every business that holds valuable or sensitive data there is a consideration growing in recognition – Quantum Readiness.
Being Quantum Ready means proactively transitioning your cryptographic systems before the quantum decryption threat becomes a reality. This is a significant undertaking that requires specialised expertise, sophisticated tooling, and a strategic roadmap.
- One of the first steps is to conduct a cryptographic inventory mapping every instance of cryptography within organisations and identifying algorithms, key lengths, and where encrypted data is stored.
- Not all data is equally sensitive so risk prioritisation is a must where businesses can assess their data’s shelf life versus the quantum timeline. Information that needs to remain secure for years, such as proprietary designs or long-term contracts, must be prioritised for migration.
- The global cybersecurity community, led by bodies like the US National Institute of Standards and Technology (NIST), is finalising standards for Post-Quantum Cryptography (PQC). Organisations must begin planning the integration of these new, quantum-resistant algorithms into their infrastructure.
Expertise and Innovation in Quantum Readiness
Quantum Readiness goes beyond simple software patches; it requires an informed shift in data security architecture. This transition must be managed by the well-informed staff, leveraging best-in-class software and tools.
At Mondas, we help businesses conduct thorough cryptographic discovery and develop comprehensive PQC migration strategies. The threat of HNDL demonstrates that waiting for the quantum computing era to arrive is a luxury no organisation can afford. The time to secure your data is now. Proactive preparation, guided by expert counsel, is the only authoritative defence against a threat that is already underway.
Get in touch today to talk through our approach to securing your business against the threat of quantum computing.
Published 21/10/2025
