Quantum Computing Threats Prompt Urgent Shift to Post-Quantum Cryptography
Cybersecurity leaders are raising alarms about the accelerating timeline for quantum computing to break current public encryption methods, a milestone known as Q-Day. Experts warn that Q-Day could arrive as soon as 2030, threatening to undermine the core trust mechanisms of the internet, including HTTPS, digital certificates, and public-key infrastructure. In response, governments and industries are developing plans to transition to post-quantum cryptography (PQC), but concerns remain that critical sectors such as banking, healthcare, and government may not be fully prepared in time.
One of the earliest operational changes in anticipation of quantum threats is the reduction of SSL/TLS certificate lifespans to 47 days. This move, aligned with evolving browser requirements and NIST guidance, is designed to improve crypto agility and security hygiene, helping organizations adapt to a future where static cryptography is no longer viable. Security executives emphasize the need for urgent action, drawing parallels to the unpreparedness seen during the rapid adoption of AI, and stress that building operational readiness for PQC is now a strategic imperative for digital trust and business continuity.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
7 events from the most recent confirmed update back to the earliest known activity.
Security leaders warn Q-Day could arrive as early as 2030
Cybersecurity experts warned that 'Q-Day'—when quantum computers can break widely used public-key cryptography—could arrive within the next decade, with some estimates as early as 2030, increasing urgency around migration planning.
IBM targets 2029 for a large-scale fault-tolerant quantum system
IBM publicly set a goal of delivering a large-scale fault-tolerant quantum computer by 2029, underscoring industry expectations that practical quantum capabilities are advancing on a defined timeline.
Go cryptography maintainer urges readiness for quantum threat by 2029
Filippo Valsorda, maintainer of Go's cryptography library, warned that organizations should prepare for encryption-breaking quantum computers by 2029 rather than 2035 and argued new non-post-quantum deployments no longer make sense. He framed post-quantum migration as an urgent ecosystem-wide security priority affecting certificates, SSH, code signing, DNS, email, blockchain, IoT, and trusted execution environments.
New papers suggest lower threshold for breaking encryption with quantum computers
Two papers, including one from Google, reported that the quantum computing threshold needed to break the mathematical problems underlying modern encryption may be lower than previously assumed. The findings intensified warnings that Q-Day could arrive sooner and added urgency to post-quantum migration planning.
Industry prepares for shorter 47-day SSL/TLS certificate lifecycles
By November 2025, security and IT leaders were preparing for 47-day SSL/TLS certificates as an operational step toward greater crypto agility and quantum readiness in internet trust infrastructure.
NIST standardizes initial post-quantum cryptography algorithms
NIST standardized an initial set of post-quantum cryptography algorithms, including CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON, and SPHINCS+, marking a major step toward quantum-resistant encryption and signatures.
UN and UNESCO designate 2025 as International Year of Quantum Science
The UN and UNESCO designated 2025 as the International Year of Quantum Science and Technology, signaling growing global policy and public focus on quantum computing and its security implications.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
6 references tracked. Mallory keeps watching after this page renders.
The race to become quantum-safe | IT Pro
itpro.com
Open sourceGo maintainer joins collective klaxon about encryption-breaking quantum computers - developer urges immediate switch to post-quantum methods to prevent worldwide disaster | Tom's Hardware
tomshardware.com
Open sourceWe urgently need to prepare for quantum computers breaking encryption | New Scientist
newscientist.com
Open source47-day SSL/TLS certificates are coming: A CIO’s first step toward quantum readiness
cio.com
Open sourceThe Countdown to Q-Day
bankinfosecurity.com
Open sourceThe Countdown to Q-Day
govinfosecurity.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Post-Quantum Cryptography Migration and Its Impact on Security Infrastructure
Security experts are intensifying efforts to develop and implement post-quantum cryptography (PQC) in anticipation of the eventual arrival of quantum computers capable of breaking current encryption algorithms, a milestone referred to as "Q-Day." The transition to PQC is recognized as a complex, multi-year process that requires not only new cryptographic algorithms but also significant changes to cybersecurity infrastructure, including the adoption of hybrid solutions and the integration of PQC into zero-trust architectures. High-security sectors are particularly urged to begin migration early to mitigate the risk of "harvest now, decrypt later" attacks, where adversaries collect encrypted data now to decrypt once quantum capabilities are available. Industry analysts highlight that the migration to post-quantum encryption presents unique challenges compared to previous cryptographic upgrades, as it involves extensive updates to hardware, software, and system architectures. While some areas, such as blockchain, are not immediately threatened by quantum computing, the scale and complexity of the migration require coordinated efforts across security, product management, and IT operations. Experts emphasize the need for proactive planning and the adoption of best practices to ensure a smooth transition before quantum computers become a practical threat to digital security.
May 5, 2026
Growing Concern Over Quantum Computing Threats to Cryptography and Post-Quantum Migration
Concerns about **quantum computing** undermining today’s cryptography are influencing both market behavior and policy planning. A Jefferies strategist reportedly removed a 10% **Bitcoin** allocation from a model portfolio, citing the risk that future quantum advances could eventually compromise cryptographic protections underpinning cryptocurrencies (e.g., long-term concerns around breaking schemes associated with Bitcoin’s security model, which relies on `SHA-256` hashing and public-key cryptography for ownership control). The decision reflects broader investor anxiety that a surprise cryptographic break could rapidly erode confidence and value across crypto markets. In parallel, the **G7 Cyber Expert Group** published a roadmap calling for the financial sector to complete **post-quantum cryptography (PQC)** implementation by **2034**, emphasizing early-stage quantum risk awareness, sensitive data and critical system mapping, and building detailed inventories that include third-party dependencies. The roadmap recommends beginning migration activities in the 2026–2029 window, progressing to quantum-resistant solutions through 2034, and prioritizing **cryptographic agility** so organizations can adapt as standards and threats evolve. Separate reporting on a **58% increase in ransomware victims in 2025** describes a fragmented ransomware ecosystem and sector targeting trends, but it is not directly tied to quantum-driven cryptographic risk or PQC migration planning.
Apr 14, 2026
Enterprise Readiness for Post-Quantum Cryptography
Security leaders are increasingly concerned about the impact of quantum computing on existing cryptographic systems, as quantum-inspired algorithms and quantum-ready software begin to appear in enterprise and defense environments. While most organizations are not yet running quantum computers, quantum software is being integrated into mission-critical workflows, often without security teams' full awareness. This integration poses new challenges for visibility, validation, and compliance, requiring CISOs and security operations teams to adapt their approaches to risk management and technology vetting. Despite growing awareness of the quantum threat, a recent survey by the Trusted Computing Group (TCG) reveals that 91% of businesses lack a formal roadmap for migrating to quantum-safe algorithms. Although many security professionals express confidence in their understanding of quantum risks, actual technical preparation remains limited, with most organizations' cryptographic libraries and hardware security modules not yet ready for post-quantum standards. The gap between perceived readiness and actual progress suggests that enterprises may be underestimating the complexity and timeline required to achieve true post-quantum security.
Mar 21, 2026