The European Policy Center recently published a text calling on the European Union to take “coordinated measures against quantum cyberattacks.” In five to ten years, quantum computing will be able to break almost all of today’s encryption.
However, this future risk requires immediate action. “Cybercriminals and enemy States are rushing to gather sensitive encrypted data, which they are unable to read today, but will decipher once quantum computers are available,” explains Andrea G. Rodriguez, head analyst of the European Policy Center’s digital policy.
“These attacks, known as ‘harvest attacks’ or ‘download now-decrypt later’, are designed to collect data today to decipher it later, and already pose a threat to European security,” she added.
Moreover, according to the report, the European Union is lagging behind in this area. “The impact of quantum computing on cybersecurity and data protection in Europe has largely been ignored, despite being mentioned here and there in policy documents,” considers Andrea G. Rodriguez.
Conversely, the US National Cybersecurity Strategy, published this year by the United States, makes protection against quantum attacks a strategic priority. Washington thus aims to swiftly roll out post-quantum encryption, and replace vulnerable hardware, software and apps as soon as possible
According to Andrea G. Rodriguez, it is therefore “imperative for the European Union to set up a coordinated action plan in regard to the quantum transition, with clear goals and timelines, and to monitor the implementation of national data migration plans towards post-quantum encryption.”
“Europe can also benefit from the expertise of national cybersecurity agencies, specialists and the private sector by setting up a new group of experts within ENISA, where national specialists in post-quantum encryption can exchange good practice and foster migration plans,” the report also explains.