Harvest Now Decrypt Later and What Experts Are Preparing For

In industries like healthcare, finance, and government, sensitive data is crucially protected. This data isn’t just valuable today, but its long-term future value is paramount. But what if that data, no matter how secure it seems now, could be at risk in the future? This is where ‘Harvest Now, Decrypt Later’ (HNDL) becomes a critical concern, especially with the rise of quantum computing.

HNDL refers to a technique where cybercriminals target and harvest sensitive, high-value data from sectors like healthcare, finance, and government, with the knowledge that today’s encryption methods may one day be vulnerable. Rather than decrypting the data immediately, they collect it now, confident that future advancements in quantum computing will eventually allow them to crack current encryption protocols. Quantum computers, with their ability to solve complex problems much faster than today’s classical computers, will eventually be able to break encryption algorithms like RSA and ECC that are considered secure today.

The National Institute of Standards and Technology (NIST) has long recognized the growing threat posed by quantum computing. Over the years, NIST has been working on developing new encryption standards to defend against this emerging threat, leading to a shift in how we think about protecting sensitive data. These efforts reflect the growing acknowledgment that data harvested today could have catastrophic consequences in the future if left unprotected.

Cybercriminals, much like any successful business, understand the importance of identifying lucrative opportunities. As with any business model, they focus on profitable ventures and HNDL is one of the most promising in the world of cybercrime. The idea is simple: gather highly sensitive data today, store it securely, and wait for technology to evolve. When quantum computing reaches its full potential, they will be ready to decrypt and exploit this stored data, reaping enormous rewards.

The industries most at risk from this strategy. Government, healthcare, and finance rely on highly sensitive data, and even a small breach could have devastating consequences. The stakes are high, and the implications of a successful HNDL attack could be catastrophic. With cybercriminals preparing for a future where quantum computers can easily break today’s encryption, it’s critical that we prioritize future-proof encryption methods now to safeguard the data we hold so dearly.

NIST’s ongoing work to create post-quantum cryptography standards is one step in the right direction, but it’s clear that securing data for the future requires a proactive and multifaceted approach. As quantum computing continues to advance, we must prepare for the threats that lie ahead, ensuring that our data remains protected for generations to come.

While we’ve highlighted a few of the most vulnerable industries (government, healthcare, finance), there are other sectors that will be affected by the rise of quantum computing and its impact on cybersecurity. Those sectors include Energy and Utilities, Aerospace and Defense, and Supply Chain.

HNDL is a great example of how large scale cyber organizations of today mirror profitable, future-oriented businesses. Much like a legitimate business, cybercriminal organizations engaging in HNDL need to carefully plan and structure their operations. They gather valuable resources (sensitive data), store them securely, and wait for technology to advance (quantum computing) before cashing in.

Just as a tech company might invest in R&D for long-term growth, HNDL operators invest in harvesting data today, betting on future advancements in quantum computing to increase the value of their “product.” Some might compare to how venture capitalists back start-ups, hoping that future technology or regulatory changes will drive their value up.