The Quantum Attack Is Already Underway. You Just Can't See It.

There is a moment, usually late at night when you are scrolling through your bank statement or checking your retirement account, when you perform an act of faith without realizing it. You type your password, click submit, and trust that the string of numbers and letters traveling from your computer to some distant server remains invisible to everyone except the intended recipient. That trust rests on a mathematical foundation so widely adopted that it has become invisible: RSA encryption, the algorithm that has protected digital secrets since 1977. Its security depends on a simple fact about ordinary computers: multiplying two large prime numbers is easy, but factoring their product is extraordinarily hard. A 2048-bit RSA key would take a classical computer longer than the age of the universe to crack. That assumption, foundational to the entire digital economy, is now obsolete.

In early 2026, a research consortium in China published results that sent ripples through the global cryptography community. Using a quantum computer with 105 physical qubits, they successfully factored a 48-bit RSA integer—a small number by cryptographic standards, but large enough to demonstrate that the scaling laws are favorable. Two months later, a team at Google's Quantum AI lab announced they had simulated a simplified version of Shor's algorithm on their 105-qubit Willow chip, factoring a 36-bit number with error rates low enough to suggest that meaningful cryptographic attacks are now a matter of engineering, not physics. These are not yet the machines that will break your bank account. But they are the machines that prove the machines that will break your bank account are possible.

The mechanism behind this threat is Shor's algorithm, developed by mathematician Peter Shor in 1994, which transforms the factoring problem into one that quantum computers can solve exponentially faster than classical machines. A quantum computer with enough stable qubits could factor a 2048-bit RSA key in hours rather than billions of years. The National Institute of Standards and Technology estimates that such a machine will exist by 2030 at the laexamination, with some forecasts pushing that date to 2028. The clock is ticking, and the consequences of arriving late are catastrophic.

What makes this moment particularly urgent is the phenomenon cryptographers call "harvest now, decrypt later." State-sponsored actors are already intercepting and storing encrypted communications—financial transactions, diplomatic cables, military secrets—in the expectation that they will be able to decrypt them once quantum computers mature. Data that needs to remain secret for a decade is already vulnerable. If you make a trade today that your competitor will learn about in 2030, you have effectively lost the advantage now. The window for protecting secrets is closing, and much of the world's data is already in the hands of adversaries waiting to open it.

The response to this threat has been slow, fragmented, and politically charged. NIST has been running a competition since 2016 to select post-quantum cryptographic algorithms—mathematical systems that resist both classical and quantum attacks. In 2024, the institute finalized four standards, with another draft expected in early 2026. These algorithms replace the vulnerable mathematical problems with harder ones: lattice-based cryptography, for example, relies on the difficulty of finding short vectors in high-dimensional spaces, a problem that quantum computers cannot yet solve efficiently. The standards exist. The challenge is deploying them.

That deployment requires replacing every instance of public-key cryptography in existence. Every website using HTTPS, every email client using PGP, every VPN connection, every secure messaging app, every financial transaction—all rely on the same vulnerable mathematics. Migrating the world's digital infrastructure to post-quantum standards is a project comparable in scale to addressing Y2K, but without a fixed deadline and with consequences that are far more permanent. The US government has mandated that all federal agencies complete the transition by 2035. Private industry lags behind, uncertain which standards will prevail, reluctant to invest in migration before absolutely necessary.

China has invested tens of billions in quantum research and claims to have built the most powerful quantum computer in existence. The United States, through the National Quantum Initiative, is funding research and development, but coordination between government and industry remains uneven. Europe, through its Quantum Flagship program, is building sovereign capability. The race is not merely scientific; it is about who will control the means of decryption when the current locks fail.

The deeper question is what happens in the interim. The years between the first demonstration of a cryptographically relevant quantum computer and the complete migration of global infrastructure will be a period of profound vulnerability. Critical systems will remain protected by broken mathematics, their operators hoping that no one uses the new capability against them before they can upgrade. This is the logic of nuclear deterrence applied to cryptography: the knowledge that you possess the weapon deters its use, but only if the other side knows you possess it. Secrecy and signaling become paramount.

For the individual consumer, the threat is invisible until it materializes. Your bank account will not be emptied overnight by a quantum computer; financial institutions will migrate to post-quantum security well before the infrastructure that supports your balance becomes vulnerable. But the data you generate today—medical records, personal communications, location history—may be stored for decades and decrypted later. Privacy, in the quantum era, is not about protecting today's secrets from today's spies. It is about protecting today's secrets from tomorrow's spies, equipped with tomorrow's machines.

The encryption that dies will not scream or flash warning lights. It will simply stop working, silently, invisibly, all at once. The transition to post-quantum cryptography is underway, but it moves at the speed of bureaucracy and standards committees, while the technology accelerates at the speed of physics. The race between them will determine whether the day encryption dies arrives as a planned upgrade or as a sudden catastrophe. The lab results are clear. The clock is running. And the secrets you think are safe may already be spoken for.