Why the internet may need its biggest security upgrade in history

As quantum technology advances rapidly, governments and technology companies are preparing for a future where today’s internet security may no longer be enough. This could require costly upgrades, or even replacement, of much of today’s digital infrastructure.

Growing fear of “harvest now, decrypt later” attacks

Encryption is used everywhere across the internet, including online banking, e-commerce, websites, cloud services, and digital communications. Its purpose is to protect private information and ensure that only authorised people can access it, typically in combination with usernames, passwords, and verification codes.

Encryption also helps maintain data integrity, meaning information sent through the internet has not been altered or compromised during transmission. This protection is achieved by scrambling information into unreadable code that can only be unlocked with the correct digital key.

Most people assume their encrypted data is safe forever once it is protected online. But what if the same information could one day be unlocked by future quantum computers?

Hackers can collect encrypted and sensitive data today and store it for future use when quantum computers become powerful enough to decrypt it. This is known as a “harvest now, decrypt later” attack. If stolen files, emails, financial records, or cloud data become readable in the future, the consequences could be enormous.

A recent whitepaper by Google suggests that quantum computers may be able to break some cryptographic protections earlier than previously expected. The findings highlighted potential future risks to technologies such as cryptocurrencies, including Bitcoin and Ethereum, which depend heavily on encryption to secure digital wallets and transactions.

Just imagine the impact if people suddenly believed their crypto wallets were no longer safe. Confidence in digital assets could collapse, triggering panic across global markets. While this scenario is not immediate, research highlights a much broader concern: future quantum threats may eventually affect banking systems, cloud platforms, digital identities, and many parts of the modern internet.

Preparing for the quantum transition

Governments and major technology companies are already starting to prepare for the move to “post-quantum” security technologies. In the United States, the National Institute of Standards and Technology has introduced new encryption standards designed to resist future quantum attacks. Companies such as Google, Microsoft, and Apple are also testing quantum-resistant technologies across browsers, cloud services, and communications systems.

Moving to post-quantum cyber security may become one of the largest technology upgrades the internet has ever seen since Y2K. Governments, banks, hospitals, cloud providers, and telecommunications companies around the world may eventually need to update or replace much of the security infrastructure currently protecting their networks and data.

This is a lot more complicated than installing a software update. Many organisations may need to redesign systems, replace hardware, modify applications, and test whether new quantum-safe technologies work properly across massive digital infrastructures.

A 2024 White House report estimated that US federal agencies alone could spend around US$7.1 billion preparing for post-quantum cryptography migration between 2025 and 2035, showing how large and expensive this transition could become globally.

For many organisations, the challenge is not only cost, but also time. Large infrastructure upgrades often take years to complete, especially when national security, banking systems, and critical services are involved.

What this means for Vietnam

For Vietnam, where digital government services, online banking, e-commerce, and national data platforms continue expanding rapidly, this issue is becoming increasingly important. If future quantum computers can weaken today’s encryption methods, the country may eventually face massive costs upgrading critical infrastructure later under pressure. Preparing earlier could reduce long-term risks and costs.

Vietnam has already started taking some early steps. Vietnamese cyber security company VinCSS late last year launched the “Zero Trust Quantum-Ready Network Access Platform” designed with post-quantum cryptography protections. The platform combines zero trust security, passwordless authentication, and quantum-resistant encryption technologies aimed at protecting sensitive data against future “harvest now, decrypt later” attacks.

Vietnam has also launched VNQuantum, a national quantum technology expert network supported by government initiatives to strengthen research and innovation in quantum technologies and cyber security. The program reflects growing awareness that quantum computing is no longer only a scientific issue, but also a future economic and national security issue.

These developments are still at an early stage, but they show Vietnam is beginning to recognise that cyber security in the quantum era may become one of the next major technology transitions affecting governments, businesses, and ordinary internet users alike.

The quantum era may still be developing, but the race to secure today’s internet for tomorrow must accelerate.

Story:  Dr James Kang, Senior Lecturer in Computer Science, RMIT University Vietnam

-----

Masthead image: AA+W - stock.adobe.com