The quantum security triple threat: Are you prepared for Q-Day?

Remember Y2K? Widespread concerns about computer systems that gripped industries worldwide back in the 90s. Unlike those largely unfounded fears, Q-Day represents a real threat where quantum computers can break current encryption.

This day could bring serious cybersecurity challenges, making current encryption methods ineffective and putting sensitive data at risk. Research being presented at the Australian Cyber Conference 2025 by Unisys identifies three converging threats requiring immediate attention: quantum adversaries, weaponized AI, and insufficient post-quantum cryptography (PQC) preparedness. Understanding these challenges helps organizations prepare for quantum computing's impact on security.

What is Q-Day?

Q-Day represents the moment when quantum computers become powerful enough to break existing encryption systems. Current encryption relies on mathematical problems that classical computers can't solve. Algorithms like RSA and ECC assume that problems like factoring large prime numbers are impossible to solve quickly. Quantum computers threaten this assumption. With algorithms like Shor's, quantum systems could solve these encryption challenges in seconds, making traditional encryption useless.

Industry predictions show that most experts foresee Q-Day to occur by 2030. Organizations like the Global Risk Institute, Google, RAND Corporation, and NIST have all published timelines pointing to this critical window. This consensus creates urgency around quantum readiness preparations.

The first threat: Quantum adversaries

Quantum adversaries can exploit quantum computing to undermine security systems, especially the encryption that protects modern cybersecurity. These adversaries include criminal groups funded by illegal activities and state-sponsored actors with access to quantum research and resources.

Wealthy criminal organizations have the money to invest in quantum technologies, hire top talent, and fund secret research. They may buy or steal quantum hardware, software, and algorithms, or break into research institutions to steal technology.

Criminal syndicates could use quantum encryption to conceal operations, while state-sponsored groups like North Korea's Lazarus Group may expand their cyber capabilities into the quantum realm. Ransomware gangs could leverage quantum technology to create unbreakable encryption, escalating challenges for global cybersecurity defenses.

While no confirmed quantum-based cyberattacks have been reported yet, security experts have flagged the rapid development of quantum technology as a ticking clock for current encryption methods. Agencies worldwide are racing to adopt post-quantum cryptography to stay ahead of potential threats.

The second threat: Weaponized AI

Combining artificial intelligence with quantum computing brings exciting possibilities and serious risks. Quantum computing can process huge amounts of data and perform complex calculations much faster than traditional computers, making AI systems capable of highly sophisticated cyberattacks.

This combination creates several concerning scenarios:

• Adaptive cyber attacks: AI-driven quantum computers can breach encrypted communications, uncover hidden network vulnerabilities, and deploy malware that adapts to defenses instantly.
• Critical infrastructure disruption: Quantum-enhanced AI can disrupt essential services like power grids, water supplies, and transportation systems, leading to widespread chaos.
• Financial system attacks: These systems can manipulate stock prices, break into banking systems, and execute fraudulent transactions quickly and secretly.
• Autonomous weapons: The combination could create weapons capable of making independent decisions, potentially targeting and executing operations beyond human control.

Harvest Now, Decrypt Later (HNDL) attacks show this threat in action. These strategies involve collecting encrypted information today to decrypt it when quantum capabilities become available. Combining AI and quantum computing strengthens these attacks by enabling advanced encryption-breaking capabilities, real-time data analysis, and automated decision-making.

The third threat: PQC preparedness gaps

Despite major technological advances and the growing threat from quantum computing, organizations remain poorly prepared to defend against quantum-based cyber threats. Adopting post-quantum cryptography is urgent, as traditional encryption methods risk becoming useless against quantum processing power.

Current preparedness reveals concerning gaps:

• Transition timeline challenges: Organizations face serious delays in adopting quantum-resistant technologies. Starting the PQC application modernization process could take about 16-18 weeks, according to our estimates at Unisys. After this, updating individual applications may require another 2-3 months.
• Vulnerability during transition: During this extended timeline, systems remain vulnerable to HNDL attacks, making quantum-resistant measures even more urgent.
• Limited commercial availability: Despite major advances in quantum computing, readily available PQC solutions remain scarce, creating additional implementation challenges.

These preparedness gaps underscore a critical reality. "Q-Day may feel distant, but in cybersecurity terms, it's right around the corner," says Eva Nagyfejeo, Unisys senior security consultant, EMEA. “The combination of quantum computing and AI-driven threats could overwhelm unprepared systems, especially in critical infrastructure. Starting the transition now to post-quantum cryptography is essential to building future-proof resilience.”

Global responses and timelines

Organizations worldwide are taking proactive steps to prepare for the quantum era:

• United States: NIST standardized post-quantum cryptographic algorithms in 2024, establishing a foundational safeguard for organizations to adopt quantum-resistant methods.
• European Union: All EU members are expected to have defined and launched their national post-quantum strategies by the end of 2025.
• United Kingdom: NCSC has set its sights on transitioning to PQC by 2035, with activity to identify cryptographic services needing upgrades to be completed by 2028.
• Australia: ACSC is collaborating with industry leaders to define quantum-safe standards by 2026.

These efforts show global recognition of the need to secure data and systems against potential quantum threats.

Building quantum readiness: A seven-step approach

Organizations can prepare for the quantum security challenge through a structured approach:

1. Socialization and strategies: Ensure alignment with regulatory cybersecurity guidelines and recalibrate organizational goals. Leadership teams, IT managers, and cybersecurity teams must work together immediately to establish quantum awareness.
2. Establish partnerships: Collaborate with specialized institutions to advance cybersecurity. These partnerships provide access to cutting-edge research and quantum-safe innovations.
3. PQC workshops: Develop a comprehensive understanding of risks posed by quantum computing through targeted education and training programs.
4. Cryptography posture assessment: Assess crown jewels and key stakeholders to understand current vulnerabilities and prioritize protection efforts.
5. Finalize PQC strategy: Ensure long-term security planning addresses quantum-era requirements with clear milestones and measurable outcomes.
6. Modernize applications: Leverage insights from technology leaders and research institutions to modernize applications with quantum-resistant capabilities.
7. Continuous assessment and monitoring: Review strategy periodically, assess options, monitor the environment, and modernize where possible to maintain quantum readiness.

The path forward

The convergence of quantum adversaries, weaponized AI, and inadequate PQC preparedness creates a serious challenge for organizations worldwide. However, this challenge also presents opportunities for those who act decisively.

Organizations that invest in quantum readiness now—through research partnerships, pilot projects, strategic skills development—can benefit from quantum advantages while protecting against quantum threats.

The digital environment is evolving quickly, and the window of opportunity to safeguard assets against quantum threats is closing fast. Success belongs to organizations that recognize quantum computing's dual nature: both a robust capability and a serious security challenge.

Time is of the essence. Organizations must develop resilient quantum strategies, secure data, and prepare for a quantum-enhanced future. At Unisys, we've already begun addressing these challenges through our post-quantum cryptography capabilities and quantum optimization research. Our work demonstrates how organizations can prepare for the quantum era while leveraging quantum technologies for competitive advantage.

Ready to assess your organization's quantum readiness?

Head over to www.unisys.com/pqc to discuss your specific challenges and develop a tailored approach to quantum-safe security.

This analysis draws insights from research by Unisys’ Syed Gilani and Thomas Jacob, to be presented in October at the Australian Cyber Conference 2025, exploring the intersection of quantum computing, artificial intelligence, and cybersecurity preparedness.