Europol has recently issued a warning to Europe’s financial services sector, urging it to begin preparing for the transition to quantum-safe cryptography. The threat of “store now decrypt later” (SNDL) attacks is becoming more pressing, as quantum computers, once they become capable, will have the ability to break public key cryptography. Although quantum computers are still believed to be at least a decade away, SNDL attacks could shorten this timeline by enabling attackers to steal sensitive data now with the intent to decrypt it later when quantum capabilities are available.
At the Quantum Safe Financial Forum (QSFF) event, Europol emphasized that financial institutions must prioritize transitioning to quantum-safe cryptography as a critical step to secure global financial transactions, digital contracts, and authentication processes. The rise of cryptographically relevant quantum computers (CRQCs), potentially accelerated by increased funding and scientific breakthroughs.
Further underscores the urgency for the sector to act before these advanced systems become a threat to current cryptographic protocols.
Europol’s Call to Action outlined five recommendations aimed at ensuring the financial services sector is prepared for the quantum future. These include the prioritization of quantum-safe cryptography transitions, improved coordination between stakeholders, and the establishment of a voluntary framework for regulators and private sectors to drive quantum-safe initiatives. Additionally, Europol stressed the importance of developing a forward-looking framework for cryptography management and enhancing cross-border collaboration and knowledge sharing between public and private sectors.
In response to the growing concerns, some institutions have already begun planning for the inevitable shift to quantum-safe encryption, with the US National Institute of Standards & Technology (NIST) releasing its first set of post-quantum cryptography standards. The UK’s banking industry has similarly recognized the threat from CRQCs, urging the government to take action to ensure quantum safety. As the transition progresses, organizations are advised to run new encryption standards alongside traditional ones to facilitate a smoother shift to quantum-resistant cryptography.
