Criminals got there first.
A ransomware gang called Kyber has been confirmed to use post-quantum cryptography to encrypt victims’ files. That’s not a drill, and it’s not theoretical. It’s the first confirmed case of a criminal operation adopting quantum-safe encryption — and it happened before most enterprise security teams have even finished reading the memos about why they should care about quantum threats.
As someone who spends most of my time reviewing AI tools and agents for this site, I’ll be honest: I wasn’t expecting to write about ransomware today. But this story cuts right to the heart of something I keep seeing in the AI and security tool space — a massive gap between what vendors are selling and what threat actors are actually doing.
What Kyber Actually Did
The ransomware family, which shares its name with the CRYSTALS-Kyber algorithm (a post-quantum key encapsulation mechanism standardized by NIST), uses quantum-proof encryption to scramble files. The practical implication is straightforward and ugly: even if a victim or law enforcement managed to capture the encrypted data, a future quantum computer couldn’t be used to crack it and recover files. The encryption is designed to hold up against both classical and quantum attacks.
This is the first time a confirmed ransomware operation has done this. Not a proof-of-concept. Not a researcher’s demo. An actual criminal group, deploying it against real targets.
The Security Industry Has Been Sleeping
Forrester predicted that quantum security spending would exceed 5% of total IT security budgets by 2026. That sounds like progress until you realize a ransomware crew beat the entire industry to deployment. The vendors selling “quantum-ready” roadmaps and the enterprises nodding along in boardroom presentations are now, technically, behind a criminal gang in terms of real-world implementation.
That’s not a comfortable sentence to type. But it’s accurate.
The AI security tool space — which I review constantly — is full of products promising to detect, prevent, and respond to threats faster than any human team could. Many of them are genuinely useful. Some are solid. A few are outright snake oil. But almost none of them are built with post-quantum threat models in mind. They’re optimized for today’s attacks, which is fine, until today’s attacks start using tomorrow’s encryption.
Why This Matters More Than the Usual “New Threat” Story
Every week there’s a new ransomware variant, a new attack vector, a new group with a dramatic name. Most of them are variations on the same playbook. Kyber is different because it signals a shift in attacker sophistication that has a specific, concrete consequence: decryption may become permanently impossible.
With classical ransomware, there’s always a chance. Law enforcement takes down a server, grabs keys, releases a decryptor. Researchers find implementation flaws. Victims get lucky. With quantum-safe encryption implemented correctly, that window closes. If the keys are gone, the files are gone. No future breakthrough in computing helps you.
That changes the calculus for every organization that has been quietly banking on “we’ll deal with quantum threats later.”
What Security Teams Should Actually Do Right Now
- Audit which of your current security vendors have post-quantum migration plans and ask for specifics, not slide decks.
- Check whether your backup strategy is genuinely air-gapped and immutable — quantum-safe encryption doesn’t change the value of a clean offline backup.
- Push your endpoint and detection vendors on whether their tools can flag unusual cryptographic behavior at the file system level, regardless of the algorithm used.
- Start treating NIST’s post-quantum standards as a present-day requirement, not a future consideration.
The Honest Takeaway
I review tools for a living. I’m skeptical of hype by default. But this story doesn’t need hype — the facts are alarming enough on their own. A criminal group has operationalized post-quantum cryptography before most of the security industry has finished debating whether to prioritize it.
The urgency of quantum security advancements isn’t a vendor talking point anymore. It’s a confirmed, documented reality sitting in incident response reports right now.
If your security stack isn’t thinking about this yet, it’s already behind. Not theoretically. Demonstrably.
🕒 Published:
Related Articles
- Forbes Named 50 AI Companies Worth Watching — So I Read Between the Lines
- Walter Writes AI Detector : Dévoiler le texte généré par l’IA
- Pare de fingir que sabe quais ferramentas de agentes de IA realmente funcionam.
- SK Hynix möchte Ihr Geld, um eine Krise zu beheben, die sie mit verursacht haben