English
The codes used to secure diplomatic, military, financial and personal communications could be quickly broken by quantum computers, participants at the Kaspersky Horizons conference, which took place in Madrid from June 30 to July 2, 2025.
They showed that as classical computers approach their physical limits, their evolution slows down, affecting areas that depend on complex calculations. In parallel, quantum technology promises to solve certain problems much faster than traditional systems. Even though, at present, the practical use of quantum computers is limited to experimental applications, experts estimate that, in the next decade, we will witness the emergence of fully functional and stable quantum systems, which will bring not only technological advances, but also unprecedented risks to global cybersecurity.
According to a report prepared and presented last year by Deloitte, 83% of organizations worldwide are already analyzing the potential impact of quantum computing and implementing protective measures, which reflects a growing level of awareness and initiative in the private sector. The main reason for concern is the ability of quantum computers to compromise current encryption methods, as these systems could break codes widely used in securing diplomatic, military, financial or personal communications. Even if the technology is still inaccessible to ordinary cybercriminals, the threat is real with regard to advanced APT groups and state actors.
Faced with these prospects, security experts emphasize that public institutions and companies must now adopt hybrid strategies that allow for the testing and gradual implementation of solutions ready for the quantum era.
Pilar Troncoso, Chief Relations Officer at Qcentroid, said: "While quantum hardware does not yet provide a direct computational advantage in all use cases, the direction is clear. By adopting hybrid frameworks today, public institutions and companies can explore, test, track and evaluate solutions ready for the quantum era, gaining real traction as quantum technology continues to evolve and mature. Current tools already offer traceability, simulation and complex decision-making. Thus, quantum technology must be part of the roadmap for corporations and institutions across all industries. Preparing for adoption is not optional: competitiveness is at stake, industry leadership may be lost, and cyber risks will increase for those who fall behind.”
One of the most insidious tactics already encountered is that of collecting encrypted data today, with the aim of decrypting it in the future, when quantum capabilities allow. This phenomenon, known as "store now, decrypt later,” could compromise sensitive information even years after it was collected and transmitted. The seriousness of this threat has been recognized by 18 European Union member states, which have urged public institutions and companies to prioritize the transition to post-quantum cryptography.
At the same time, blockchain technologies, until now considered extremely secure, are facing a new vulnerability. The digital signature algorithms used by cryptocurrencies such as Bitcoin or Ethereum could be successfully attacked by quantum computers, which would allow forgery of signatures, compromise of crypto wallets and modification of transaction histories, thus undermining trust in decentralized networks.
Another worrying direction is the possibility that ransomware developers will also adopt post-quantum cryptography to protect their own creations. This type of "quantum-resistant” ransomware could make it impossible to recover locked data without paying a ransom, even with the most advanced classical or quantum technologies. For now, quantum computers cannot decrypt files locked by current ransomware, and data protection continues to depend on traditional solutions, international collaboration, and support from researchers and authorities.
Kaspersky experts warn that while the threat is not yet imminent, action must start now. The transition to post-quantum cryptography is a long process, and the lack of immediate reaction could have critical consequences. Close collaboration between the cybersecurity community, governments, and industry is needed to develop clear strategies and implement new security standards.
Sergey Lozhkin, Head of Kaspersky Global Research & Analysis Team for META and APAC, said: "The most serious risk is not in the future, but in the present: encrypted data with long-term value is already at risk of decryption in the future. The security decisions we make today will define the resilience of our digital infrastructure for decades. Governments, companies and infrastructure providers must start adapting now, otherwise they risk systemic vulnerabilities that can no longer be fixed retroactively.”
Without international coordination and infrastructure modernization, the risks to financial, government and corporate data could become critical.
• Ransomware, the biggest current threat
A detailed analysis of the future of cybercrime, carried out by the company's Global Research and Analysis Team (GReAT), was also presented at the Kaspersky Horizons conference held in the Spanish capital. Experts have provided key insights into FunkSec, a ransomware group that illustrates emerging trends in the field: attacks powered by artificial intelligence, multi-purpose tools, remarkable adaptability, and a high-volume operating strategy with surprisingly low ransom amounts.
According to Kaspersky's annual "State of Ransomware” report, the percentage of users affected by ransomware worldwide increased to 0.44% between 2023 and 2024. While this increase may seem small, in the context of cybersecurity it reflects an intensification of attackers' focus on high-value targets.
In this new reality, FunkSec quickly emerged as a significant threat, with intense activity starting in the last months of 2024. The hacker group managed to surpass established actors in a short time, attacking government institutions, technology and financial companies, as well as educational organizations, both in Europe and Asia, because one of the aspects that differentiates FunkSec from other actors is its advanced use of technology.
The malware developed by them is written in Rust and integrates encryption functions, local data exfiltration and self-cleaning mechanisms in a single executable file to avoid detection. It also includes password-controlled functionality: in the absence of a password, the malware only executes file encryption, but entering a password triggers an additional process to extract sensitive data. Code analysis indicates that FunkSec uses generative artificial intelligence (AGI) to create some of its tools. Generic comments in the code, inconsistencies between commands for different operating systems, or unused functions present in the source files suggest that entire sections are generated automatically, not written by human programmers.
In this regard, Marc Rivero, senior security researcher at GReAT, said: "We have found that cybercriminals are increasingly using artificial intelligence to develop malicious tools. Generative artificial intelligence lowers the barriers and accelerates the creation of malware, allowing cybercriminals to adapt their tactics more quickly. By lowering the entry threshold, artificial intelligence allows even less experienced attackers to quickly develop sophisticated malware on a large scale,”
The Kaspersky expert said that FunkSec's economic strategy differs significantly from that of classic ransomware groups, which demand ransoms in the millions. FunkSec prefers high-volume attacks, demanding small amounts, around $10,000. In parallel, the stolen data is sold at a discount on the black market. This model allows the group to quickly gain notoriety and diversify its sources of profit, while minimizing the chances that victims will refuse to pay.
Marc Rivero also mentioned that, in addition to ransomware, FunkSec has also developed other tools, such as a password generator written in Python for brute-force attacks and a rudimentary DDoS tool. All of these are made available on its own website on the dark web, which shows the group's intention to build a complete infrastructure, easily accessible to other cybercriminals. In terms of avoiding detection, FunkSec uses sophisticated techniques: the malware is able to stop over 50 processes to ensure complete encryption of the targeted files, and in the absence of sufficient user privileges, it has fallback mechanisms to execute critical commands.
This threat was detected by Kaspersky GreAT experts under the name HEUR:Trojan-Ransom.Win64.Generic, and the company recommends a number of preventive measures. These include: installing anti-ransomware solutions on all endpoints, keeping all applications up to date, closely monitoring outgoing network traffic, and implementing advanced EDR and anti-APT solutions. It is also essential to continuously train security teams and use the latest Threat Intelligence to anticipate and combat the tactics used by attackers.
Euro
Dolar SUA
Franc elveţian
Liră sterlină
Gram de aur
