Quantum computer-powered hackers the next cyber-threat for major banks

Quantum computing looms as the next big cybersecurity threat for banks, with the growing risk of being attacked by hackers armed with next-generation artificial intelligence models such as Anthropic’s Mythos. Via AFR

The arrival of quantum technology is just around the corner, and will require a big security uplift, says HSBC head of quantum Philip Intallura.

Philip Intallura, head of quantum at HSBC, in Adelaide this week for a Quantum Australia event, said that the “clock is ticking”. 

It promises to leverage the principles of quantum physics to massively boost computing power, so much so that a computer could break the encryption that keeps every transaction private, known as the RSA algorithm.

A report from the Global Risk Institute in March said there was now a 50/50 chance a quantum machine would break the RSA within the next decade.

Intallura said the threat from quantum computing had led the London-based bank to set up a specialist program to safeguard its data.

“We’ve got to migrate our critical applications to these new protocols before a quantum computer is available. That’s where the clock is ticking. We are working towards migrating critical priority applications by 2030,” he said.

Financial institutions are facing a range of attacks from cybersecurity threats, from sophisticated attacks to scams. HSBC Australia is settling a lawsuit with the corporate regulator over widespread scams that cost its customers over $100 million between 2021 and 2024.

The announcement by Anthropic that its latest model, Claude Mythos, poses a significant threat to the global financial system because of its ability to exploit software vulnerabilities and supercharge cyberattacks, has also alarmed financial institutions and governments globally, adding to the pressure on banks to increase the security of their systems.

Last October, Reserve Bank of Australia governor Michele Bullock described quantum computing as a major threat to data security across the nation’s economy and called on banks to improve their cybersecurity.

AusPayNet, an industry body, is moving almost one million payment terminals to post-quantum computing standards by 2030.

“Australia is a leading jurisdiction in the global migration to [post quantum cryptography]-ready security,” said AusPayNet chief executive Andy White.

QuintessenceLabs, which counts Westpac as an investor, has also been working with banks to build out their broader quantum defence strategies.

Cybersecurity teams must progress this work even as they respond to the threat from new AI models such as Mythos, said Vikram Sharma, the chief executive of the Canberra-headquartered company.

“Within any large bank, there are so many current-day threats, which means resources are stretched. But [quantum] will probably manifest over the coming years, and we might not be seeing the urgency we should be. This is problematic, as it will take most banks three to five years to transition to the new standards,” he said.

“We need to see the C-suite and boards take ownership, allocate budget and prioritise quantum resilience to run alongside everything they need to do today, so they are not exposed to risk.”

Petra Andrén, the chief executive of Quantum Australia, which recently hosted an event in Adelaide attended by more than 800 people – said global banks are testing how quantum will affect not only encryption, but fraud detection, trading, and risk modelling.

“The cyber risk is immediate in strategic terms because large institutions cannot modernise encryption overnight,” he said. “Quantum will become part of a broader enabling technology layer alongside AI, high-performance computing, and classical systems.”

HSBC’s Intallura said the amount of work required to transform the cryptography that protects transactions was underestimated, adding that it “touches more or less every application in an organisation”.

“There is enough time. The good news is [that] the new cryptographic standards are done. It just needs resourcing and some investment,” he said.

BCG analysts estimated that migration to quantum-safe standards would cost between 2.5 per cent and 5 per cent of a bank’s annual technology budget.

Australian Banking Association chief executive Simon Birmingham said quantum computing was “a big opportunity and a necessity for banks to seize the productivity opportunities while ensuring people know their money is safe and secure”.

“The promise of quantum technologies is now at a tipping point, showing the potential to translate into tangible and significant benefits across the economy. For banks, that could mean faster, more seamless banking services, better scam protection, and security that stays ahead of increasingly sophisticated threats,” he said.

Related articles