Can Hackers Attack Quantum Computers Across Time and Space? The Truth Is Far More Terrifying

A deep dive into quantum cybersecurity, where the actual vulnerabilities are stranger than science fiction

The Seductive Idea

Here’s a compelling hypothesis that caught my attention whilst on my investigation through the potential threat landscapes of tomorrow:

If qubits exist in superposition — simultaneously 0 and 1 — and quantum entanglement creates correlations that appear to transcend space, then couldn’t an attacker anywhere in the universe theoretically target a quantum computer by manipulating those probabilities?

It’s an elegant thought. It draws on real physics — superposition, entanglement, Bell inequality violations. And it captures the genuine strangeness of quantum mechanics, where measurements here can be correlated with measurements billions of light-years away.

But there’s a problem: the universe has rules, and those rules are mathematically unbreakable.

Let me explain why this hypothesis fails — and then show you the real quantum security threats that should actually keep you awake at night.

Why “Anywhere in the Universe” Attacks Are Mathematically Impossible

The No-Communication Theorem

In 1978, physicist Philippe Eberhard published a proof that became one of the most important results in quantum foundations. The no-communication theorem states definitively: quantum entanglement cannot transmit information faster than light.

Here’s why:

When you measure one half of an entangled pair, you get a random result. Yes, that result is correlated with what your partner will measure on the other half. But you cannot control your outcome. You cannot choose to make your qubit collapse to |0⟩ or |1⟩ in a way that sends a signal.

The randomness isn’t a bug — it’s a feature. It’s what prevents the causality violations that would otherwise break physics.

As Big Think explains: “While it may appear that information is being exchanged faster than the speed of light, this correlation cannot be used to transmit information directly because the state of one particle cannot be intentionally manipulated to convey a specific message.”

What Bell Inequality Violations Actually Mean

The 2022 Nobel Prize in Physics was awarded to Clauser, Aspect, and Zeilinger for experiments proving that quantum mechanics violates Bell inequalities — mathematical constraints that any “local realistic” theory must satisfy.

This sounds like it proves non-locality. And in a sense, it does. But NIST clarifies: quantum mechanics is non-local in terms of correlations, not in terms of information transfer.

The correlations are real. The correlations are instantaneous. But correlations alone cannot carry a message.

Think of it this way: if I flip a coin in New York and you flip a coin in Tokyo, and somehow they always match, that’s spooky. But neither of us can use that correlation to send the other a signal, because neither of us controls our outcome.

The No-Cloning Theorem Seals the Deal

Even if you tried to get clever — maybe by copying quantum states to extract information — you’d run into the no-cloning theorem. Quantum mechanics forbids creating identical copies of an arbitrary quantum state.

This isn’t a technological limitation. It’s a mathematical necessity. The linearity of quantum mechanics makes cloning impossible.

Verdict on the hypothesis: Attackers cannot target quantum computers from “anywhere in the universe” simply using entanglement. The physics doesn’t allow it. No matter how sophisticated your mathematics or how deep your understanding of probability, you cannot violate theorems that are proven consequences of quantum mechanics itself.

The “Observer” Is the Hacker: The Coherence Breach

While the universe forbids sending a message via entanglement, it allows something much more subtle: The Observer Effect. In my ONI (Organic Neural Interface) framework, we see this play out in biological systems, but it applies equally to quantum ones.

In a quantum computer, the mere act of “observing” or measuring a system changes its state. This isn’t just a physics quirk; it is a fundamental security vulnerability.

The Coherence Breach and f × S ≈ k

Quantum computers rely on Coherence — the ability of qubits to stay in a delicate, unified state to perform calculations. However, this state is governed by a physical efficiency theorem I call the Scale-Frequency Invariant:

f × S ≈ k

Where:

• fis the frequency of interaction (how fast/often the system is probed).
• S is the spatial scale (the physical extent of the coherent state).
• k is a constant of system stability.

When a hacker “probes” a quantum system (even passively observing its thermal or EM leakage), they are effectively spiking the frequency (f) of interaction with that system. Because k is a physical constant, the system is forced to compensate: The Spatial Scale (S) collapses.

The result? A Coherence Breach. The “Global” quantum state — the complex, multi-qubit calculation — shatters into “Local” noise. An attacker doesn’t need to break your encryption if they can use the Observer Effect to collapse your computation into gibberish. This is the ultimate “Denial of Service” attack, written into the very laws of physics.

But Here’s What’s Actually Terrifying

The real quantum security threats don’t require science fiction. They’re happening now, and they’re based on physics that absolutely works.

1. Harvest Now, Decrypt Later (HNDL)

This is the threat that keeps cryptographers awake at night.

                    HNDL = Harvest Now, Decrypt Later  
  
The attack strategy:  
  
  1. Now: Adversaries intercept and store encrypted data (emails, financial records, state secrets, medical data)  
  2. Later: When quantum computers can run Shor's algorithm, decrypt everything retroactively  
  
Why it matters:  
  
  - Data encrypted with RSA/ECC today will be readable in ~10-15 years  
  - Nation-states are already collecting encrypted traffic  
  - Any secret that must remain secret beyond ~2035 is effectively compromised now  
  
Timeline math:  
  ┌────────────────────────┬──────────────────┬────────────┐  
  │    Data sensitivity    │ Required secrecy │ Risk level │  
  ├────────────────────────┼──────────────────┼────────────┤  
  │ Medical records        │ 50+ years        │ High       │  
  ├────────────────────────┼──────────────────┼────────────┤  
  │ State secrets          │ 25-75 years      │ High       │  
  ├────────────────────────┼──────────────────┼────────────┤  
  │ Financial transactions │ 7 years          │ Medium     │  
  ├────────────────────────┼──────────────────┼────────────┤  
  │ Session tokens         │ Hours            │ Low        │  
  └────────────────────────┴──────────────────┴────────────┘  
   
Defense:  
  
  Migrate to post-quantum cryptography (CRYSTALS-Kyber, etc.) now — before the data is harvested, not before quantum computers exist.

Nation-state actors are already collecting encrypted data — your communications, financial transactions, medical records, state secrets — and storing it. They can’t read it today. But when fault-tolerant quantum computers arrive, they’ll use Shor’s algorithm to factor the RSA keys and decrypt everything.

“Intelligence agencies with storage capacity and patience. The NSA’s Utah Data Center can store exabytes. China, Russia, and others have similar capabilities.”

BCG reports: “Organizations’ data may already be at risk due to harvest now, decrypt later tactics, where attackers stockpile encrypted data to unlock once quantum capability arrives.”

Your secrets from 2024 could be readable by 2035.

2. Shor’s Algorithm: The Cryptographic Apocalypse

Peter Shor’s 1994 algorithm factors large integers exponentially faster than any classical method. RSA-2048, which would take a classical computer 1 billion years to crack, could fall to a quantum computer in 100 seconds.

Recent research from Google’s Craig Gidney suggests that fewer than 1 million noisy qubits could break RSA-2048 in under a week — down from previous estimates of 20 million qubits.

NIST recommends deprecating RSA after 2030 and prohibiting it after 2035.

3. Physical Attacks on Quantum Hardware

Here’s where it gets interesting: quantum computers are extraordinarily fragile, and that fragility is a security vulnerability.

According to Post Quantum:

Decoherence attacks: Superconducting qubits operate at 15 millikelvin — colder than outer space. A tiny thermal fluctuation, a stray electromagnetic field, even a vibration can cause qubits to lose coherence. An attacker with physical access could deliberately introduce noise to crash computations.

Side-channel attacks: Researchers have demonstrated that power consumption patterns in quantum computer controllers leak information about the quantum operations being performed. Even on cloud-based quantum computers, side-channel data gathered before and after execution can reveal circuit structures.

Fault injection: Research from Yale demonstrates that microwave pulses at specific frequencies can alter qubit states mid-computation. An attacker who can inject their own control signals could manipulate quantum algorithms in real-time.

Crosstalk exploitation: On multi-tenant quantum cloud platforms (IBM, Google, Amazon), multiple users share the same physical hardware. Qubits interact through unintended electromagnetic coupling. A malicious user could potentially influence neighboring qubits belonging to other users.

4. The Post-Quantum Cryptography Arms Race

NIST finalized its first post-quantum cryptography standards in 2024, selecting algorithms like CRYSTALS-Kyber and CRYSTALS-Dilithium. But Palo Alto Networks warns: “Today’s quantum solutions are creating a false sense of security — as we do not know if the quantum algorithms considered resistant will remain that way.”

Indeed, vulnerabilities have already been discovered in some NIST-selected algorithms. The cryptographic arms race continues.

Let’s dive into these a little further —

Physical Attacks on Quantum Hardware

Decoherence Attacks

Quantum coherence is extraordinarily fragile. Superconducting qubits require temperatures of approximately 15 mK and isolation from electromagnetic interference. Research demonstrates that attackers with physical or electromagnetic access can induce decoherence through:

• Thermal perturbation
• Electromagnetic interference
• Acoustic vibration
• Ionizing radiation

Such attacks cause computation failure without necessarily revealing their artificial origin (Xu et al., 2023).

Side-Channel Attacks

Power analysis attacks on quantum computer controllers reveal information about executed quantum operations (Xu et al., 2023). Timing analysis, electromagnetic emanations, and acoustic signatures provide additional side channels. Cloud-based quantum computers present particular vulnerabilities, as classical control infrastructure is shared across users (IBM Security, 2022).

Fault Injection

Microwave pulse injection at qubit resonance frequencies can flip qubit states mid-computation. Research demonstrates that fault injection can:

• Introduce targeted errors bypassing error correction
• Modify algorithm behavior
• Extract information through differential fault analysis

The similarity between injected faults and natural decoherence complicates detection (Rishabh et al., 2023).

Multi-Tenant Vulnerabilities

Cloud quantum computing platforms serve multiple users on shared hardware. Crosstalk between qubits — unintended electromagnetic coupling — creates potential for cross-tenant attacks. A malicious user could potentially influence neighboring qubits or extract information about concurrent computations (Harper et al., 2023).

Threat Taxonomy

We propose a three-category taxonomy for quantum security threats:

Category 1: Attacks BY Quantum Computers

Threats where quantum computers serve as attack tools against classical systems:

• Cryptographic attacks (Shor’s, Grover’s algorithms)
• Optimization attacks (solving NP-hard security problems)
• Machine learning attacks (quantum-enhanced adversarial ML)

Category 2: Attacks ON Quantum Computers

Threats targeting quantum computing hardware and software:

• Decoherence/denial-of-service attacks
• Side-channel attacks on controllers
• Fault injection attacks
• Multi-tenant crosstalk exploitation
• Quantum memory attacks
• Calibration data poisoning

Category 3: Attacks on the Classical-Quantum Interface

Threats exploiting the boundary between classical and quantum systems:

• Control signal manipulation
• Classical pre/post-processing vulnerabilities
• Quantum random number generator attacks
• Hybrid algorithm vulnerabilities

The Mathematics of Quantum Threat

The equations that matter.

- Shor's Algorithm Complexity -  
  
  Classical factoring (best known): O(exp(n^(1/3))) - exponential in key size  
  Shor's quantum factoring: O(n³) - polynomial in key size  
  This isn't a linear speedup. It's a complexity class collapse. Problems that take geological time become problems that take coffee-break time.  
  
- Grover's Algorithm for Symmetric Encryption -  
  
  For searching an unstructured database of N items:  
  Classical: O(N) operations  
  Grover's quantum: O(√N) operations  
    
  Grover's algorithm theoretically halves the effective key length, making AES-256 equivalent to AES-128 in brute-force resistance. However, NIST notes that Grover's requires a long serial computation that is extremely difficult to parallelize — in practice, AES-256 is considered fully quantum-resistant.  
    
- Qubit Requirements (Evolving Estimates) -  
  
  | Year  |  Estimate for RSA-2048  |      Source       |  
  | - - - | - - - - - - - - - - - - | - - - - - - - - - |  
  | 2019  |    20 million qubits    |  Gidney & Ekerå   |  
  | 2025  |    <1 million qubits    |  Gidney (revised) |  
  
...The goalpost keeps moving closer.

Where The Industry Is Heading

…And what we can do to get more leverage.

If you’re a government or enterprise:

Security/GRC folks — Listen close. It’s only a matter of time (…no pun intended).

• Inventory your cryptographic assets — what algorithms protect what data?
• Classify data by longevity — secrets that must remain secret for 20+ years are already at risk
• Begin post-quantum migration — NIST standards exist; adoption is the bottleneck
• Assume HNDL is happening — your adversaries are patient

If you’re a researcher:

• Quantum computer security is an emerging field — side-channel and fault-injection research is nascent
• Multi-tenant security is largely unexplored
• Hybrid classical-quantum systems introduce new attack surfaces

If you’re fascinated by the physics:

The universe doesn’t let you send messages faster than light. But it does let you:

• Factor numbers exponentially faster
• Search databases quadratically faster
• Simulate quantum systems (that’s what Feynman originally wanted)
• Break cryptographic protocols we’ve relied on for 40 years

The quantum threat isn’t about transcending spacetime. It’s about transcending computational complexity.

Conclusion: The Real Strangeness

I understand the appeal of the “attackers anywhere in the universe” hypothesis. Quantum mechanics is strange. Entanglement does involve correlations that seem to defy locality. Bell inequality violations do rule out naive classical explanations.

But the strangeness has rules. The no-communication theorem, the no-cloning theorem, the structure of quantum mechanics itself — these aren’t suggestions. They’re mathematical constraints as rigid as conservation of energy.

The real quantum security threats don’t require violating physics. They work within physics, exploiting the computational power that quantum mechanics genuinely provides.

And those threats? They’re not theoretical. They’re being prepared for right now, by adversaries who understand that mathematical inevitability cuts both ways.

Sources:

• BCG: How Quantum Computing Will Upend Cybersecurity
• Big Think: Quantum Entanglement and FTL Communication
• NIST: Local Realism and Bell’s Inequality
• Post Quantum: Quantum Hacking
• Fortinet: Shor’s and Grover’s Algorithms
• The Quantum Insider: Google Researcher Lowers Quantum Bar
• Palo Alto Networks: Quantum Computing Cybersecurity Risks
• IEEE Xplore: Reconstructing Quantum Circuits via Side Channels
• arXiv: Classification of Quantum Computer Fault Injection Attacks

Follow my work and research. Collaborate and contribute on GitHub.

Sub-Tags: #QuantumComputing #Cybersecurity #Cryptography #QuantumMechanics #PostQuantum #InfoSec

---

Can Hackers Attack Quantum Computers Across Time and Space? The Truth Is Far More Terrifying was originally published in Cyber Security Write-ups on Medium, where people are continuing the conversation by highlighting and responding to this story.

Written with AI assistance (Claude). All claims verified by the author.