Protecting Against Harvest Now, Decrypt Later Attacks on the IBM i

What is an HNDL attack? 

Ask yourself this question: How will your organization react when an attacker in 2035 decrypts, exploits, and publishes business, governmental, confidential, or personal data stolen in 2025?  

A relatively new form of cyberattack called Harvest Now, Decrypt Later (HNDL) predicts this exact scenario. HNDL functions as a modified form of ransomware with two phases: extraction and decryption.  

In phase one of an HNDL attack (extraction), bad actors extract organizational data and then corrupt the original files and demand a ransomware payment. If the extracted data is unencrypted, the attackers may also exploit the stolen information or demand additional ransomware.

Phase two of an HNDL attack is the decryption phase. If the extracted data is encrypted and the encryption cannot be broken, the attackers will archive and store the stolen data sets for later decryption and exploitation. As encryption-breaking technologies improve (using quantum computing algorithms), the HNDL hackers will continue attempting to decrypt archived encrypted data. If (or when) they break the data’s encryption protection, extracted data (including personal, organizational, legal, national security, and other information) can be publicly divulged or otherwise exploited.  

The decryption phase may occur over many years. Experts disagree on when quantum computer algorithms may be capable of breaking traditional cryptography. Some sources estimate that Q-Day (the day someone builds a quantum computer that can crack the most widely used forms of encryption) could happen as soon as 2035.  

The consequences of HNDL attacks 

HNDL attacks are both a pre-Q-Day danger (encrypted data is continually stolen, held for ransom, and archived) and a post-Q-Day danger (when legacy-encrypted archived data can be decrypted and exploited).

Pre-Q-Day, organizations can reasonably expect the following events to occur: 

• Ransomware and other data extraction attacks will occur indefinitely: HNDL attackers will hold data hostage, publish, and exploit stolen data that is not currently encrypted. Disclosures will likely result in infrastructure sabotage, financial crimes, identity theft, national security incidents, and other types of criminal activity and chaos. Extracted data that cannot be decrypted will continue to be archived for the foreseeable future.

• A worldwide migration to quantum-resistant encryption protocols will occur: The world will start upgrading its encryption protocols. New encryption technologies such as Post-Quantum Cryptography (PQC) will become the norm, potentially requiring new hardware to implement.

Post Q-Day, many severe consequences may occur that could overturn and invalidate our current information security systems, including: 

• Destruction of non-quantum encryption protections: Today’s universal encryption protocols will no longer be effective. Current and legacy non-quantum encryption techniques—including hard-drive encryption, Advanced Encryption Standard (AES), Triple Data Encryption Standard (TDES), Secure Socket Layer (SSL), and Transport Layer Security (TLS)—will be breached overnight.

• Fresher HNDL data will be exposed first: We can expect HNDL attackers to prioritize decrypting stolen data in reverse-chronological order. If Q-Day happens in 2035, for example, they will likely first start decrypting encrypted data extracted in 2035, followed by data extracted during 2034, 2033, etc. This will allow attackers to decrypt and disclose the freshest (newest) data first before they start decrypting older data sets.

• Old data secrets will come to light: While older data sets will undoubtedly hold stale information, much of the information contained in stolen archived data will likely remain accurate and usable even after several years.

Who’s at risk of HNDL attacks? 

Anyone who suffers a data breach would be at risk. HNDL is a worldwide problem that can potentially affect any institution relying on current cryptography standards, including communications, governmental agencies, enterprises of all varieties, healthcare, financial institutions, and crypto currencies. 

Preventing and mitigating HNDL attacks 

Since IBM i systems continue to be susceptible to ransomware and other cyberattacks, what can be done to prevent and mitigate successful HNDL data attacks, now and in the future?  

One possible answer might be to implement a multi-layered defense framework for protecting IBM i data from HNDL attacks.  

1. Upgrade IBM i encryption protection to the latest cryptographic technologies: Transition IBM i encryption protection to the latest Post-Quantum Cryptography (PQC) methodologies, as they become available.
2. Prevent cyberattacks that intercept and extract IBM i data: Strengthen or add server protections against ransomware and other cyberthreats that extract IBM i data.
3. Reconsider your IBM i data breach response plan: Update your data breach response plan to detect when archived IBM i data is exposed and what actions to take to minimize the effects of that exposure.
4. Harden IBM i security to prevent unauthorized access: Update and harden your overall IBM i security posture to prevent unauthorized access.

Consider this initial framework as a work-in-process defensive plan that can be updated as new encryption tools and anti-HNDL strategies become available. Notice that some of these goals may already be enabled on your IBM i servers. Also note that this plan will not eliminate HNDL risk. It may, however, avoid and mitigate the risks that come after an IBM i HNDL exposure. 

Strategy #1: Upgrade IBM i encryption protection to the latest cryptographic technologies 

Where possible, upgrade your current encryption protection to the latest Post-Quantum Cryptology (PQC) technology. With Power11 machines, IBM has added quantum-safe encryption (QSE) capabilities to its Power11 hardware and software. If you upgrade to Power11 hardware, you may be able to use QSE technology to encrypt sensitive IBM i data against quantum-computer decryption. 

If you don’t have Power11 hardware, consider replacing earlier, weaker encryption protocols with the latest encryption technologies available for your Power hardware and i OS. While earlier protocols will not provide total protection against HNDL encryption, they may provide better protection while waiting for newer protocols to come available. 

Strategy #2: Prevent cyberattacks that intercept and extract IBM i data 

Consider updating or installing IBM i cyber-protection software that guards against ransomware and other malware attacks that can extract IBM i data. Utilize products such as iSecurity Ransomware, iSecurity AntiVirus, and other products that protect against data extraction. Update these products with the latest versions and patches on a regular basis.  

Also consider and review options for implementing time-sensitive encryption keys, where decryption is only available within a certain time period or enabled by a trusted third-party. Properly implemented, time-sensitive encryption might render sensitive information worthless if not decrypted during a specific time or from a trusted third-party provider.  

Strategy #3: Reconsider your IBM i data breach response plan 

One troubling aspect of an HNDL attack is that an organization may not know when its stolen archived data has been decrypted and exposed. If organizational data is stolen in a ransomware attack in 2025, for example, how will an organization even know if that information has been decrypted and exposed in 2035? 

Because data extraction and decryption may occur several years apart, completed HNDL attacks may require a different type of data breach response than the breach response plans used today. Some of the items that organizations may need to consider when older critical information is exposed include: 

• How will the organization know when critical stolen information has been decrypted? 

• What time period does the exposed information cover? 

• What informational fields were included in the exposed data? 

• Is the entire data set at risk or are only certain records still active? 

• Who needs to be notified of a data breach, and what additional remediation actions need to be taken? 

Consider whether your organization needs to rethink its data breach response plan to account for the unique aspects of a completed HNDL attack. 

Strategy #4: Harden IBM i security to prevent unauthorized access 

All data extraction incidents start with unauthorized access to data. While up-to-date i server security may not prevent an HNDL extraction, staying current with and hardening your IBM i security can help stop unauthorized IBM i access. Be sure to keep current with PTFs, operating system updates, and install and upgrade IBM i cybersecurity software, such as the iSecurity suite of security products from SEA. 

Only the beginning 

Harvest Now, Decrypt Later (HNDL) attacks are a next-generation cybersecurity threat for enterprise security. The first phase of these attacks (extraction) is happening right now, while the second phase (decryption and exploitation) will likely happen within the next decade.   

It may not be too early to start setting up a defensive anti-HNDL strategy, as it may take several years to fully protect IBM i data from HDNL quantum decryption and exploitation. Please contact SEA if you’d like more information on understanding and responding to IBM i HNDL incidents and other cyberattacks.