In the coming years,the scariest quantum breakthroughs are ultimately going to arrive as a late-night breach notice, or as the sudden realization that an “encrypted” archive is now readable by those with the right technology. Governments are treating quantum computing and adjacent tech as strategic assets, and vendors are learning that the line between “enterprise product” and “national security capability” has become so thin that it might eventually disappear altogether, as it has for some cybersecurity applications.
If you're an investor, this market profile is irresistible and dangerous at the same time. It's bound to dangle the promise of company budgets which
Don't contract in recessions thanks to government spending.
Rewards things that are normally kryptonite to investors, like excessive (but outwardly justifiable) secrecy, vague (or classified) milestones, and aggressive (but vapid) marketing.
Let's start by defining the cast of today's quantum arms dealers.
Quantum arms dealers are already here
Here's the most pragmatic way to classify likely builders and deployers of quantum computing weapons and defenses:
This is a brief, non-comprehensive set of examples to flesh out the five buyer archetypes. Each example notes what the actor tends to deal in, and what “how long” usually means for them in the real world.
National security agencies and defense departments
These are the buyers most able to fund long horizons, absorb secrecy, and treat dual-use quantum work as a strategic asset rather than a product roadmap. They're also the most likely to be developers of new attacks or defense schemes, which they'll almost certainly never sell. Here are a few organizations who are likely to be on the cutting edge:
The National Security Agency (NSA), which is already an expert organization in foreign signals intelligence and cryptologic capabilities that support national policy and military operations.
GCHQ, which deals in intelligence, cyber, and security capabilities, including technical collection and defensive programs that harden national systems.
The Communications Security Establishment (CSE) of Canada, which is another foreign signals intelligence plus cyber security and information assurance organization.
Major contractors
These firms are the industrial “translation layer” between prototypes and deployable systems, and they make their margin on ruggedization, integration, compliance, and sustainment. They're likely to be current and future developers of attacks as well as defenses, and they may be willing to purchase technology for the purpose of reverse-engineering it or testing their various products. These companies include:
RTX BBN Technologies, which is already involved in quantum engineering work across computing, sensing, and communications.
Northrop Grumman, which is involved with assured navigation and sensing, including quantum-enabled approaches that are positioned as GPS-resilience.
Boeing, which has extensive capabilities in producing networked systems where quantum communications and timing can become a strategic enabler.
Critical infrastructure operators
These buyers are forced to migrate because their systems are regulated, their assets last a long time, and downtime is politically and economically explosive. They're likely to be exclusively buyers of defensive technologies. These businesses include:
PJM Interconnection, which is operating wholesale electricity markets and managing transmission-grid reliability at regional scale.
National Grid Electricity Transmission, which owns and maintains high-voltage electricity transmission infrastructure.
Elections Systems & Software, which provides electronic voting systems and other election-related infrastructure
Big tech platforms
These are the subsidy providers for quantum R&D, and they monetize by selling access, tooling, and integration paths long before fault-tolerant machines exist. You're probably familiar with these companies already:
IBM Quantum, which is working on cloud-accessible quantum systems, developer tooling, and partner ecosystems that help customers experiment and build workflows.
Google Quantum AI, which is already a leader in research and engineering programs aimed at advancing quantum computing capabilities and methods.
Microsoft Azure Quantum, another leader in cloud orchestration and hybrid development, and it has access to multiple quantum hardware backends.
Universities and consortia
This is the talent pipeline and the early-breakthrough engine. But, newly-researched methods are unlikely to be published if the authors are confident that doing so would lead to immediate misuse.
Here are two noteworthy examples:
The MIT Center for Quantum Engineering, which pursues quantum engineering research, education, and industry engagement that turns physics into systems talent.
The Institute for Quantum Computing (University of Waterloo), which works on foundational quantum research with deep ties to broader quantum ecosystems.
The quantum arms dealers of today are not usually selling a turnkey weapon, nor the promise of an impregnable defense. They sell components, prototypes, services, advice, and roadmaps that state actors can fold into their future offensive or defensive systems.
The most direct quantum weapon to consider is cryptographic advantage. A sufficiently large fault-tolerant quantum computer could run Shor’s algorithm against widely used public-key schemes, and that prospect forces upgrades years before the hardware exists. It's also a convenient boogeyman, because it will eventually really exist.
The big picture is that the actors who are the most likely to create and deploy quantum capabilities are the ones who can afford long timelines, deep physics talent, and specialized supply chains. That means the pool of providers is going to be fairly small in the big scheme of things, and that the pool of buyers is going to be even smaller.
Partners & Suppliers
It’s also important to consider partners here; anyone selling serious quantum capability needs at least three partners:
A rock solid hardware supply chain
An institution-ready security and compliance layer
A customer who can stomach long development cycles.
When one of those three disappears, the dealer effectively becomes a just research project again.
Even for the businesses that are actually capable of fulfilling those criteria, there isn't necessarily a blue ocean for them to swim in right away. The odds are good that they'll need to navigate around export controls on quantum tech, outbound-investment rules, and a growing bureaucracy of security standards, third-party audits, and reliable procurement.
Again, the important thing to notice is how few seats are at this table; quantum arms dealers will inevitably work in a market shaped ruthlessly by gatekeepers for their own benefit, not by pure demand, and, counterintuitively, not in a purely technology-driven fashion.
The real commodity is cryptographic advantage
The offensive quantum weapons story is simple in concept and brutal in practice. If a sufficiently sophisticated quantum machine arrives, legacy public-key crypto becomes vulnerable, and an attacker gets immediate leverage over identity, software updates, and secure communications.
On the other hand, the defensive story is already here, because an attacker does not need the quantum computer in hand today to profit from having it in hand tomorrow. To be more specific, consider that the NCSC (the UK’s cyber agency), among others, warns that for encryption there is a risk of an attacker performing collect-now-crack-later attacks.
There is also a subtler point here; arms races do not require explicit offensive products to be sold across borders. They can be fueled by talent pipelines, open research, and general-purpose components that are dual use by nature. And when governments clamp down, the market does not become safer, it becomes more opaque, but also potentially more profitable for the players, as their pools of competitors can shrink.
The payoff window for offensive quantum capability is in the future, but the data collection to enable that payoff happens in the present, as well as in the near future. The market implication is that most of the early revenue flows will be towards defense, like migrations, tools for improving crypto agility, and performing enterprise-grade implementation work.
Another nuance is that these are primarily services which will likely deliver high margins to those who provide them, a stark contrast to the abysmal margins that quantum computing hardware producers face for the foreseeable future.
But, there's another important wrinkle. The same specialists who help harden systems also build models of how those systems fail. They sell the shield, and it's also possible that they will sell the knowledge of where the shield will crack, or perhaps even how to crack it.
BTQ and the temptation to sell both shields and swords
Some companies lean into the dual-use ambiguity instead of hiding it. For instance, BTQ Technologies states that it offers defensive and offensive capabilities to give customers an edge in the quantum age.
It’s important to note that BTQ isn’t necessarily offering weaponry to anyone who can pay for it. In this context, “offensive” can mean red-teaming and testing. It can also be a wink towards providing some kind of cryptanalytic capability. Notably, however, BTQ’s marketing lines alone do not tell you which it is, which likely is done intentionally to set precedent as the industry continues to grow.
So how do you evaluate the claim without guessing? Look for public artifacts that are expensive to fake:
Documented Technical Work: Peer-reviewed or formally archived technical writing that pins down claims in math, methodology, and scope
Integration Paths: Clear developer-facing integration docs that show how a buyer would actually adopt the capability.
Repeatable demonstrations: A demo that can be rerun by a third party using released code and explicit steps, not a one-off slide.
BTQ’s shareholder communication frames its stack and target sectors in its CEO letter. Its longer narrative about products and direction also appears in a public investor deck. Plus, in October 2025, one trade outlet covered BTQ’s announcement of a quantum-safe Bitcoin demonstration using NIST-standardized primitives.
None of these materials really clarify which offensive capabilities they are trying to sell, nor is there much third party documentation of their technical chops. At the same time, the company probably wouldn't intentionally lie to its investors, so there's still likely some kind of meat on the bone here, even if it's not visible to non-customers.
Notably, they sell defensive capabilities too.
History, neutrality, and why regulation is key
One comforting myth that's deeply adored in the tech sector is that a technology company can sell technology to everyone and stay neutral, because what customers do with the product is simply not within a company's control. A historical chapter on Switzerland and Sweden illustrates how neutrality did not eliminate the pull of both of the opposing sides, though for a time, it was possible for neutral actors to benefit from selling to the belligerents.
That precedent is worth appreciating because quantum computing is already being treated as strategically sensitive. In a world of export controls and capital screening, selling to both sides can become a legal liability, and it could even trigger retaliation that collapses supply chains, or access to talent. See the current situation regarding chip restrictions between the U.S. and China, and you'll see where the quantum computing market is inevitably going.
In closing, the darkest risk here is not that criminals will buy a quantum computer next year, or that they'll be able to get control of one before defensive technologies are common. The more likely risk is that the emerging ecosystem of quantum arms dealers leads to an arms race in which both the public and critical systems are forced to choose between being vulnerable or spending more and more resources to stay secure.
To keep up with the latest in blockchain technology and quantum computing, join us on X and subscribe to our newsletter.
