As part of its annual Kaspersky Security Bulletin, the company’s experts have analyzed significant supply chain attacks and IT outages from the past year and explored potential future risk scenarios, providing insights aimed at helping businesses of all sizes enhance cybersecurity, build resilience, and prepare for possible emerging threats in 2025
In 2024, supply chain attacks and IT outages emerged as dominant cybersecurity concerns, demonstrating that virtually no infrastructure is immune to risk. A faulty CrowdStrike update affected millions of systems, and sophisticated incidents, such as the XZ backdoor and the Polyfill.io supply chain attackexposed the risks inherent in widely used tools. These and other high-profile cases highlight the need for rigorous security measures, robust patch and update management, and proactive defenses to safeguard global supply chains and infrastructure.
In its “Story of the Year”, the Kaspersky Security Bulletin reflects on 2024’s past incidents, while contemplatinghypothetical future scenarios, and considering their potential consequences, as follows:
What if a major AI provider faced an outage or a data breach? Businesses are increasingly relying on various modelssuch as those from OpenAI, Meta, Anthropic and others. However, despite the excellent user experience theseintegrations offer, they introduce significant cyber risks. Reliance on a single or limited number of AI service providerscreates concentrated points of failure. If a major AI companyexperiences a critical disruption, it could significantly impact dozens or even thousands of services that depend on them.
Furthermore, an incident at any major AI provider could result inone of the most severe data leaks, as these systems may storevast amounts of sensitive information.
What if on-device AI tools were exploited? As AI becomes more integrated into everyday devices, the risk of it becoming an attack vector grows significantly. For instance, the OperationTriangulation campaign, uncovered by Kaspersky last year, demonstrated how attackers could compromise device integrity by exploiting zero-day vulnerabilities in the system software and hardware to deploy advanced spyware. Similar potentialsoftware or hardware-assisted vulnerabilities in the neural processing units powering AI – both broadly and in specific platforms like Apple Intelligence – could, if discovered, extend or present an even greater threat. Exploiting such weaknesses could harness AI capabilities to significantly amplify the scope and impact of such attacks.
Kaspersky’s research into Operation Triangulation also revealed the first of its kind case reported by the company: the misuse of on-device machine learning for data extraction, highlighting that the features designed to enhance user experience are already being weaponized by sophisticated threat actors.
What if threat actors disrupted satellite connectivity? While the space industry in general has been encountering various cyberattacks for a while, the new target for threat actors may be satellite internet providers as important elements of the global connectivity chain. Satellite internet can provide temporary communication links when other systems are down; airlines, ships, and other platforms may rely on it to provide onboard connectivity; it may also be used to enable secure communication services.
This presents cyber risks: a targeted cyberattack or a faulty update from a leading or dominant satellite provider could cause internet outages and potential communication breakdowns, impacting individuals and organizations.
What if major physical threats to the Internet occurred?Continuing the topic of connectivity, the internet is also vulnerable to physical threats. 95% of global data is transmittedthrough subsea cables, and there are nearly 1,500 Internet Exchange Points (IXPs) – physical locations, sometimes within data centers, where different networks exchange traffic.
A disruption to just a few critical components of this chain –such as key cables or IXPs – could overload the remaining infrastructure, potentially causing widespread outages and significantly impacting global connectivity.
What if severe vulnerabilities in Windows and Linux kernel were exploited? These operating systems power many of the world’s critical assets, including servers, manufacturing equipment, logistics systems, IoT devices, and others. A remotely exploitable kernel vulnerability in these systems could expose countless devices and networks worldwide to potential attacks, creating a high-risk situation in which global supply chains could face significant disruption.
“Supply chain risks may seem overwhelming, but awareness is the first step toward prevention,” said Igor Kuznetsov, Director of Global Research and Analysis Team (GReAT) Kaspersky. “By testing updates rigorously, leveraging AI-driven anomaly detection, and diversifying providers to reduce single points of failure, we can reduce weak elements and build resilience. A culture of responsibility among personnel is equally vital, as human vigilance remains the cornerstone of security. Together, these measures can safeguard supply chains and ensure a more secure future”.
Read more on Securelist.
About Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
:Read also
LG’S WORLD-FIRST TRANSPARENT AND TRUE WIRELESS 4K OLED TV DELIVERS NEW SCREEN EXPERIENCE
