In 2015, global security company Kaspersky Lab requested supplier diversification and enhanced security to prepare for IT supply chain risks, citing the risk of service outages at large AI companies such as OpenAI and Meta.

The recently published 'Kaspersky Security Bulletin' annual report analyzed five major risk situations that could occur in the IT field in 2025 based on major supply chain security incidents that occurred in 2024 and suggested countermeasures.

According to the report, first of all, there is a risk that large AI companies such as OpenAI and Meta will have their services interrupted or their data leaked. As companies are now heavily dependent on AI services, a problem with one company can paralyze numerous corporate activities at once.

There are also security risks associated with AI tools embedded in everyday devices. Kaspersky warns that vulnerabilities in AI chips could become a conduit for large-scale attacks, through its 'Operation Triangulation' campaign.

Moreover, as airlines and ships increasingly rely on satellite internet, there is a risk that satellite service outages could cause widespread communications disruptions.

Here, 95% of the world's data is transmitted via submarine cables and passes through some 1,500 Internet exchanges, so if just a few key facilities have problems, the entire Internet can be paralyzed.

In addition, if core vulnerabilities in the Windows and Linux operating systems are discovered, it could cause great confusion across the entire industry, as these operating systems operate almost all industrial facilities, from factory equipment to logistics systems.

Kaspersky advises that companies prepare for IT supply chain risks by diversifying suppliers and strengthening security.

“This analysis is a case that demonstrates Kaspersky’s outstanding risk prediction capabilities,” said Lee Hyo-eun, head of Kaspersky Korea. “Companies will be able to proactively prepare for new IT supply chain risks through Kaspersky’s threat intelligence.”

Kim Cheol-bong, Vice President of Information Security Business Division at Kudo Communications, the domestic distributor for Kaspersky, said, “Kaspersky and Kudo Communications will continue to provide in-depth threat analysis and insights to help companies strengthen their security posture.”