글로벌 보안 기업 카스퍼스키가 ‘Kaspersky Security Bulletin’ 연례 보고서를 통해 2015년에 OpenAI, Meta 같은 대형 AI 기업의 서비스 중단 위험이 있다며 IT 공급망 위험에 대비해, 공급업체 다변화와 보안 강화를 요청했다.
IT Supply Chain Risk Preparation: Supplier Diversification and Security Enhancement Are Essential
In 2015, global security company Kaspersky Lab requested supplier diversification and enhanced security to prepare for IT supply chain risks, citing the risk of service outages at large AI companies such as OpenAI and Meta.
The recently published 'Kaspersky Security Bulletin' annual report analyzed five major risk situations that could occur in the IT field in 2025 based on major supply chain security incidents that occurred in 2024 and suggested countermeasures.
According to the report, first of all, there is a risk that large AI companies such as OpenAI and Meta will have their services interrupted or their data leaked. As companies are now heavily dependent on AI services, a problem with one company can paralyze numerous corporate activities at once.
There are also security risks associated with AI tools embedded in everyday devices. Kaspersky warns that vulnerabilities in AI chips could become a conduit for large-scale attacks, through its 'Operation Triangulation' campaign.
Moreover, as airlines and ships increasingly rely on satellite internet, there is a risk that satellite service outages could cause widespread communications disruptions.
Here, 95% of the world's data is transmitted via submarine cables and passes through some 1,500 Internet exchanges, so if just a few key facilities have problems, the entire Internet can be paralyzed.
In addition, if core vulnerabilities in the Windows and Linux operating systems are discovered, it could cause great confusion across the entire industry, as these operating systems operate almost all industrial facilities, from factory equipment to logistics systems.
Kaspersky advises that companies prepare for IT supply chain risks by diversifying suppliers and strengthening security.
“This analysis is a case that demonstrates Kaspersky’s outstanding risk prediction capabilities,” said Lee Hyo-eun, head of Kaspersky Korea. “Companies will be able to proactively prepare for new IT supply chain risks through Kaspersky’s threat intelligence.”
Kim Cheol-bong, Vice President of Information Security Business Division at Kudo Communications, the domestic distributor for Kaspersky, said, “Kaspersky and Kudo Communications will continue to provide in-depth threat analysis and insights to help companies strengthen their security posture.”