Kaspersky Warns of Cyber Risk Scenarios That Could Undermine Global Digital Stability
As digital systems become more interconnected and dependent on invisible technical foundations, new categories of cyber risks are emerging beyond traditional malware, ransomware and disruption. In its latest forward-looking analysis, Alexander Gostev, Chief Technology Expert at Kaspersky, explores “grey swan” scenarios — probable high-impact developments that are difficult to predict with precision, yet could prove decisive for the future of the cybersecurity industry.
The analysis focuses on plausible but underexplored risk scenarios that sit at the edges of today’s threat models. These scenarios are not forecasts in the conventional sense, but structured attempts to identify systemic shifts that, if materialised, could fundamentally affect financial systems, data integrity and environmental safety.
1. Progressive loss of legacy digital data and knowledge
A long-term risk highlighted by Kaspersky is the gradual obsolescence of large volumes of digital data created between the 1970s and early 2020s. Significant portions of this information remain stored in proprietary databases, legacy file formats, outdated software environments and aging physical media such as magnetic tapes, hard drives and optical discs.
Over time, this might lead to the emergence of “digital islands”, extensive collections of data for which neither functional software nor skilled specialists remain. Physical degradation of storage media further accelerates the risk, making recovery increasingly difficult or technically impossible.
Artificial intelligence (AI) tools will offer limited mitigation in this context, as they generally rely on modern formats and well-documented structures. Without active intervention, the world may face a partial but irreversible loss of digital historical records, scientific results and institutional knowledge.
2. Patent gridlock driven by AI-accelerated discovery
As artificial intelligence accelerates scientific discovery, corporations increasingly patent not only specific inventions, but broad classes of methods and algorithms, identified with the help of AI. In fields such as biomedicine, chemistry and materials science, this leads to dense layers of overlapping intellectual property claims rather than clearly bounded protections.
A potential risk emerges when multiple advanced AI systems converge on similar high-value approaches in an emerging domain. Independently patented by different organisations, these overlapping methods create legal uncertainty around freedom to operate, even for further research. As a result, universities and independent laboratories may exit the field, funding may be paused, and publications, trials and industrial applications can be delayed or blocked.
This scenario does not stem from malicious intent, but from rational behaviour amplified by AI-driven scale and speed. Existing intellectual property frameworks may struggle to distinguish independent discovery from automated generation, leading to a temporary paralysis of innovation and forcing a reassessment of how intellectual property is managed in the age of AI.
3. Sudden cryptographic collapse triggered by a mathematical breakthrough
Most attention in the cybersecurity community is focused on the long-term threat posed by quantum computing and the eventual need to transition to post-quantum cryptography. However, a less discussed grey swan scenario involves an unexpected mathematical breakthrough in number theory that dramatically simplifies problems such as integer factorization or discrete logarithms on classical computers.
If such an algorithm were published, it could instantly undermine the mathematical foundations of widely used asymmetric cryptographic systems, including RSA and elliptic curve cryptography. Unlike gradual cryptographic weakening, this would represent an abrupt loss of security assumptions, rendering existing protections ineffective without warning.
In this scenario, public key infrastructure (PKI) underpinning TLS connections, digital signatures and encrypted communications would rapidly lose trust. Previously intercepted and stored encrypted traffic could become readable, while organisations would face a disorderly and rushed transition to alternative cryptographic schemes that are not yet fully standardised or battle-tested, creating a period of significant uncertainty for global digital trust.
4. An AI market correction following inflated expectations
Artificial intelligence is currently surrounded by unprecedented expectations, with rapid investment growth driven by narratives of imminent artificial general intelligence and transformative productivity gains. However, a potential grey swan scenario lies not in technological failure, but in a widening gap between expectations and economically sustainable outcomes, echoing patterns seen during previous technology bubbles.
Rather than a single moment of collapse, this scenario would unfold through a series of high-profile disappointments such as underperforming AI deployments in complex domains, corporate disclosures acknowledging limited return on investment, and growing investor scrutiny focused less on long-term vision and more on near-term profitability. High inference costs, limited scalability without extensive human involvement, and reliance on shared cloud infrastructure could expose structural weaknesses across large segments of the AI startup ecosystem.
As capital reallocates, the market would likely contract around proven, utilitarian use cases such as cloud infrastructure, specialised models, fraud detection, recommendation systems and other narrowly defined applications. While AI as a technology would remain embedded across industries, speculative narratives around universal intelligence could give way to a more restrained, engineering-driven phase, reshaping how innovation, investment and risk are approached in the AI sector.
5. Coordinated digital isolation of a national Internet ecosystem
For years, the fragmentation of the global Internet into national and regional segments has been discussed as a gradual, policy-driven process. However, a more abrupt scenario is also probable: the forced digital isolation of a major digital economy as a result of coordinated external pressure rather than an internal political decision.
In this scenario, a coalition of states applies a combination of technical and infrastructural measures including large-scale BGP manipulation, revocation of critical digital certificates and disruption of international connectivity at physical choke points such as submarine cable routes. Despite the perception of the Internet as inherently decentralised, key dependencies remain highly concentrated, creating structural points of leverage under exceptional geopolitical conditions.
The outcome would not be a complete loss of connectivity, but a form of functional digital isolation, pushing businesses, public services and technology platforms into constrained, inward-looking ecosystems. Recovery could take years, accelerating cyber balkanisation and reshaping digital trade, innovation and technological sovereignty.
“Most industry forecasts are built on rational extrapolation — the same threats, the same attack vectors, only at greater scale. In this analysis, the goal is different. These scenarios are not predictions of what will happen next year, but structured thought experiments about what could happen if some of our most basic technical assumptions stop holding. They sit between routine forecasts and true black swans — difficult to model, but potentially decisive for how the industry evolves,” comments Alexander Gostev, Chief Technology Expert at Kaspersky.
While the scenarios outlined above explore plausible but less conventional risk trajectories, Kaspersky’s immediate forecasts covering developments expected in the near term are detailed in the Kaspersky Security Bulletin 2025.
