The Infrastructure Heist: Why AI's Build-Out Is Becoming Its Biggest Vulnerability
As the AI boom demands billions in capital spending, security is crumbling, supply chains are poisoned, and the whole thing could be held ransom by quantum computers. What happens when we optimize for speed and forget about defense?
The most honest thing Elon Musk said this week probably wasn’t on purpose. On the stand fighting OpenAI, he got trapped by his own tweets—the digital equivalent of a defendant’s own diary becoming exhibit A. But there’s a bigger trial happening in the background, one nobody’s paying enough attention to: we’re building the infrastructure for AI at velocity, and we’re doing it with doors hanging off the hinges.
Consider what we know right now, in this exact moment.
SoftBank is building a robotics company to construct data centers, already eyeing a $100B IPO. Anthropic might raise $50B at a $900B valuation. Amazon’s AWS is printing money while capital spending surges. The infrastructure arms race is real, it’s massive, and it’s running on fumes of security theater.
Then look sideways. A supply-chain attack targeted security firms Checkmarx and Bitwarden. An open source package with 1 million monthly downloads straight-up stole credentials. Top university websites got hijacked to serve porn because nobody bothered with basic maintenance. And—this is the one that should make you actually uncomfortable—a ransomware family is now confirmed quantum-safe.
That last one isn’t technical jargon. That’s a threat actor saying: “I’ve already built the weapon for when your encryption stops working.”
Photo by Brett Sayles / Pexels
The Pattern Nobody Wants to See
Here’s what kills me: these aren’t separate problems. They’re symptoms of the same disease—we’re in a gold-rush phase where capital velocity matters more than capital security.
When you’re raising $50B and racing to deploy it before your competitor does, you don’t hire the person who slows things down. You don’t do the infrastructure audit. You don’t pay SolarWinds-level attention to third-party dependencies. You move fast. You move really fast.
The supply-chain attack on Checkmarx and Bitwarden is particularly nasty because it’s targeting the gatekeepers. Checkmarx does software security scanning. Bitwarden manages passwords. If you poison those, you don’t get access to one company—you get access to hundreds of their customers. It’s like breaking into the lock manufacturer instead of picking individual locks. And it worked because… well, the security firms themselves had bad housekeeping.
The university websites serving porn? That’s what happens when organizations have thousands of legacy domains, no inventory system, and skeleton IT crews. Maintenance gets deferred. Domains expire or sit unpatched. Then someone buys the infrastructure and points it at whatever. It’s not sophisticated. It’s just what happens when you don’t keep track of what you own.
One million monthly downloads. That’s the scale of the open source credential theft. Let’s sit with that number for a second. A malicious package gets pulled thousands of times a day for months. How does that happen? Because nobody’s doing code review. Because the maintainer had three jobs. Because we’ve built software infrastructure on the belief that “open source” automatically means “trustworthy.”
It doesn’t.
Photo by UMA media / Pexels
The Quantum-Safe Ransomware Signal
The quantum-safe ransomware thing is the one that actually keeps me up at night.
Ransomware groups aren’t typically known for being forward-thinking. They’re not hedge-fund managers. They’re criminal organizations that want money in 2024. But one of them has already built—and deployed—encryption that’ll still work after quantum computers exist. That’s not paranoia. That’s reading the mail.
Here’s what it tells me: someone smart thinks the window where quantum computers matter is closing faster than the mainstream timeline suggests. Or they’ve already gotten access to quantum tools. Or both.
And we’re building the largest concentration of valuable computational infrastructure—AI data centers—using encryption standards that’ll be obsolete at some point. SoftBank’s robotics company will build these things. Amazon’s spending billions on them. Meta and others are following. All of it’s sitting on cryptographic locks that someone’s already preparing to pick.
My read: in 5-10 years, we’re going to have a reckoning where nation-states or sophisticated criminal groups can decrypt years of traffic. The AI training data, the model weights, the infrastructure configurations—all of it retroactively compromised. And by then it’ll be too late to re-encrypt because the data will have already been used.
The Amazon Paradox
Amazon’s AWS is making more money than expected and spending even more capital than it’s making. That’s not a problem statement—it’s a strategic bet. But it’s a bet that assumes infrastructure costs keep falling and security costs don’t explode.
What happens if they’re wrong on the second part?
The moment you announce a $100B IPO for robotics data-center builders, or raise $50B for an AI company, you’ve announced to every threat actor on the planet: “Here’s where the money and compute is.” It’s like putting a target on your back and then hiring someone to draw it in glow-in-the-dark paint.
Amazon can probably handle a supply-chain attack. Anthropic’s security team is solid. But the ecosystem they’re building in—third-party services, open source dependencies, cloud infrastructure, regional deployments—that’s where the weak points live.
Google Pay and PhonePe in India is a separate story but it rhymes: Amazon and Meta are fighting for dominance in a payment network they don’t control. PhonePe and Google Pay handle 80% of India’s UPI instant payments. That concentration is exactly the kind of thing that makes you vulnerable to regulatory attack, infrastructure failure, or a coordinated security incident.
What I Actually Think
I think we’re in the most dangerous phase of the AI build-out. It’s after hype but before hardening. The money’s flowing. The ambition’s real. The security posture is… aspirational.
My prediction: we’re going to see a major supply-chain compromise of an AI infrastructure vendor by Q4 2025. Not a “we lost some customer data” incident. An actual situation where someone gets access to training data, model weights, or infrastructure configurations of a top-tier AI company. It won’t be quantum computers. It’ll be boring stuff—compromised credentials, unpatched systems, dependencies nobody tracked.
And it’ll happen because the people building this stuff are, rightly, focused on capability. Speed. Scale. Making sure Meta and Amazon don’t eat their lunch. Security gets a budget line and a team of three people who’ve asked for more help four times.
The quantum-safe ransomware is the long-term warning. The supply-chain attacks are the medium-term signal. The maintenance failures at universities are the near-term evidence that we can’t even do basic housekeeping.
I’m not saying AI infrastructure will collapse. I’m saying it’ll get compromised in ways we don’t fully understand for years. And by the time we figure it out, the models trained on compromised data will already be deployed.
What I’m Watching
-
Anthropic’s $50B raise timeline and due diligence scope. If this closes in next 6 months without a major security audit component, it signals the market’s buying the narrative over the mechanics. Watch for any security-focused board additions or public commitments to infrastructure hardening.
-
Next supply-chain attack targeting AI infrastructure vendors directly. Not security tools (those are obvious targets). The real test: when does someone compromise a model registry, a vector database, or a fine-tuning service? That’s the signal the threat landscape has evolved.
-
Quantum computing announcement dates and timeline claims. If anyone major (Google, IBM, China) claims “cryptographically relevant quantum advantage” in the next 18 months, retroactive decryption of stored data becomes a real-time problem instead of a theoretical one. That changes everything about data security economics.
-
SoftBank robotics IPO valuation and security incident response history. How a public company founded to automate infrastructure handles its first major security incident will tell you whether we’ve learned anything about building defensively at scale.