The Walls Are Closing In on Big Tech's Sandbox

The hacks aren’t coming anymore. They’re here.

In the last few weeks, we’ve watched Russia’s military compromise thousands of consumer routers. Iran-linked hackers disrupted US critical infrastructure. Someone—officially “unfriendly states”—stole $15 million from a sanctioned currency exchange. These aren’t theoretical threats or conference-talk scenarios. They’re happening now, in parallel, like a coordinated stress test of everything we built on the assumption that American networks had time to catch up.

And that’s just the warm-up act.

Buried in the noise is something darker: advances in quantum computing are pushing us toward what researchers call “Q-Day”—the moment when quantum systems can crack current encryption. We’re not there yet. But “closer” is starting to feel like a synonym for “eventually inevitable.”

This is the moment where a decade of move-fast-and-break-things collides with the reality that you can’t break critical infrastructure and get away with it anymore. The sandbox is closing.

Abstract view of a blue and white industrial building wall with roller door, highlighting geometric patterns and colors. Photo by Jan van der Wolf / Pexels

The Stack We Built on Borrowed Time

Here’s what we have to understand: the entire modern internet was architected in an era when American military and economic dominance made certain assumptions reasonable. Our encryption standards, our trust models, our routing protocols—they all assumed a world where the US and its allies controlled the hardware, the code, and the geopolitical rules.

That world ended sometime around 2015. We just didn’t want to admit it.

Russia’s military hacking thousands of consumer routers isn’t sophisticated. It’s scale. They’re not trying to be subtle anymore. Neither are Iran-linked operators when they’re hitting critical infrastructure directly. The message is clear: we can reach anything you have.

What’s changed is the stakes. Ten years ago, a compromised router meant your Netflix got weird. Now it means the grid blinks. Water treatment fails. Hospitals lose network access.

The $15 million heist is almost quaint by comparison—a reminder that the financial system’s “security” is still held together with crypto duct tape and the goodwill of exchanges that regulatory arbitrage lets operate in the shadows. When unfriendly states want money, they don’t negotiate. They just take it.

Close-up of hands holding a smartphone displaying 'Announcing Grok 3' on a dark background. Photo by UMA media / Pexels

The Quantum Elephant in the Room

I need to be honest about what I don’t know here. The headlines say “recent advances push Big Tech closer to the Q-Day danger zone,” but they don’t specify how close. Is this a 5-year problem? 10 years? 20?

What I do know: every conversation I’ve had with cryptography people in the last three years has shifted from “quantum is coming” to “quantum’s coming sooner than we thought.” And unlike most technology hype, this one has a hard deadline built in—the moment the math breaks.

Worse: hostile nations are almost certainly harvesting encrypted data right now, betting they’ll be able to decrypt it once they have quantum computers. Your 2024 banking data, your private messages, your corporate secrets—they’re collecting it all like canned goods for the future. This isn’t paranoia. This is the stated doctrine of every major intelligence service.

The infrastructure to fight this exists. Post-quantum cryptography standards exist. But deploying them across billions of devices, across legacy systems that can’t be patched, across a supply chain that includes components from countries we sanction? That’s a problem that doesn’t have a 18-month solution. It barely has a 10-year solution if we start today.

We’re not starting today.

What Happens When the Satellites Miss

Blue Origin’s New Glenn just put a customer satellite in the wrong orbit on its third launch.

This seems small next to hacking and quantum threats, but it’s actually the same disease wearing a different symptom: the infrastructure we’re betting our future on is not ready. SpaceX has revolutionized launch economics, sure. But Blue Origin’s stumble on what’s supposed to be a Moon-critical system suggests that competition in space launch is moving fast enough that failure modes we thought were solved keep appearing.

NASA needs these launches. The Trump administration’s Moon ambitions need these launches. The entire vision of space-based infrastructure—GPS, communications, sensing—depends on launch reliability we don’t actually have.

It’s a three-failure coincidence: hackers have the whole stack under siege, quantum math is coming for the encryption, and the rockets that might eventually help us rebuild this whole thing keep wobbling on the launchpad.

The AI Startup Apocalypse Is Quietly Starting

Here’s where it gets weird: “The 12-month window” refers to something most people in Silicon Valley understand but won’t say out loud.

There are thousands of AI startups that exist only because GPT-4 or Claude or Gemini haven’t expanded into their specific market yet. They’re not building moats. They’re building sandcastles in the 12-month gap before foundation models eat their lunch.

The headline doesn’t say Big Tech has already started moving into these categories. But the subtext is clear: they will, and when they do, the startups fold.

This matters because it means the entire AI funding wave of 2023-2024—the one that convinced everyone we’re in a tech renaissance—is partially fake. A lot of that capital is going into companies with literal expiration dates. When the music stops, a lot of these shops close quietly.

And that’s during good times, when there’s still venture capital flowing. Now add hacking, add geopolitical risk, add regulatory pressure as governments realize AI training data might be compromised, and suddenly the sandbox startups look less like the future and more like a liquidation event waiting to happen.

Palantir’s Ideological Moment

Palantir posted what it called a “mini-manifesto” denouncing inclusivity and “regressive” cultures.

I’m not going to litigate culture war politics here. What matters is the signal: a company that’s deeply embedded in US government infrastructure—especially national security infrastructure—is consciously positioning itself as ideologically aligned with a particular administration.

That’s not new. It’s always been there. But saying it out loud, in a manifesto? That’s a choice. It’s also a bet that the Trump administration stays in power, that the geopolitical logic that favors Palantir’s intelligence-gathering tools remains dominant, and that there won’t be a backlash from partners or customers who find the ideology radioactive.

Here’s my read: this is what happens when a company gets too close to the state. You stop being a vendor and start being an ideological partner. You stop serving the nation and start serving a faction. That works great until it doesn’t—and then you’re not a defense contractor anymore, you’re a political liability.

Glowing digital globe display at night in Dubai Expo, showcasing illuminated continents. Photo by Denys Gromov / Pexels

What I Actually Think Is Happening

My prediction: we’re going to see a bifurcation in the next 18 months.

One path: government gets serious about hardening critical infrastructure, starts mandating post-quantum crypto, forces a standards shift that costs billions and annoys everyone. This is the boring, necessary outcome. It’ll happen slower than it should.

The other path: a major hack of something truly critical happens—power grid, financial system, healthcare network—and suddenly there’s political will to do something drastic. The “something drastic” will probably be overreach, will probably harm innovation, and will definitely feel like closing the barn door after the horses escaped.

What won’t happen: the AI startups suddenly develop moats. Quantum threat gets magically solved. Blue Origin’s rockets start landing perfectly. The infrastructure just… gets fixed.

We’re about two years away from a reckoning where people realize that the tech stack we built in the 2010s wasn’t designed for a world where nation-states treat networks like battlefields. When that realization hits, it’ll feel sudden. But if you look at the headlines—at the parallel hacks, the quantum advances, the launch failures, the sandcastle startups—it’s not sudden at all. It’s been telegraphed.

What I’m Watching

Post-quantum crypto adoption timeline: Watch for NIST standards getting mandatory compliance dates for federal contractors by Q4 2025. If that doesn’t happen, assume the government knows something bad is imminent and is quietly panicking instead of planning.
The next Blue Origin launch: If New Glenn fails again in the next 6 months, that’s a signal that SpaceX’s competitive advantage is bigger than we thought and NASA’s Moon timeline gets pushed again. Watch the language around “acceptable risk.”
Venture funding for late-stage AI startups: If the number of Series C+ rounds drops by 30% year-over-year by Q3 2025, the market has priced in the 12-month window collapse and is picking winners. That’s your signal the consolidation is real.
A major breach of critical infrastructure: This one I hate to watch for, but not spotting it early means we weren’t paying attention. The next hack that makes national news probably won’t be a surprise to security teams—it’ll just be the first one that breaks through to the headlines.