Gartner’s warning that by 2028 a misconfigured AI system will shut down national critical infrastructure in a G20 country is not just another headline in the global tech news cycle; it is a direct challenge to how Pakistan is designing its future. The scenario does not involve a hostile foreign power breaching our firewalls, nor a zero‑day exploit ripping through our grids and networks. It is far more uncomfortable than that: a well‑intentioned engineer, a flawed update script, a misplaced decimal buried deep in an automated control policy, and a black‑box AI model doing exactly what its training and configuration tell it to do—until the lights go out and the networks fall silent. For a country that is simultaneously struggling to stabilise its power sector, racing to roll out 5G, and pushing for digital transformation across government and industry, this is not an abstract risk. It is the most plausible path to the kind of failure we can least afford: a self‑inflicted national outage that no one can honestly call a cyberattack, yet everyone will experience as a collapse of critical infrastructure.
To understand why this matters so much, it helps to unpack what “misconfigured AI” really means in the context of cyber‑physical systems. These are environments where software decisions directly move electrons, open and close breakers, allocate radio spectrum, route packets, and tune flows. Pakistan’s power grid already depends on a patchwork of EMS and SCADA platforms, some old, some new, stitched together across the transmission backbone and the DISCOs. Our telcos operate complex, software‑defined cores, with virtualised network functions, orchestration layers, and increasingly automated RAN and transport networks. Into these stacks, AI is being introduced as a force multiplier: models that forecast demand more accurately than any human planner, anomaly‑detection engines that claim to see faults before they manifest, automation tools that promise to squeeze more efficiency out of scarce capacity. None of this is inherently bad. In fact, for a resource‑constrained country, AI is an attractive way to do more with less. But every time we plug an AI system into the control loop of a grid or a 5G network, we are also accepting that misconfigurations will happen in a space where failure looks like hours of load‑shedding beyond the schedule, mobile networks blinking out in a crisis, or core services becoming unreachable when they are needed most.
The most disquieting aspect of Gartner’s scenario is that it reframes risk as a property of our own design rather than of an external threat. Pakistan’s regulatory and policy discourse around critical infrastructure has, for understandable reasons, focused heavily on cyber attacks, data breaches, and hostile interference. We talk about protecting “national critical information infrastructure,” about incident response, about threat intelligence, about building CERT capabilities and tightening controls on access and data flows. All of that remains necessary. But none of it is sufficient for a world in which a perfectly legitimate, fully authorised AI deployment in a control room can, through a subtle configuration error, wreak more havoc than many adversaries. The question is no longer only “Can someone break in?” but “What happens when our own systems behave in ways we did not anticipate, at machine speed, across tightly coupled networks and grids that were never designed for this kind of autonomy?”
In Pakistan’s power sector, this tension is particularly stark. The grid is fragile and politically sensitive, with chronic load‑shedding, capacity constraints, and pressure to improve both technical and commercial performance. It is also an obvious candidate for AI: better load forecasting, more intelligent dispatch, predictive maintenance on aging assets, and automated protection schemes that react faster than human operators. Imagine a model trained on historical load data, weather patterns, and industrial cycles, now tasked with optimising dispatch and protection settings in real time. During normal operations, it works beautifully, shaving peaks, reducing losses, and helping planners justify the “AI investment” to donors and boards. Then a modest set of configuration changes is rolled out—a new threshold here, a modified penalty function there, a tweak to how the model treats certain anomalies in the sensor data. None of these changes looks catastrophic in isolation. But in combination, they make the system more aggressive in isolating what it considers “unstable” segments. On a hot evening when demand spikes and a few lines are already stressed, the AI begins tripping feeders and isolating portions of the network at a pace and scale that overwhelms manual intervention. What started as an efficiency play has turned into a cascade, not because anyone hacked in, but because the design never built in robust ways to constrain, observe, and override what the AI was allowed to do.
The same logic applies to 5G networks, which are even more software‑defined and dynamic by design. Pakistan’s operators are under pressure to modernise, roll out advanced services, and maintain quality across urban congestion and rural sprawl. AI‑driven resource allocation, self‑organising networks, and automated slicing are sold as the answer: let the algorithms continuously tune spectrum, power, handovers, and quality of service parameters in response to shifting demand. The deeper those algorithms reach into the control plane, the more we rely on configuration files, policy templates, and code to encode what is “safe” and “optimal.” A misconfigured AI agent that starts reallocating resources too aggressively, that misclassifies certain traffic patterns, or that overreacts to noisy telemetry can, in principle, degrade or even disable services across entire regions. You do not need a distributed denial‑of‑service attack when your own orchestration layer can accidentally starve or misroute critical traffic because of a change that passed review but was never tested under realistic stress.
This is why the idea of “safe override” needs to move from the margins of technical design into the centre of national infrastructure strategy. When Gartner and others talk about kill‑switches or override mechanisms for AI‑enabled cyber‑physical systems, they are not being melodramatic. They are articulating a basic safety principle: no automated system should have unbounded authority over critical controls without a clear, tested, and human‑controlled way to put it into a safe, degraded, or manual mode. For Pakistan’s power and telecom operators, this means designing from the outset for modes where AI recommendations can be suspended, where automated actions can be halted, and where human operators can take back control in ways that have been drilled, not improvised. It also means making authority explicit: who, in a control room at NTDC or in a telco NOC, can declare “AI‑off” for a given domain, under what conditions, and how is that decision escalated and communicated? These are not just technical questions but organisational and regulatory ones, and they need answers before—not after—the first AI‑related incident.
Equally important is where and how we test these systems. Complex AI behaviour often only manifests under complex conditions: multiple failures interacting, noisy inputs, unusual load patterns, and edge cases that no engineer would think to script manually. If Pakistan wants to take Gartner’s warning seriously, it cannot treat production infrastructure as the primary discovery environment for AI failure modes. That implies investing in digital twins and high‑fidelity testbeds for both the grid and core networks. A digital twin of a transmission and distribution system, for example, allows operators to replay historical stress events, inject faults, simulate heatwaves or storms, and observe how AI‑controlled protection and dispatch logic responds. If the AI begins to behave in ways that are unstable or counter‑intuitive, that is a signal to refine the models, tighten their constraints, or redesign the surrounding safeguards. Similar twin environments for 5G cores and RAN segments would allow telcos to see how AI‑driven orchestration behaves when towers go down, when certain traffic classes spike, or when backhaul links degrade. The goal is not perfection but confidence: when a configuration change goes live, it should have survived more than a code review and a lab test; it should have weathered realistic, adversarial scenarios in a twin that behaves like the real thing.
Behind all of this lies the question of containment. We have, for years, used concepts like network segmentation, isolation, and blast radius to talk about cybersecurity. Those same concepts need to be applied explicitly to AI. If a misconfigured model controlling a subset of feeders or a particular radio domain starts making bad decisions, how far can that influence propagate before architecture, policy, or physical limits stop it? Have we deliberately constrained what classes of actions the AI is allowed to take autonomously, especially in power systems where opening or closing certain assets has cascading effects, or in mobile networks where emergency services traffic cannot be compromised? Are there “circuit breakers” at the architectural level that prevent an automated system from taking down an entire grid region or switching off large swathes of mobile coverage? Designing for a small blast radius is an admission that misconfiguration is inevitable; the point is to ensure that inevitability does not translate into national‑level failure.
If the technical story is challenging, the governance story is even more so. Pakistan’s emerging cybersecurity frameworks, sectoral regulations, and critical‑infrastructure guidelines have begun to recognise the systemic importance of power, telecoms, and financial networks. They speak of resilience, incident response, protection of critical assets. Yet they are only starting to grapple with AI as a first‑class actor in these systems. Regulators, boards, and ministries will need to ask more pointed questions: where exactly is AI influencing operational decisions in the grid and in the network, and what are the formal safeguards—override, testing, segmentation, monitoring—that govern its behaviour? Are AI‑related incidents, including near‑misses, being logged, reported, and analysed with the same seriousness as cyber breaches or major outages? Do audit processes extend beyond checking that a “model governance policy” exists, to actually examining how AI decisions are constrained in the live infrastructure?
None of this can be outsourced entirely to vendors. Pakistan will naturally rely on foreign and domestic technology partners for hardware, software, and AI capabilities. But when the question on the street is “Why is my electricity out?” or “Why is the network down again?”, no one will be interested in whether a foreign supplier mis‑tuned a parameter or a local integrator misinterpreted a configuration file. Responsibility will sit with the operators and, ultimately, with the ecosystem of regulators and policymakers who allowed AI to assume certain roles without demanding appropriate design and governance. Gartner’s forecast is, in that sense, a mirror: it reflects not just the growing power of AI, but the current weakness of the human systems that are supposed to control it.
The choice facing Pakistan is not between adopting AI and avoiding risk. AI is already here, and not adopting it at all would amount to accepting inefficiencies and losses that the country can ill afford. The real choice is between an infrastructure future in which AI is wired into grids and networks as an opaque, poorly constrained layer of automation, and one in which AI is treated as a powerful but inherently fallible component of a larger socio‑technical system that is designed to tolerate and recover from its mistakes. In practical terms, that means insisting on safe override, on robust testing in realistic digital twins, on architectural containment of failure, and on governance mechanisms that keep human accountability squarely in the loop. It means accepting some friction and cost now to avoid far greater disruption later. And it means recognising that the most likely author of a future national blackout or network collapse may not be an enemy outside our borders, but a set of decisions we are quietly making today about how much unchecked power we hand over to our own machines.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
