According to Eugene Kaspersky, the Russian head of an antivirus software company that carries his name, catastrophic cyberattacks on critical infrastructure are coming in the near future unless governments can agree on rules of engagement to limit the damage.
“We are very lucky we are not suffering too much cyberattacks on critical infrastructure,” Kaspersky told POLITICO on the sidelines of the Paris Peace Forum. “When it happens — and it’s just a question of time — it will be a really painful attack. And I think there will be no option. Nations will have to agree to cooperate.”
Estimating that as many as “half a million” people worldwide might currently be employed in the business of cybercrime — from standalone hackers to armies of professionals for hire by states — the Russian added that attacks were becoming increasingly sophisticated, and ruthless.
Going by what languages his company’s analysts picked up in online chatter, he added that “junior- to mid-level” hackers were Chinese-, Spanish-, Portuguese-, Russian-, English- or Turkish-speaking. But when it came to “highly professional cybercrime,” the “most advanced criminal gangs are all Russian-speaking,” he said.
Kaspersky is one of dozens of corporate figures to have backed the so-called Paris call for trust and security in cyberspace — a non-binding commitment launched in 2018 that aims to de-escalate cyberspace conflict and set the stage for international rules of engagement.