The sheer volume of cyber attacks today may be staggering, but the growing sophistication of cyber crime syndicates and state-sponsored actors poses the most significant threat to organisations, warned Eugene Kaspersky, CEO of Kaspersky, at Gitex Asia 2025.
Addressing an audience of tech leaders in Singapore, Kaspersky pointed out three challenges as the world moves into the cyber age: the overwhelming scale of global cyber crime, the rise of highly skilled professional attackers, and the increasing danger of attacks targeting critical infrastructure.
Addressing the first challenge, Kaspersky highlighted the immense scale of everyday cyber threats. “Every day, we find almost half a million new, unique malicious applications,” he said, noting that the figure stood at 467,000 daily detections currently, up from 400,000 last year.
Kaspersky acknowledged the difficulty in pinning down the exact number of attackers, but suggested “hundreds of thousands” wouldn’t be surprising. His company’s analysis of malware code and associated data also revealed a global problem, with the most common languages used by attackers being “Chinese, Spanish, Portuguese, Russian, Turkish and many others” alongside “broken English”.
While technically sophisticated cyber attacks exist, Kaspersky noted that many of them are still of low-level or mid-level complexity. His company employs a vast automated system underpinned by machine learning to handle the deluge.
“Every day, we collect about 15 million suspicious files,” he said, adding that these are processed through multiple filters, including behavioural analysis and similarity checks. “Some of the filters are based on machine learning technologies, which people now call AI. Honestly, I don’t like the AI term. Technically, it’s just machine learning – it’s smart and complicated but it’s not intelligence.”
Kaspersky was more concerned about the second challenge, that is, the rise of attacks orchestrated by state-sponsored espionage groups and professional cyber criminals. The number of professional cyber crime groups tracked by Kaspersky has ballooned from around 10 a decade ago to nearly 1,000 today. They have developed complex malware projects with versioning, improvements and customisation.
Among cyber crime groups, Kaspersky singled out Russians as being at the top of their game, displaying images of the Russian perpetrators behind the Colonial Pipeline ransomware attack. He described them as “young, mostly men with technical backgrounds” who are well-versed in operating systems and security but operating on the wrong side of the law.
Protecting against these threats will require organisations to adopt multiple layers of security, including anomaly detection, which had helped Kaspersky the company uncover a sophisticated campaign targeting Apple iPhones in its network.
The third – and perhaps most alarming – challenge involves attacks targeting industrial control systems, internet of things (IoT) devices and critical infrastructure. While security products exist for industrial environments, Kaspersky argued that traditional cyber security, often viewed as risk management, is insufficient when critical infrastructure is at stake.
That has led Kaspersky to advocate for a shift towards what he deemed as cyber immunity – designing systems that are inherently secure and “unhackable” by default. The concept is embodied in KasperskyOS, an operating system built from scratch on a microkernel architecture.
Unlike traditional systems where permissions are often broad, KasperskyOS employs strict isolation and a permission-based security model. “All parts of the system are isolated and communicate only through the security layer,” said Kaspersky. “Every part of the system has prescribed permissions and everything which is not allowed is forbidden.”
Even if a component is compromised, its ability to cause harm is limited because any behaviour outside its strict permissions is blocked by the security layer. “If your calculator is hacked and wants to get to the internet, it can’t as it doesn’t have the permission,” said Kaspersky.
KasperskyOS was not a pipe dream, he added, citing existing products in the market based on the operating system, such as thin clients developed by partners in Russia and China, as well as industrial IoT gateways. He even showcased a mobile phone that runs on KasperskyOS, though he acknowledged that the device is “not really smart” yet as it requires applications to be redesigned.
“We are looking for more partners to develop more solutions based on our operating system,” said Kaspersky. “I believe we can’t move to the cyber age without cyber immunity, especially in critical infrastructure.”