Military-made cyberweapons could soon become available on the dark web, Interpol warns

Digital tools used by the military to conduct cyberwarfare could eventually end up in the hands of cybercriminals, a top Interpol official has warned.

Jurgen Stock, the international police agency’s secretary general, said he’s concerned state-developed cyberweapons will become available on the darknet — a hidden part of the internet that can’t be accessed through search engines like Google — in a “couple of years.”

“That is a major concern in the physical world — weapons that are used on the battlefield and tomorrow will be used by organized crime groups,” Stock said during a CNBC-moderated panel at the World Economic Forum in Davos, Switzerland, Monday.

“The same applies for the digital weapons that, maybe today are used by the military, developed by military, and tomorrow will be available for criminals,” he added.

Cyberweapons come in many forms, with ransomware — where hackers lock down a company’s computer systems and demand a ransom payment to restore control — being a key one. The topic of cyberwar has long been a concern for global governments, but it’s gotten renewed attention amid the Russia-Ukraine war.

Moscow has been blamed for numerous cyberattacks that took place before and during its military invasion of Ukraine. The Kremlin has consistently denied such accusations. In the meantime, Ukraine has enlisted the help of volunteer hackers from around the world to help it defend against Russian aggression.

Stock called on business leaders to increase cooperation with governments and law enforcement authorities to ensure more effective policing of cybercrime.

“On the one hand, we are aware of what’s going on — on the other hand, we need the data, which are in the private sector,” he said.

“We need your [cyber breach] reports. Without your reports, we are blind.”

A “huge number” of cyberattacks go unreported, Stock said. “That is a gap we need to close together, not just law enforcement that require that we build bridges between our siloes, the islands of information.”

The number of cyberattacks more than doubled globally in 2021, according to the World Economic Forum’s Global Cybersecurity Outlook report. Ransomware remains the most popular type of attack, according to the report, with organizations being targeted 270 times a year on average.

Cybersecurity incidents are putting critical energy infrastructure and supply chains at risk, executives and government officials on the panel said.

Robert Lee, CEO and co-founder of cybersecurity firm Dragos, urged businesses to focus on real-world scenarios — like the Russian state-backed attack on Ukraine’s power grid in 2015 — instead of more hypothetical risks. Ukraine fended off a similar attempt to compromise its energy infrastructure in April this year.

“Our problem is not needing ‘next-gen’ AI, blockchain or whatever else,” Lee said. “Our problem usually is just about rolling out with things that we’ve already invested in.”