Cyberattacks originating from state-sponsored hackers and overseas digital criminals have transcended identity theft and now pose a threat to physical infrastructure and industries, experts told CNBC on Friday.
A report by cybersecurity firm Cylance identified evidence of compromised systems across 50 companies, 16 countries and 15 industries.
"Our experience in the cybersecurity world discloses that most of the critical infrastructure around the world is woefully under-protected," Greg Fitzgerald, chief marketing officer at Cylance, said in a "Power Lunch" interview.
Read More FBI warns US businesses of 'destructive' malware
Cylance recently uncovered large-scale attacks by Iran on several industries, including aviation. During a two-year investigation, it found evidence of a comprehensive series of attacks that in some cases resulted in hackers gaining total control of networks and systems in the global critical infrastructure space, Fitzgerald said.
"These are the companies that are oil and gas, electricity, airports, and airlines that allow our organizations and the globe to run," he said.
As an example, North Korea was able to take down ATMs that belong to two large banks in South Korea for a week, said Gary Miliefsky, SnoopWall founder and CEO.
Read More Inside North Korea's elite cyberwarfare unit
"They could do it to us if they wanted to. That's how serious it is," he told "Power Lunch".
The threat is rising as mobile devices become ubiquitous in the workplace because many workers install apps without considering where they come from or what they do, said Miliefsky. A number of apps that he has tested have backdoors to China, Russia, and other countries, he said.