The latest global cyberattack is a reminder that the era of cyber insecurity is here, expert John Carlin told CNBC on Tuesday.
Hackers hit companies and government officials across Europe on Tuesday, causing widespread disruption.
"We are facing a global epidemic of cyberattacks because fundamentally the internet ... is not secure. The highest end actors can get into your systems if they want to," Carlin, chairman of the Aspen Institute's cybersecurity and technology program, told "Power Lunch."
Ukraine was hit hard, with serious intrusions at its power grid reported. Russia's Rosneft oil company, Danish shipping giant A.P. Moller-Maersk and British advertising agency WPP are among those companies reporting disruptions.
The Department of Homeland Security issued a statement on Tuesday, saying it is monitoring the reports and is coordinating with international and domestic cyber partners.
"We stand ready to support any request for assistance. Upon request, DHS routinely provides technical analysis and support," the agency said.
There is little information about who may be responsible for the attack, but Carlin said it is possible it could be a ransomware attack or a ransomworm, which is a combination of ransomware and a worm that replicates itself across the world.
"If you are a business — and every business these days is a tech business — you are vulnerable," said Carlin, who also chairs Morrison & Foerster's global risk and crisis management and is a former assistant attorney general for the Justice Department's national security division.
He said companies need to start rethinking their security and perhaps create a whole separate system not connected with the main system.
—CNBC's Eamon Javers and the Associated Press contributed to this report.