The third threat, according to Kaspersky, was telecommunications infrastructure.
"If there is no internet and no mobile network, that's the end of our civilisation, even if the power grid and transport system still works," he said.
Kaspersky - who himself uses an old Sony Ericsson phone with no internet connectivity - said that our reliance on modern telecommunications means that failure of one of these systems would have a huge economic and social impact.
He went on to warn that these sorts of attacks would not be limited to nation state actors with a goal to disrupt a foreign entity, but would be under threat from cyber criminal gangs with financial motivation.
This is an issue which has mainly been the purview of a select number of partners, such as Western Australia-based partner, Hivint, but more will be needed if the threat of these attacks increases.
Speaking to ARN in 2016, The Hivint's principal consultant, Tom Jreige, said this was an issue that needed immediate attention as many local critical infrastructure systems were vulnerable.
"It is quite a critical topic now and people should be scared, especially those running the organisation if they are not being proactive," he said.
Jreige explained the approach Hivint takes in dealing with these vulnerabilities is founded in risk assessment.
"Risk management is one of the key things and it has to be done properly to understand the context of the system," Jreige said.
"Once you have the correct context, then you are able to understand what are the current controls in place, if there are any, how to enhance them, how to provide new technology without disrupting the current service and providing a protection that is adequate for that environment.
"Monitoring and logging of events is one of the biggest things which can be done to give visibility to the environment," he added.
Sign up for Computerworld eNewsletters.