• Home
• cyber security

Telecommunications cybersecurity threats that shaped 2025 are expected to continue well into 2026, with new technology deployments introducing additional layers of operational and security risk, according to the latest findings from Kaspersky.

In its Kaspersky Security Bulletin, the company reviews the evolving threat landscape affecting telecom operators, highlighting that Advanced Persistent Threats (APTs), supply-chain compromises, Distributed Denial of Service (DDoS) attacks, and SIM-enabled fraud remained among the most pressing challenges throughout 2025. These threats, the report notes, continue to place sustained pressure on operators worldwide as networks grow more complex and interconnected.

During 2025, telecom operators faced multiple overlapping threat categories. APT activity remained focused on stealthy, long-term intrusions designed to enable espionage and strategic leverage through privileged access to network infrastructure. Supply-chain vulnerabilities continued to provide effective entry points, as telecom environments depend heavily on a wide ecosystem of vendors, contractors, and tightly integrated software platforms. At the same time, DDoS attacks persisted as a critical availability and capacity risk, capable of disrupting services and degrading customer experience.

Data from the Kaspersky Security Network revealed that between November 2024 and October 2025, 13 percent of users in the telecommunications sector encountered web-based threats, while 21 percent faced on-device threats. In addition, 10 percent of telecom organizations globally were impacted by ransomware incidents during the same period.

Looking ahead to 2026, the report stresses that the telecom sector is transitioning from rapid technological development to large-scale implementation, a shift that brings both opportunity and heightened risk. Kaspersky identifies three key technology transitions that could introduce disruption if deployed without adequate controls. These include AI-assisted network management, where automation may amplify configuration errors or act on misleading data; post-quantum cryptography transitions, where rushed or uneven adoption could create interoperability and performance challenges across IT and interconnect environments; and 5G-to-satellite integration (Non-Terrestrial Networks), where expanded service footprints and new partner dependencies introduce additional integration points and potential failure scenarios.

“The threats that dominated 2025 are not going away. They are now intersecting with operational risks arising from AI automation, quantum-ready cryptography, and satellite integration,” said Leonid Bezvershenko, Senior Security Researcher at Kaspersky’s Global Research and Analysis Team. He added that telecom operators must maintain strong defenses against established threats while embedding security into emerging technologies from the outset, supported by continuous threat intelligence spanning networks from endpoint to edge to orbit.

To enhance resilience and reduce risk, Kaspersky experts recommend continuous tracking of the APT landscape and telecom-relevant infrastructure using threat intelligence platforms, combined with regular security awareness training. They also advise treating AI-driven network automation as a structured change-management program, maintaining human oversight for high-impact actions and validating data sources to prevent large-scale errors. Strengthening DDoS preparedness as a capacity-management priority, protecting edge routing, and monitoring early congestion indicators are also highlighted as critical measures. In addition, deploying advanced Endpoint Detection and Response capabilities can help telecom organizations detect sophisticated threats early and respond effectively.

Further details are available in the telecommunications chapter of the Kaspersky Security Bulletin 2025, which provides in-depth analysis of the sector’s evolving cyber risk landscape.