New tech keeps telecom threats alive into 2026: warns Kaspersky

ISLAMABAD: Advanced cyber threats targeting the telecommunications sector are expected to persist into 2026, driven by both long-standing attack vectors and risks emerging from new technology deployments, according to the Kaspersky Security Bulletin 2025.

Reviewing developments that shaped telecom cybersecurity in 2025, the report notes that Advanced Persistent Threats (APTs), supply-chain compromises, distributed denial-of-service (DDoS) attacks and SIM-enabled fraud continued to place sustained pressure on telecom operators worldwide. At the same time, the rollout of newer technologies is introducing additional operational and security risks.

Kaspersky identified four major threat categories affecting telecom operators in 2025. Targeted intrusions by APT groups remained focused on gaining stealthy, long-term access to operator networks for espionage and strategic leverage. Supply-chain vulnerabilities continued to be a major entry point, as telecom ecosystems depend on numerous vendors, contractors and tightly integrated platforms. DDoS attacks remained a persistent challenge, disrupting network availability and capacity, while ransomware continued to impact a significant portion of the sector.

Data from the Kaspersky Security Network showed that between November 2024 and October 2025, 12.79 percent of users in the telecommunications sector encountered web-based threats, while 20.76 percent faced on-device threats. During the same period, 9.86 percent of telecom organizations globally experienced ransomware incidents.

The report also highlights that the telecom industry is transitioning from rapid technological development to large-scale implementation, a shift that could create new vulnerabilities in 2026 if not managed carefully. Kaspersky pointed to three key areas of concern: AI-assisted network management, where automation may amplify configuration errors or act on misleading data; transitions to post-quantum cryptography, where rushed or uneven deployment could lead to interoperability and performance issues; and 5G-to-satellite integration, also known as non-terrestrial networks (NTN), which expands service footprints while introducing new integration points and dependencies.

“The threats that dominated 2025 — APT campaigns, supply chain attacks and DDoS floods — aren’t going away,” said Leonid Bezvershenko, Senior Security Researcher at Kaspersky’s Global Research and Analysis Team. “They now intersect with operational risks from AI automation, quantum-ready cryptography and satellite integration. Telecom operators must defend against known threats while embedding security into new technologies from the outset.”

To strengthen resilience, Kaspersky experts recommend continuous monitoring of the APT landscape and telecom-relevant infrastructure, supported by threat intelligence and regular security awareness training. They also advise treating AI-driven network automation as a structured change-management process, with human oversight, staged rollouts and clear rollback mechanisms.

The report further stresses the need to enhance DDoS preparedness as part of capacity management and to deploy advanced endpoint detection and response (EDR) solutions to enable early threat detection, rapid investigation and effective incident response.

The full telecommunications chapter of the Kaspersky Security Bulletin 2025 provides a detailed analysis of these trends and recommendations. Monitoring Desk