The telecommunications sector continued to face sustained cybersecurity pressure throughout 2025, with threat patterns expected to persist well into 2026, according to findings released in the Kaspersky Security Bulletin. The report reviews how advanced persistent threat activity, supply chain compromise, distributed denial of service disruption, and SIM enabled fraud shaped the security landscape for telecom operators over the past year. At the same time, it points to emerging operational risks tied to new technology deployments, warning that innovation without consistent security controls may widen the attack surface rather than reduce it.
During 2025, telecom operators encountered three dominant categories of cyber risk. Targeted intrusions linked to advanced persistent threat groups remained focused on gaining covert and long term access to operator environments, allowing attackers to exploit privileged network positions for espionage and leverage. Supply chain vulnerabilities continued to present a significant challenge, as telecom networks depend on a wide ecosystem of vendors, contractors, and interconnected platforms. Weaknesses in commonly deployed software or managed services often provided attackers with indirect access paths into core systems. In parallel, DDoS attacks remained a persistent availability concern, straining network capacity and disrupting services. Data from Kaspersky Security Network shows that between November 2024 and October 2025, 13 percent of users in the telecommunications sector encountered web based threats, while 21 percent faced on device threats. The report also notes that 10 percent of telecom organizations globally experienced ransomware incidents during this period.
Beyond these established risks, the report highlights how the sector’s shift from rapid development to broad scale implementation of new technologies introduces additional complexity for 2026. Kaspersky identifies three transition areas that could create disruption if not carefully managed. AI assisted network management is becoming more common, but automation can magnify configuration errors or act on manipulated or low quality data, leading to widespread service impact. Post quantum cryptography transitions also present challenges, as hurried deployment of hybrid or quantum resistant approaches may result in interoperability, latency, or performance issues across IT systems, management platforms, and interconnect environments. In addition, the integration of 5G networks with satellite connectivity through non terrestrial networks expands service reach but introduces new dependencies, integration points, and potential failure modes that must be secured across organizational and partner boundaries.
Leonid Bezvershenko, senior security researcher at Kaspersky Global Research and Analysis Team, said that the threat environment facing telecom operators is becoming increasingly multidimensional. He noted that the same APT campaigns, supply chain attacks, and DDoS activity seen in 2025 are continuing, while intersecting with operational risks tied to AI automation, quantum ready cryptography, and satellite integration. According to Bezvershenko, operators require visibility across both traditional cyber threats and emerging technology risks, emphasizing the role of continuous threat intelligence that spans endpoint, network edge, and space based infrastructure.
To strengthen resilience, Kaspersky experts advise telecom operators to maintain continuous monitoring of APT activity and infrastructure specific threats, supported by contextual intelligence and regular security awareness training for staff. The report also stresses the need to approach AI driven network automation as a structured change management process, with phased rollouts, human oversight for high impact actions, and ongoing validation of data inputs. DDoS preparedness is framed as a capacity management challenge, requiring upstream mitigation, protected routing at the network edge, and early detection of congestion indicators. In addition, Kaspersky recommends deploying advanced endpoint detection and response capabilities to identify sophisticated threats early, support rapid investigation, and enable effective containment and remediation across complex telecom environments.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
