Cybersecurity challenges facing the global telecommunications sector are expected to persist into 2026, as long-standing threats converge with risks introduced by emerging technologies, according to a new analysis by Kaspersky.
The telecommunications chapter of the Kaspersky Security Bulletin notes that operators remained under sustained pressure throughout 2025 from Advanced Persistent Threats (APTs), supply-chain vulnerabilities, distributed denial-of-service (DDoS) attacks and SIM-related fraud. These threats continued to target telecom networks as critical infrastructure supporting national economies and digital services.
The report identifies targeted intrusions as a key concern, with APT groups seeking long-term, covert access to operator environments for espionage and strategic advantage. Supply-chain risks also remained significant due to the sector’s dependence on a wide range of vendors, contractors and integrated platforms, where weaknesses in commonly used software can expose entire networks. DDoS attacks further continued to disrupt service availability and strain network capacity.
Also Read: Kaspersky flags surge in ransomware, AI and NFC fraud targeting global financial sector in 2025
According to data from the Kaspersky Security Network, between November 2024 and October 2025, nearly 13 per cent of telecom users encountered web-based threats, while more than 20 per cent faced on-device threats. During the same period, close to 10 per cent of telecommunications organisations worldwide were affected by ransomware incidents.
Looking ahead, Kaspersky cautions that the industry’s shift from rapid innovation to large-scale deployment of new technologies could introduce additional operational challenges. The report highlights three areas of concern for 2026: AI-assisted network management, where automation may magnify configuration errors or act on misleading data; post-quantum cryptography, where rushed implementation could lead to interoperability and performance issues; and 5G-to-satellite (non-terrestrial network) integration, which expands coverage but increases complexity and dependency on external partners.
Leonid Bezvershenko, senior security researcher at Kaspersky’s Global Research and Analysis Team, said that while familiar threats such as APT campaigns, supply-chain attacks and DDoS operations remain persistent, they are now intersecting with risks linked to new technological deployments. He stressed that telecom operators must secure both existing infrastructure and emerging systems simultaneously.
To enhance resilience, Kaspersky recommends continuous monitoring of threat activity affecting telecom infrastructure, supported by threat intelligence tools and regular security awareness training. The company also advises operators to implement AI-driven automation gradually, maintain human oversight for critical decisions and ensure the integrity of data feeding automated systems. Strengthening DDoS preparedness and deploying advanced endpoint detection and response solutions are also highlighted as key measures to improve early detection and incident response.
