anglumea.com - Cyber threats targeting the telecommunications sector continue to evolve and grow more complex. For years, conventional hacker attacks such as network intrusions, data theft, and Distributed Denial of Service attacks have been the primary concern. Today, telecommunications operators must also prepare for a new category of risk that originates from within their own systems. Artificial Intelligence technology, which is widely expected to deliver efficiency and automation, can instead become a source of serious vulnerability if it is not managed with discipline and foresight.
This reality is highlighted in the latest Kaspersky Security Bulletin, which reviews the cyber threat landscape throughout 2025 and outlines risk projections that are expected to become more pronounced in 2026. The report emphasizes that the telecommunications sector is standing at a decisive intersection between technological innovation and rising operational risk.
Cyber Threats Continue to Loom Throughout 2025
According to Kaspersky, throughout 2025 the telecommunications sector remains under pressure from large scale and well organized classic cyber threats. One of the most dominant is the Advanced Persistent Threat campaign. APT attacks are typically carried out by groups with substantial resources and long term objectives, such as espionage, strategic data theft, or infiltration of critical infrastructure.
These attacks are particularly dangerous because the perpetrators attempt to remain hidden within an operator’s network for as long as possible without detection. By exploiting privileged access, attackers can monitor network traffic, steal sensitive information, and prepare follow up attacks with wide ranging consequences.
In addition to APT campaigns, supply chain vulnerabilities continue to represent a significant weakness. The telecommunications ecosystem involves many parties, including hardware vendors, software providers, and third party service partners. A single flaw in a vendor system or a widely used software update can open a pathway for attackers to penetrate the networks of major operators.
Another persistent threat is the Distributed Denial of Service attack, which remains a favored tool among cybercriminals. These attacks do not only undermine security but also directly affect service availability and the quality of customer experience. For operators, DDoS attacks are increasingly viewed as issues of network capacity management and reliability rather than purely technical security problems.
Kaspersky also notes ongoing pressure from SIM based fraud, although the report does not explore the technical details in depth. This type of fraud remains a serious threat because it directly affects customer trust and carries the potential for significant financial losses.
Based on data from the Kaspersky Security Network covering the period from November 2024 to October 2025, approximately 12.79 percent of users in the telecommunications sector faced online threats, while 20.76 percent were exposed to device level threats. More concerning still, 9.86 percent of telecommunications organizations worldwide were recorded as having experienced ransomware attacks during this period.
A New Risk When AI Becomes a Weak Point
Looking ahead to 2026, Kaspersky assesses that the telecommunications sector will enter a new phase, marked by a transition from rapid technology development to large scale implementation. One of the central themes is the use of AI in network management and automation.
On one hand, AI offers high efficiency, real time analytical capabilities, and decision making speed that surpasses human capacity. On the other hand, excessive reliance on AI driven automation can amplify the impact of errors when systems operate on inaccurate data, biased inputs, or information that has been deliberately manipulated by malicious actors.
Kaspersky warns that automated decisions made without human oversight can trigger major changes that are definitively wrong. Configuration errors introduced by AI systems can propagate rapidly across an entire network, causing widespread service disruptions in a very short time.
For this reason, AI adoption must not be treated as a simple technology upgrade. Operators need to approach it as part of a comprehensive change management program that includes controls, testing procedures, and continuous evaluation mechanisms.
The Challenge of Post Quantum Cryptography
Beyond AI, the Kaspersky report also highlights the transition toward Post Quantum Cryptography as another emerging challenge. Preparing for the threat posed by quantum computing is undeniably important, yet rushed implementation can introduce interoperability issues and degrade system performance.
Hybrid or post quantum approaches that are not carefully planned can increase the complexity of IT environments, particularly in network management systems and inter operator connectivity. Without thorough testing, these new security technologies can themselves become sources of operational disruption.
The Importance of Comprehensive Visibility and Control
“The threats that dominated 2025, including APT campaigns, supply chain attacks, and DDoS attacks, are not going away. Today, however, they intersect with operational risks arising from AI automation and new technologies,” said Leonid Bezvershenko, Senior Security Researcher at Kaspersky GReAT, in an official statement.
He stressed that telecommunications operators require comprehensive visibility across the entire threat landscape. This visibility must extend beyond known threats to include new risks that emerge from the very first day advanced technologies are adopted.
Recommendations for Navigating the 2026 Threat Landscape
To address this complex threat environment, Kaspersky offers several strategic recommendations. Operators are encouraged to continuously monitor APT activity and telecommunications infrastructure while leveraging threat intelligence to understand attacker contexts and the latest attack patterns.
AI based automation should be implemented gradually, with clearly defined rollback paths in case errors occur. Human oversight must remain in place for high impact decisions, particularly those related to core network configuration. Input data validation for AI systems is critical to ensure that false or manipulated information does not trigger harmful changes.
At the same time, preparedness for DDoS attacks should be viewed as an integral part of network capacity management. This includes upstream mitigation, edge routing protection, and proactive traffic monitoring to detect anomalies at an early stage. The deployment of Endpoint Detection and Response solutions is also considered essential for identifying advanced threats earlier and accelerating incident response.
As cyber threats become increasingly layered and dynamic, this report serves as a reminder that the future challenge for the telecommunications sector extends beyond combating hackers alone. Operators must also ensure that advanced technologies such as AI genuinely function as tools of reinforcement, rather than quietly transforming into new points of weakness within network operations.
Conclusion
The telecommunications sector is entering a period where innovation and risk are inseparable. Traditional cyber threats remain persistent, yet they are now compounded by operational vulnerabilities introduced through AI automation and emerging security technologies. The central lesson is clear. Advanced tools are only as strong as the governance, oversight, and discipline that guide their use. When managed thoughtfully, AI and new cryptographic approaches can enhance resilience. When adopted carelessly, they can magnify failure at unprecedented speed. For telecommunications operators, the path forward demands balance, visibility, and a constant awareness that technological progress must always be matched by equally mature risk management.
