Telecom Cybersecurity Threats to Persist in 2026

Telecom cybersecurity threats that dominated 2025 will carry into 2026 as new technology deployments introduce additional operational risks, according to Kaspersky’s latest Security Bulletin. Advanced Persistent Threat (APT) activity, supply-chain compromises, DDoS disruption and SIM-enabled fraud continued pressuring operators throughout 2025.

Major Threat Categories Faced by Telecom Operators

In 2025, telecom cybersecurity threats fell into three broad categories. Targeted intrusions through APTs focused on gaining stealthy access to operator environments for long-term espionage and leverage through privileged network positioning. Supply chain vulnerabilities remained a critical entry point, as telecom ecosystems rely heavily on multiple vendors, contractors and tightly integrated platforms.

Kaspersky Security Network data reveals the scale of the challenge. Between November 2024 and October 2025, 13% of telecommunications sector users encountered web threats while 21% faced on-device threats. Perhaps most concerning, 10% of telecom organizations worldwide experienced ransomware attacks during this period.

New Technology Risks Emerging for 2026

The telecommunications sector is transitioning from rapid technological development to broad implementation, creating new opportunities alongside operational risks. Kaspersky identifies three areas where technology transitions could introduce disruption if rolled out unevenly or without strong controls.

AI-assisted network management where automation can amplify configuration errors or act on misleading data
Post-quantum cryptography transitions with rushed deployment causing interoperability and performance issues
5G-to-satellite integration (NTN) expanding service footprints and partner dependencies

The threats that dominated 2025 — APT campaigns, supply chain attacks, DDoS floods — aren’t going away. But now they intersect with operational risks from AI automation, quantum-ready cryptography, and satellite integration.
Leonid Bezvershenko, Senior Security Researcher at Kaspersky

Expert Recommendations for Strengthening Defense

To reduce risk and strengthen resilience, Kaspersky experts recommend continuous monitoring of the APT landscape and telecom-relevant infrastructure. The Kaspersky Threat Intelligence Portal helps monitor actor and campaign context, paired with regular security awareness training for employees.

Organizations should treat AI-driven network automation as a change-management program, maintaining human oversight for high-impact actions and validating data feeding AI systems. Enhanced DDoS readiness requires upstream mitigation validation, edge routing protection, and monitoring for congestion signals. Deploying EDR capabilities like Kaspersky Next EDR Expert enables early threat detection and effective incident response.