by AKANI CHAUKE
JOHANNESBURG, (CAJ News) – TELECOM cyber risks that intensified in 2025 will extend into 2026 as new technologies add fresh operational exposure, according to Kaspersky’s latest Security Bulletin.
The review shows telecom operators continued to face pressure from four core threat categories in 2025: advanced persistent threats (APTs), supply-chain compromise, distributed denial-of-service (DDoS) attacks, and SIM-enabled fraud.
APT groups focused on long-term, covert access to operator environments, using privileged network positions for espionage and leverage.
Supply-chain risk remained high due to the sector’s dependence on complex vendor ecosystems, while DDoS attacks continued to disrupt availability and capacity.
Kaspersky Security Network data highlights the scale of exposure. Between November 2024 and October 2025, 12.79% of users in the telecommunications sector encountered web-based threats, 20.76% faced on-device threats, and 9.86% of telecom organisations worldwide were affected by ransomware.
Looking ahead, Kaspersky warns that the industry’s shift from experimentation to mass deployment of new technologies will introduce additional risk if not tightly governed.
Three areas stand out. AI-assisted network management can improve efficiency, but automation may amplify configuration errors or act on manipulated data.
Post-quantum cryptography transitions, if rushed, could create interoperability and performance challenges across IT and interconnect environments.
Meanwhile, 5G-to-satellite integration expands service reach but also increases dependency on partners and complex integration points.
According to Kaspersky, the strategic challenge for operators is convergence: established cyber threats are colliding with technology-driven operational risk.
Defending against known attack methods must now run in parallel with embedding security into AI automation, quantum-ready encryption, and non-terrestrial networks from the outset.
To strengthen resilience, Kaspersky advises operators to continuously monitor the APT landscape, manage AI automation as a controlled change programme with human oversight, treat DDoS defence as a capacity-planning issue, and deploy advanced endpoint detection and response capabilities to accelerate threat detection, investigation, and containment, and recovery efforts.
– CAJ News