Russia-based cybersecurity provider Kaspersky said the global telecommunications industry is heading toward a volatile convergence of risks in 2026, where persistent threats like state-sponsored espionage and ransomware will intersect with the operational fragility of erratic AI automation and rushed quantum encryption rollouts.
According to the Kaspersky Security Network, data collected between November 2024 and October 2025 reveals that 12.79% of users in the telecommunications sector encountered web threats, while 20.76% faced on-device threats. During the same period, 9.86% of telecom organizations worldwide reportedly experienced ransomware attacks. The report categorizes the threats faced by operators in 2025 into four main areas. Targeted intrusions focused on gaining stealthy access to operator environments to conduct espionage and leverage privileged network positioning. Supply chain vulnerabilities provided entry points through weaknesses in widely used software and integrated platforms, while denial-of-service incidents and SIM-enabled fraud remained practical issues affecting network availability and security.
Kaspersky argues that the telecommunications sector is shifting from technological development to broad implementation, a transition that creates specific operational risks for 2026. The company highlights three key areas where this shift could lead to disruption. First, AI-assisted network management poses risks where automation can amplify configuration errors or act on misleading data if not properly managed. Second, the transition to hybrid and post-quantum cryptography approaches risks causing interoperability and performance issues across IT and management environments if deployed hastily. Finally, 5G-to-satellite integration expands service footprints but introduces new integration points and potential failure modes through partner dependencies.
“The threats that dominated 2025 are not going away. But now they intersect with operational risks from AI automation, quantum-ready cryptography, and satellite integration,” said Leonid Bezvershenko, Senior Security Researcher, Kaspersky’s Global Research and Analysis Team (GReAT), stressing that the industry needs a unified view of risk. This means defending against established threats like ransomware while ensuring new technologies are secure by design before they are deployed.
To mitigate these risks, Kaspersky experts recommend that operators treat AI-driven network automation as a change-management program, ensuring human oversight for high-impact actions. The report also advises increasing DDoS readiness by validating upstream mitigation and monitoring for congestion signals. Furthermore, continuous tracking of the APT landscape and the deployment of Endpoint Detection and Response (EDR) capabilities are suggested to support rapid investigation and incident containment.
IBM: Autonomous AI and Identity Security Will Define 2026
According to IBM’s 2026 predictions, the integration of autonomous AI into enterprise environments presents critical challenges. The technology giant anticipates that shadow AI, which is unapproved tools deployed without oversight, will increase the risk of intellectual property loss. Additionally, the rise of autonomous agents is expected to complicate traditional accountability models, potentially exposing sensitive data faster than current monitoring systems can detect.
IBM also forecasts that identity systems will become a national security priority as adversaries utilize deepfakes and biometric spoofing to bypass defenses. In response to quantum computing advancements, the report suggests that static encryption will become obsolete, necessitating a shift toward crypto-agility to maintain enterprise resilience.
