Telecom firms faced constant cyber threats in 2025, says Cyble

Cyble's Telecommunications Sector Threat Landscape Report found that the telecommunications sector faced sustained pressure from ransomware groups, nation-state actors, and hacktivists throughout 2025, The Cyber Express reports.

Cyble documented 444 cybersecurity incidents during the year, including 90 confirmed ransomware attacks, with activity increasing fourfold since 2021. Although 34 ransomware groups were identified, Qilin, Akira, and Play accounted for nearly 39% of cases, with Qilin leading at 16 attacks. Telecom firms were repeatedly targeted for their personally identifiable information repositories, including call records and billing data, which carry high value in underground markets. Exposure through internet-facing systems and third-party vendors increased risk across the supply chain.

The Americas recorded the most incidents, with 47 attacks in the U.S., where data stolen ahead of the 2024 elections continued to be monetized in 2025. Beyond ransomware, the China-linked Salt Typhoon campaign targeted network-edge devices for espionage, while pro-Russian hacktivist groups claimed disruptive attacks against Ukrainian telecom infrastructure.