Cybersecurity risks in the telecommunications industry

Recent cybersecurity incidents have uncovered some critical vulnerabilities in the telecom sector, leaving providers exposed to rising fines, regulatory challenges, operational concerns, systemwide attacks and network failures.

For example, in April 2024, the Federal Communications Commission fined some of the largest U.S. wireless providers a total of $196 million for allegedly sharing customer location data without consent and neglecting to take reasonable measures to protect customer data. In September, one provider reached a $31.5 million settlement with the FCC following a probe into multiple data breaches, with half of that amount going to bolstering the company’s cybersecurity plan and the other half serving as a civil fine payable to the U.S. government.  

With the increase in global unrest related to wars in the Middle East and Ukraine, as well as tension between Taiwan and China, state-sponsored cyberattacks from foreign adversaries have increased. The nation’s telecom network drives commerce and supports all industries, and companies need to be cognizant of—and implement strategies to address—potential issues and disruptions that could lead to shutdowns, delays and loss of revenue. 

Cyber espionage on the rise

At least nine large telecommunications providers were attacked in late 2024 by Chinese hackers linked to the Salt Typhoon cyber espionage operation. That operation, believed to be state-sponsored, targeted telecommunications networks to access sensitive data and intellectual property and potentially disrupt those networks. During the last election cycle, the hackers were able to access the call records and private communications of U.S. individuals, mainly political figures. In addition, the hackers are believed to have the potential to disable major ports, power grids and other critical infrastructure in the U.S. Another fear is that these cyberattacks could have allowed the hackers to access information regarding ongoing U.S. investigations or other operations linked to China, as well as U.S. defense matters.

Physical attacks on the global telecommunications network have also increased around the world. The physical network of cables, data centers and energy connections is so vast that it is impossible to defend the entire network from targeted attacks. Recently, we have seen underwater transoceanic internet cables damaged from boats linked to Russia and China. With the increase in political tensions, foreign adversaries are using more tools to execute hybrid attacks with plausible deniability.

Increase in attacks

The increase in the number and sophistication of attempted cyberattacks over the last five years has led to several high-profile system compromises in the telecom sector and across most industries in the U.S. According to the FBI’s 2023 Internet Crime Complaint Center report, the agency received an average of 758,000 complaints per year from 2019 to 2023 and calculated around $12.5 billion of losses in 2023 alone. The chart below shows the five types of cyberattacks with the largest percentage increases from 2021 to 2023.

With data breaches seeing the biggest increase during that period, a top concern for telecom companies is the security and protection of customer data. The dollar loss per complaint was also the highest for breaches, reflecting the increased incentive for threat actors to launch this type of attack. With competition among the largest telecommunications companies so fierce, customer loyalty and satisfaction play a large role in their growth and stability. Customers seek assurance that their data and information are secure, and companies do not want to lose their trust.

Responses to elevated threats

The U.S. government has not traditionally imposed direct cybersecurity requirements on telecom as it has on other industries like financial services and health care, as the importance of cybersecurity in telecom was commonly seen as sufficient motivation for self-regulation. But the recent Salt Typhoon cyberattack operation prompted calls to increase the cybersecurity regulations for the industry. In January 2025, the FCC responded by requiring telecom carriers to secure networks from unlawful access or interception communications and submit an annual certification to the commission attesting that they have created, updated and implemented a cybersecurity risk management plan.

The industry has seen an increase in indirect cybersecurity measures as well. The Broadband Equity Access and Deployment Program of 2021 mandates that all telecom projects have a cybersecurity risk management plan under the standards of Executive Order 14028 and a cybersecurity supply chain risk management plan based on practices discussed in Interagency or Internal Report 8276 of the National Institute of Standards and Technology. In addition, the Secure and Trusted Communications Network Act of 2019 and related Supply Chain Reimbursement Program motivated providers to “rip and replace” any telecommunications equipment produced or provided by Huawei Technologies Co. or ZTE Corp. from U.S. networks.

The takeaway

With the increase in global unrest and a potential for retaliation related to upcoming tariffs and trade wars, America needs to be ready for unconventional warfare attacks from foreign adversaries, including targeted and widespread cyberattacks. The telecommunications network is vulnerable, and companies need to proactively invest in their cybersecurity infrastructure, processes and tools.