As we pass the 18-month milestone of the COVID-19 pandemic, the extraordinary consequences of the public health crisis are well known. Less visible, but equally damaging, is a parallel digital pandemic that has inflicted large-scale harm across businesses and public services.
Cybercrime cost an estimated $945 million in 2020, a figure that has climbed nearly 50% since 2018. Malware incidents surged dramatically, supply chain attacks escalated, and ransomware victims were appearing at alarming rates—on average a new victim every ten seconds during that year.
Telecommunications under attack
The telecom sector has been a frequent target. In March 2021, ransomware disabled 911 dispatch systems in three New York State counties. This followed a 2019 breach in Jefferson County, Georgia, where emergency dispatch computers were hacked, disrupting license plate recognition systems and digital controls at a county jail.
In another case, one of Argentina’s largest internet service providers had roughly 18,000 machines encrypted by ransomware, with attackers demanding $7.5 million to restore access. And more recently, a large database containing personal data for over 40 million T‑Mobile customers surfaced on the dark web; the company confirmed the intrusion was part of a sustained campaign to breach its systems.
As 5G rolls out, it introduces fresh attack surfaces. While 5G brings faster speeds, lower latency and greater capacity, those benefits also create attractive targets for criminals and hostile actors. Unique vulnerabilities tied to 5G include:
- Open standards that may allow untrusted technologies or equipment, reducing competition and forcing adoption of risky components.
- Optional security controls that, if inconsistently applied, leave gaps across networks.
- Unauthorized access to software or network elements that enables attackers to alter configurations, weaken protections, or install malware.
- The exponential growth in connected devices, which expands the number of exploitable endpoints.
- Network slicing, which should isolate traffic but if mismanaged can permit cross-slice data access or denial of service to priority users.
These examples illustrate only some of the threat vectors telecoms face. From sophisticated nation-state campaigns that intercept communications and steal intellectual property to ransomware attacks that cripple emergency services, the volume and complexity of attacks against telcos are increasing rapidly.
Why telcos should embrace cybersecurity
Given this threat environment, telecom operators must prioritize protective measures. While cybersecurity may seem burdensome to some, it can deliver a tangible competitive advantage when approached strategically.
Companies that invest time, expertise and resources in robust security enjoy benefits beyond risk reduction. Mitigating ransomware and other attacks delivers peace of mind and substantial cost savings—the average ransomware incident can be extremely costly—while broader advantages include regulatory compliance, reputation protection and customer trust.
Compliance matters: regulations such as GDPR, HIPAA and PIPEDA impose strict requirements and heavy penalties for violations. For example, GDPR fines can reach up to €20 million or 4% of global annual turnover, whichever is higher. Demonstrable security practices help operators avoid fines and legal exposure.
Reputation and brand integrity also hinge on security. A single breach of customer data can severely damage trust and customer retention. Research shows consumers are sensitive to security: many would consider switching providers if another company offered stronger cybersecurity protections.
How to secure a competitive edge
Cybersecurity is not just defensive; when done well it becomes a strategic asset that supports growth and new revenue opportunities. There is no one-size-fits-all solution—each operator’s needs depend on priorities, roadmaps and regions of operation—but several practical steps can strengthen a telco’s security posture.
Start with training. Human error plays a role in the vast majority of breaches. Educating staff to recognize phishing, understand social engineering tactics, and guard against SIM fraud significantly reduces organizational risk.
Prepare for incidents. A clear incident response plan that defines how to act during ransomware or other intrusions—either internally or with external specialists—can limit downtime and data loss, and accelerate recovery.
Address IoT security. The growing number of connected devices accessing core networks creates exposure to attacks such as man-in-the-middle, denial of service, and eavesdropping. Operators must enforce protections for devices and ensure secure onboarding and management.
Adopt robust technical controls. Strengthening GTP and SCTP protocol security, applying zero-trust principles, implementing strong identity and access management, and deploying advanced threat detection and response tools are all critical measures. Incremental improvements across these areas help telecoms fend off attacks, preserve service continuity, and maintain customer confidence.
Security must be integral to long-term strategy rather than an afterthought. Embedding cybersecurity into planning and operations enables operators to stay ahead of evolving threats, adapt to regulatory change, and use security as a foundation for future success.
(Photo by Markus Winkler on Unsplash)