Orange Hack Reveals Telecom Cybersecurity Flaws

Cyber attackers are turning away from traditional social engineering techniques and instead exploiting technical flaws in software with growing precision.

This shift has caused a 74% surge in direct intrusions, presenting a serious cybersecurity threat to global telecommunications.

In February 2025, Orange fell victim to a cyber breach that exposed 600,000 customer records.

The attackers gained access through vulnerabilities in Atlassian's Jira project management software, demonstrating how software misconfigurations and outdated systems create pathways into critical telecom infrastructure.

Mobile systems exposed through software flaws

The Orange attack is not an isolated event.

NTT Communications also suffered a breach that compromised 18,000 corporate customer files.

As threat actors evolve, telecom providers are under pressure to tighten both mobile and fixed network security.

A growing number of these attacks stem from overlooked vulnerabilities in widely used platforms, rather than obscure or zero-day exploits.

Security researchers are warning that “unpatched known vulnerabilities are directly responsible for an even higher percentage of data breaches than unknown vulnerabilities".

This puts the spotlight on mobile operators and telecom infrastructure providers, who must shift from reactive incident responses to forward-looking security practices, especially in patch management and vulnerability scanning.

State-linked cyber groups are exploiting these gaps.

The Salt Typhoon group, connected to a nation-state, has targeted telecom firms worldwide by manipulating weaknesses in Cisco IOS XE software.

These intrusions demonstrate how attackers are using automated tools to identify known flaws in mobile and broadband infrastructure, often faster than providers can fix them.

Security at the edge of IT and operational tech

Telecom networks are rapidly evolving, merging traditional IT infrastructure with Operational Technology (OT) and Industrial Control Systems (ICS).

While this convergence boosts efficiency and connectivity, it also broadens the attack surface.

Attackers no longer need to breach just a single system. They can pivot from IT into OT environments—networks that control mobile base stations, routers, or even physical hardware. One vulnerable system, such as a Network Function Virtualisation controller, could give cybercriminals access to critical operational layers.

Traditional IT defences do not always work in OT settings.

Tools designed for standard data systems can disrupt telecom operations or even introduce risks.

In these environments, passive monitoring and tools that understand OT protocols are needed to detect cyber threats without endangering network uptime.

As Sean Costigan, a national security expert, notes: “Cybercrime is poised to become even more prevalent in the future... the damage they're able to inflict on our trust in people, systems, and cyberspace itself is enormous.”

Telecoms companies must prepare for a spectrum of threats—from lone hackers to nation-state actors and organised cybercriminal groups.

These adversaries are persistent and well-funded and they often exploit the same vulnerabilities that mobile and broadband operators leave unresolved.

Strengthening mobile resilience through AI and governance

Technology alone will not stop the escalating cyber threat.

Telecom firms must align their cyber strategy with business goals through robust Governance, Risk and Compliance (GRC) structures.

These frameworks help manage risk methodically, ensuring that investment in cybersecurity delivers operational and strategic value.

As industry experts argue, “GRC is not just a box you tick; it's an engine driving your organisation's decisions.” A structured GRC approach helps security teams prioritise threats, allocate resources and measure risk across complex, layered infrastructure.

AI also plays a growing role in telecom security.

AI-powered systems can analyse massive volumes of network data, identify unusual behaviour and trigger automated responses. These tools provide rapid detection and containment of mobile-focused threats, especially those that move laterally across networks.

Still, the basic cyber hygiene remains the foundation.

In the NTT Communications breach, attackers took advantage of a known, unpatched flaw.

Despite being a leading global provider, the breach proved that no telecom operator is immune when basic security maintenance is neglected.

Securing the mobile future with proactive cyber strategies

Telecommunications providers are at a crossroads.

The growing complexity of mobile systems, combined with increasingly capable attackers, means that passive defence is no longer viable.

Cybersecurity must be proactive, strategic and intelligence-driven.

This involves continuous risk assessment, threat modelling and scenario planning—all supported by executive-level oversight.

Security is now a strategic enabler. It protects customer data, sustains operations, ensures compliance and builds trust.

Telecom providers that adopt a cyber-resilient mindset will not only defend against current threats but also position themselves for sustainable growth.

Cybersecurity researchers conclude: “Unpatched known vulnerabilities are directly responsible for an even higher percentage of data breaches than unknown vulnerabilities.”

Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today. 

Cyber Magazine is a BizClik brand