Recent high-profile breaches of major global telecom networks around the world, and a rise in spying on mobiles, reveals a growing and often underestimated threat to national and organisational security. That is, the networks and communication tools that make global communications accessible, connected and efficient, are also exposing sensitive data to unprecedented risks.
In an advancing digital region like ASEAN, the vulnerabilities of both high-speed and legacy telecom networks, combined with the extensive use of consumer-grade messaging apps such as WhatsApp, Telegram and Signal to share sensitive information, can expose trade secrets, military locations and national security or personal health data to threat actors with malicious intent.
As the 46th ASEAN Summit takes place in Malaysia, communications security and carefully managed incident response will be paramount for all participating nations, mission-critical agencies and supporting organisations. It is a timely moment to take heed of the emerging risks that all digitally connected nations are facing to protect communications data and networks, particularly for those individuals and organisations who demand security and confidentiality.
Understanding the breach: Telecom networks as a target for cyber espionage
Late last year, cyber-espionage campaigns attributed to foreign governments successfully infiltrated U.S. telecommunications networks, exploiting vulnerabilities to intercept communications of high-profile political figures. Said to be lurking in the networks for more than a year, these attacks were not limited to data theft. Adversaries accessed real-time data streams, including voice calls, SMS messages, and communication metadata— a valuable asset for intelligence gathering. Such metadata can reveal intricate details about relationships and communication patterns, offering unprecedented insights into a target’s network.
For instance, attackers can learn not only who communicated with whom – but also when, where, and how often. Such data, often overlooked by organisations in the category of ‘cyber risk’, can reveal key aspects of operations and priorities for individuals or organisations. In addition to traditional intelligence purposes, this information can be exploited for disinformation campaigns, targeted phishing, blackmail, or identity spoofing, all of which can be detrimental to organisational integrity.
Secure communications gaps within public telecommunications networks
The promise of ultra-fast 5G connectivity opens the door to endless possibilities. However, with this immense potential comes a greater obligation to safeguard privacy and security across both modern and existing network infrastructures. To support this, an unshakable foundation of trust is essential – an impenetrable security layer that underpins all the exciting promises of 5G innovation and connectivity.
The fundamental architecture of public telecom networks is designed to maximize connectivity and accessibility, enabling any phone number to reach another globally. However, this very openness introduces significant vulnerabilities. Telecom providers establish automated interconnections to facilitate global coverage, often prioritizing efficiency over security, which in turn creates a fertile ground for exploits. For instance, many carriers still use outdated signalling protocols that are vulnerable to interception, allowing attackers to redirect and tap calls without user knowledge. This has given rise of “interception as a service” schemes, where malicious actors or competitors can essentially hire services to access confidential calls or messages, posing significant risks to privacy and security.
More concerning is the exposure created by carrier-interconnect protocols, which facilitate cellular roaming and enable seamless global connectivity. These protocols can be exploited by malicious actors to access roaming data and redirect calls without the user’s awareness. This is not merely a hypothetical risk, as there are well documented instances of espionage and unauthorized interference on these networks. For government officials, corporate executives, military leaders, and law enforcement personnel, this vulnerability can mean that sensitive discussions are vulnerable to surveillance and unauthorized access.
High stakes of metadata compromise
One major area of intelligence vastly underestimated by many nations, is communications metadata. Easy to find information, such as Call Detail Records (CDRs) and Message Detail Records (MDRs), can be pivotal in uncovering critical insights by malicious actors. By analysing metadata with AI tools, threat actors can reconstruct communication patterns: identifying who is communicating with whom, at what times, and for how long. This extends to metadata shared by consumer-grade messaging apps, which may include location data, user profiles, email addresses, phone numbers, call volumes, group memberships, and more.
Access to this information enables adversaries to map organizational workflows, discern relationships, and identify strategic decision-making processes. For instance, if a government leader frequently communicates with a particular advisor or peer during unusual hours – or perhaps a major event like the ASEAN Summit – it may indicate high-stakes decisions or sensitive planning.
The widely reported compromise of metadata in telecom breaches, including AT&T’s announcement of a large-scale metadata compromise, exposes a new layer of vulnerability. With metadata, adversaries can spoof identities to impersonate trusted contacts and infiltrate conversations, enabling sophisticated social engineering and phishing attacks. The latest Verizon breach took this a step further, as threat actors accessed not just historical metadata but real-time data, allowing for immediate exploitation of communication patterns and behaviours, which can be especially damaging during sensitive periods, like election cycles or trade negotiations.
Securing Communications: Why certified mobile security is essential
End-to-end encryption serves as the foundational step in securing communications, but it is just the starting line. The destination is to ensure communications data remains within sovereign networks and borders – without being intercepted, listened to, or extracted. With WhatsApp, Telegram and Signal, for example, governments lack visibility into the processing locations, and the potential archiving or mining of their data, raising concerns about data sovereignty and control.
To address these risks, organisations, especially those in government and high-stakes sectors like critical infrastructure, energy, and healthcare, must implement comprehensive mobile security strategies. These strategies should encompass robust device protection measures and trusted out-of-band (OOB) solutions that remain operational even during network outages or major cyber-attacks. This ensures continuity and resilience in critical operations, whatever happens.
Way forward: How ASEAN can strengthen communication security
Malaysia is already prioritising communications security and data sovereignty, seizing the opportunity to lead the region. This is already evident through the nation’s deployment of BlackBerry’s government-grade solutions that prevent eavesdropping and interception – and establishment of policy frameworks like Malaysia’s Cyber Security Act 2024. With plans for a revised Cybercrime Bill to be tabled by Malaysia’s National Cybersecurity Agency (NACSA) in October 2025, this reinforces the work being done to tackle modern digital threats, including those targeting communications networks and data. Working in collaboration with ASEAN partners and industry leaders, these efforts to bolster security supports both regional growth and national ambitions for Malaysia’s digital economy to contribute over 25.5% to national GDP this year.
At a time when communication espionage is on the rise, and threat actors are using AI to ‘deepfake’ voice calls and texts using stolen data, maintaining sovereignty over communications has become an operational and national security imperative.
Within this evolving threat landscape, organisations must adopt a proactive approach to secure their communications infrastructure. This includes deploying solutions that offer certified end-to-end encryption, can ensure confidentiality, validate user identities, and safeguard against interception on vulnerable networks up to top-secret level. When evaluating security solutions, organisations should look for tools that provide comprehensive protection, including secure calling and messaging that maintains integrity even on international networks, while maintaining ease of use.
In addition to investing in robust security solutions, educating teams about the risks associated with public telecom networks, the appropriate use of personal communication apps at work, and other best practices for secure communication is equally important. As espionage tactics evolve, so must an organisation’s vigilance in protecting sensitive information, which is why education and training through public- private sector initiatives like the Malaysia Cybersecurity Center of Excellence (CCoE) are so important, helping to raise the level of human cyber-resilience and awareness.
In an era where telecom networks are increasingly susceptible to state-sponsored attacks or targeted mobile interception, securing communications infrastructures is not merely a technical challenge, it is a strategic imperative that underpins organisational resilience. By prioritising communication security, organisations can uphold data integrity, protect national interests, and safeguard their competitive edge.
Tash Stamatelos is Senior Vice President Secure Communications, BlackBerry APAC