Artificial intelligence (AI) and machine learning (ML) are already being used in mobile networks, and AI itself is needed to counter the new security threats, according to experts from Ericsson and AT&T.
The new paper published by the two companies, “Securing an Open AI-Driven Mobile Network,” defines an AI Security Trichotomy, where AI is simultaneously a security tool, an attack target, and an attack tool.
Mobile network operators need to navigate a massive shift toward AI-driven and open network architectures while defending against increasingly sophisticated threats, including attacks like Salt Typhoon, which originated from nation-state actors.
The first challenge will be to secure AI, according to the paper. Threats range from input manipulation attacks to AI supply chain attacks, model theft, model skewing and inversion, and more. These are well-documented but difficult to detect.
Network operators should adopt practices proposed by the O-RAN ALLIANCE, including differential privacy in training and inference, checks for model poisoning, model splitting, cryptographic watermarking of models, and more.
“The dark side of AI/ML is its use to enhance the effectiveness of cyberattacks. Industry stakeholders should expect AI-driven attacks on mobile networks and the need to enhance visibility to detect and respond to such attacks,” the paper reads.
The second challenge is securing the mobile networks themselves. Open networks should utilize standardized interfaces to provide a consistent security baseline, implement Zero Trust Architecture, and use a Software Bill of Materials (SBOM) to monitor and manage third-party code, the authors recommend.
Next, networks must prepare for quantum computing risks before they become a reality.
“While practical quantum attacks may still be years away, the impact on today’s encryption could be profound,” writes AT&T Chief Information Security Officer Rich Baich in a blog post about the paper. “Mobile networks must begin preparing now for crypto agility, post-quantum algorithms, and network transitions that don’t disrupt performance or reliability.”
The recommendations mirror a February 2026 report from CITI group, which warned that quantum computers will one day be able to “perform certain calculations, particularly those required to break today’s complex encryption standards, at speeds that are orders of magnitude faster than any supercomputer imaginable.”
Securing open networks is key to national security, and it will require the determined focus of both vendors and telecom service providers, the authors say. Further, service providers will need to share information about threats and solutions with other service providers.
“Telecom network security is never complete because threats are constantly evolving,” the authors of the AT&T and Ericsson paper on AI/ML and mobile networks wrote. “Assume the adversary is in the network, because often they are.”
