Network builder and ISP WightFibre, which operates a gigabit speed Fibre-to-the-Premises (FTTP) broadband network across the Isle of Wight – just off the South Coast of Hampshire in England, has managed to secure the ISO 27001 certification for Information Security Management Systems (ISMS).

Related certifications are a seal of approval from a recognised third-party body, which represents a series of global standards developed and published by the International Organisation for Standardisation (ISO). The idea is that by securing these certifications, companies can show that they’re safe, reliable and of good quality for particular tasks, features, management and / or services etc.

The ISO 27001 Standard is specifically intended to demonstrate that a company has a robust framework to help define, document, review, and update security controls, ensuing they are implemented consistently. Achieving ISO certification involves a rigorous process of assessment and checking that WightFibre adheres to the ISMS benchmarks, including the CIA Triad.

The CIA Triad is a model that forms the cornerstone of information security within the ISO 27001 framework. It stands for Confidentiality, Integrity, and Availability, three key principles that guide organisations in protecting sensitive information.

Benefits to Customers of the new ISO Certification

Compliance: ISO 27001 certifications demonstrates that WightFibre adheres to the highest standards for information security, meeting legal, regulatory, and contractual obligations. This minimizes the risks of any data breaches, thereby protecting you from potential fraud and identity theft.
Confidentiality: WightFibre is committed to the security of sensitive information. Our robust security policies and access management protocols ensure that your data is handled securely and confidentially.
Risk management: By adhering to the ISO Standard, WightFibre effectively minimise risk exposure, providing you with the assurance that we are proactive in managing data security risks.
Customer satisfaction: WightFibre’s dedication to constricted information security measures not only secures your data but also enhances your trust in our services, contributing to higher overall customer satisfaction.
Culture of security: WightFibre has cultivated a security-first mindset among our employees and stakeholders, ensuring that everyone is aligned with our commitment to protecting your information.
All-round protection: WightFibre’s heightened security awareness and practises extend beyond mere compliance; its integral to safeguarding our company, its assets, and everything in-between.

Securing an ISO certification requires a lot of work and is thus a significant achievement for any broadband company, although it’s worth noting that there are some broadband networks with multiple certifications, but those tend to be quite rare (e.g. Giganet and Freedom Fibre have five ISO standards under their belt, while Openreach has four).

However, as useful as ISO certifications are, they shouldn’t be conflated with expectations of always getting excellent customer support or perfect broadband service quality.

Sources have informed ISPreview that the Government’s Building Digital UK (BDUK) agency has decided to extend the availability of their Gigabit Broadband Voucher Scheme (GBVS) to include urban areas. The scheme has, until now, only offered grants to help rural properties get a 1Gbps capable ISP connection installed.

The GBVS currently offers grants worth up to £4,500 to rural homes and businesses to help them get a gigabit-capable broadband service installed, which is available to areas with speeds of “less than 100Mbps” – assuming there are also no future plans for a gigabit deployment in the same area (either via private investment or state-aid). Some Local Authorities (LA) have, in the past, also provided top-up funding to boost the voucher values.

However, over the past year the GBVS has become somewhat diminished in its capacity to assist in rural areas, which is largely intended to avoid duplication of public investment with the wider Gigabit Infrastructure Subsidy (GIS) programme (i.e. awarding large state aid funded broadband deployments, for rural areas, to specific suppliers). As a result, the GBVS is currently suspended across much of the UK.

GBVS Availability Map

Despite this, we recently reported that the voucher scheme had been extended to run up to March 2028 (here). On top of that, BDUK is also known to have been exploring how the Project Gigabit programme could be expanded to help tackle poorly served urban areas (here), which can often sit neglected as patches of poor service, typically dotted about like small islands inside major cities and towns.

The latter problem can be caused by all sorts of challenges (e.g. high build costs, issues with securing wayleave / access and permits or road closures etc.), while state aid and competition law often make it difficult to use public funding in such areas (i.e. locations where private investment should be able to resolve without intervention).

The easiest solution to the legal and competition dilemma has typically been to use a voucher scheme, which was tried before and eventually morphed into today’s more rural-focused scheme. But the latest development appears to confirm that BDUK are going to give this approach another bash.

Gigabit Vouchers for Urban Areas

At present, the details of this are still subject to change, but our sources have informed us that the plan seems to involve a “soft launch” in June 2024 that will expand the voucher scheme into urban areas and run for about 10-weeks. The initial focus will be on 11 as yet unspecified areas, which are understood to contain a total of approximately 15,000 initial eligible premise.

The BDUK agency will spend the rest of this month conducting various market engagement work in order to help finalise their policy and assess how much interest might exist, as well as to identify any potential barriers that could hamper such builds.

As before, the aim of this expansion is to connect both businesses and residents to gigabit-capable broadband in urban areas, where there is no existing coverage, planned commercial coverage or coverage through other Project Gigabit schemes. The same voucher values (£4,500) and timescales as exist today will continue to apply (i.e. successful voucher projects must be delivered within just 12-months).

A DSIT spokesperson told ISPreview:

“We are committed to delivering lightning-fast gigabit broadband to communities across the UK, particularly to those who are hard to reach and not included in current commercial rollout plans.”

Assuming all goes to plan and there’s enough demand for urban gigabit vouchers, then BDUK will look to introduce phased extensions to the scheme from around September 2024. As usual, this expansion will be both demand-led and based on evidence.

Overall, we think this is a positive development, although it remains to be seen whether expanding the voucher scheme in this way will be enough to overcome some of the complex challenges that building in the remaining urban pockets of poor connectivity can often present (it’s not always a money problem).

News

The computer is officially the most sustainable supercomputer in the UK 

The UK’s fastest and most powerful supercomputer, known as Isambard-AI, has been switched on at the University of Bristol this week. 

The Isambard-AI supercomputer was first announced by the government last March alongside a £225 million investment. The facility has been built by Hewlett Packard Enterprise and contains over 5,000 NVIDIA superchips, allowing it to complete 200 quadrillion calculations per second. 

Officially named the AI Research Resource (AIRR), the facility is ten times more powerful than the previous leading supercomputer in the UK. Researchers will use the facility to support critical work on the development of AI technology, working closely alongside the UK’s AI Safety Institute.  

The facility includes thousands of graphics processing units (GPUs) and will be used to train the large language models. as Additional focus areas include climate research and accelerating automated drug discovery. 

“The Isambard-AI cluster will be one of the most powerful supercomputers in Europe, and will help industry experts and researchers harness the game-changing potential of AI, including through the mission-critical work of our Frontier AI Taskforce,” said Science, Innovation and Technology Secretary Michelle Donelan in a press release. 

“This will equip the UK with the means to drive the next wave of scientific breakthroughs and positions Bristol as a vital cog in global technological discovery that will improve people’s lives,” added University of Bristol’s Vice-Chancellor and President Professor Evelyn Welch. 

The UK is on a mission to become a global AI superpower. Last October, the government announced that taxpayer spending on AI chips and supercomputers is set to increase to £400 million. Additionally, in this year’s Spring Budget, chancellor Jeremy Hunt pledged £100 million in funding to The Alan Turing Institute, the UK’s national institute for data science and AI. 

Want to keep up with all of the latest telecoms news from around the world? Sign up to receive Total Telecom’s daily newsletter   

Also in the news:
UK government conditionally approves £15bn Vodafone–Three merger
Nokia and Vodafone trial Open RAN with Arm and HPE
T-Mobile and Verizon to buy US Cellular, reports say

News 

BT is set to release its 2023 financial results release on Thursday 

Investors have bet £300 million against BT this week, as the company continues to battle against its declining share price. 

Banks including BlackRock, Canada Pension Plan Investment Board and hedge funds such as AKO Capital and Kintbury Capital have bet against the company, according to a report from the Financial Times. 

BT will release its 2023 annual results on Thursday, in which profits are expected to be just shy of £8 billion, according to analysts. 

In total, 2.79% of the company’s shares are being shorted, representing the largest bet against BT since records began in 2012, according to figures from Breakout Point. This makes BT the sixth most shorted company in the FTSE100, behind major companies such as Ocado, Sainsbury’s and Rightmove. It is also notably far higher than other European telcos, such as Orange, Telefonica, Deutsche Telekom, Vodafone or Telecom Italia, which have an average short position of around 0.95%, according to the Financial Times report. 

In December, Kintbury Capital founder Chris Dale said that it was taking a short position on BT, saying the operator had “no growth” and increasing debt. BT responded saying the company is “confident that we can support our progressive dividend and that we will see a material uplift in our cash flow once our peak full fibre build is completed in December 2026.” 

BT’s debt pile sits at just under £20 billion. This, combined with high capital expenditure and increased competition from Vodafone, Three, and fibre altnets, has seen BT’s share price fall 29% in the last year. 

“Telecoms is a sector that has a lot of debt as a part of it,” Kester Mann, analyst at CCS Insight, told City A.M in December last year. “We’re seeing operators look to reduce that through a number of means.” 

Perhaps the most significant cost-cutting measure being adopted is widespread job cuts. In May last year, the company announced that it will eliminate 55,000 jobs by 2030, shedding around 40% of its current workforce. Up to a fifth of these jobs will reportedly be replaced by AI, said then CEO Philip Jansen, who noted the move would make BT “a leaner business with a brighter future”. 

Keep up to date with the latest international telecoms news by subscribing to the Total Telecom daily newsletter 

Also in the news:
UK government conditionally approves £15bn Vodafone–Three merger
Nokia and Vodafone trial Open RAN with Arm and HPE
T-Mobile and Verizon to buy US Cellular, reports say

Network security researchers have published details of a new vulnerability that arises from a “design flaw” in the IEEE 802.11 WiFi standard (CVE-2023-52424), which is said to impact “all operating systems and WiFi clients” and allows an attacker to trick Wi-Fi clients into connecting to an untrusted network.

According to TOP10VPN, which teamed up with security researcher Mathy Vanhoef to share this WiFi exploit – ahead of its presentation at the WiSec ’24 conference in Seoul – the root cause of this vulnerability stems from the fact that the IEEE 802.11 standard underpinning how WiFi works does not require the network name (SSID) to always be authenticated.

In short, the attack tricks a victim into connecting to a different WiFi network than the one they intended by exploiting the lack of SSID authentication. As if to make matters worse, routers that support the latest WPA3 encryption standard may be more vulnerable than those using WPA1 or WPA2. This is because WPA3 has an optional mode where the SSID is not used to derive the Pairwise Master Key (PMK) in the SAE (Simultaneous Authentication of Equals) handshake.

Unfortunately, while avoiding the use of the SSID is what makes this mode highly robust against a variety of cyberattacks, it is also what makes it vulnerable to the new attack outlined in the new report. But when WPA3 incorporates the network’s SSID, the new attack will fail. Mesh WiFi networks typically also use SAE rather than 802.11X to avoid introducing a single point of failure, which means they may also be vulnerable.

How Does the Attack Work?

For the SSID Confusion attack to succeed, the following must be true:

➤ The victim wants to connect to a trusted network.

➤ There is a second network available with the same authentication credentials as the first.

➤ The attacker is within range to perform a man-in-the-middle (MitM) attack between the victim and the trusted network.

Note that the victim doesn’t need to have ever connected to the untrusted network. Nor does the attacker need to know the victim’s credentials.

Once the target (victim) has connected to a different WiFi network from the one they intended, the attacker – who controls the bad network – can then do all sorts of nasty things, such as installing malware on the client’s device or snooping on their internet traffic. Full details can be found in this report (PDF).

A successful SSID Confusion attack also causes any VPN with the functionality to auto-disable on trusted networks to turn itself off, leaving the victim’s traffic even more exposed.

Report Conclusion

We showed that users, or their apps, make security-sensitive decisions based on the network they are connected to. For instance, some VPNs can disable themselves when connected to a trusted Wi-Fi network. However, we demonstrated that a client can be tricked into unknowingly connecting to a different network, even when enterprise or home WPA3 protection is used. This is caused by a design flaw in several authentication methods defined in the 802.11 standard. This vulnerability was assigned CVE-2023-52424.

A backwards-compatible defence is to use beacon protection and to verify the authenticity of a beacon, and the network name contained in it, before exchanging data frames. Alternatively, the 802.11 standard can be updated to always authenticate the network name when connecting to a network.

The big problem here is that, in order to properly resolve this, the existing WiFi standard(s) might need some updates, which is something that may only occur for kit that is still supported by the manufacturer.

In the meantime, existing networks can mitigate the attack by avoiding credential reuse across SSIDs, while enterprise networks should use distinct RADIUS server CommonNames and home networks should use a unique password per SSID (i.e. not one password shared across all the SSIDs put out by your router, which is fairly common).

News

The upgrade means 25% of all ‘underground’ Tube stations now have access to mobile connectivity

Today, Transport for London (TfL) have announced that all Elizabeth Line stations on the London Underground now have access to 4G or better mobile connectivity.

In addition to deploying the 4G network at the stations themselves, in-tunnel connectivity is currently being deployed, with initial sections between Bond Street and Liverpool Street to be added in the coming months.

Full in-tunnel coverage is to be completed before the end of the year.

The deployment is being delivered by neutral host network provider Boldyn Networks, which won the 20-year contract to deploy and operate TfL’s connectivity infrastructure back in 2021. The project has already seen wireless connectivity deployed on parts of the Victoria and Piccadilly lines, with work on the Bakerloo line expected to begin next month.

Alongside mobile connectivity, the infrastructure deployment also includes the new Emergency Services Network (ESN), which will provide first responders with real-time images and information.

In total, 31 of 121 subterranean Tube stations currently have dedicated mobile coverage.

All four of the UK’s mobile operators – Vodafone, Virgin Media O2, BT (EE), and Three – are taking part in the rollout.

“This is yet another step towards ensuring Londoners and visitors can stay connected on our transport network. I promised that customers would be able to access high-speed mobile coverage at all stations and in tunnels, and I’m pleased to see how quickly the team are moving to enable 4G and 5G connectivity,” said newly re-elected Mayor of London Sadiq Khan.

“Now, customers can access the latest travel information, keep in touch with colleagues, friends and family, use social media and stream music at every station along the Elizabeth line. This is just one of the many ways we are supporting Londoners as we build a better, fairer and more prosperous London for everyone.”

All connectivity infrastructure deployments across the London Underground, Docklands Light Railway, London Overground, and the Elizabeth Line are expected to be completed by the end of 2025.

Delivering high quality mobile connectivity to subway lines has become a growing priority I major cities around the world. Just last week, O2 Telefonica and Berliner Verkehrsbetriebe announced that they had completed a 4G network deployment across Berlin’s U-Bahn subway system, installing over 1,000km of fibre and various wireless equipment.

How is the UK connectivity landscape changing in 2024? Join the discussion at Connected Britain, the UK’s largest digital economy event

Also in the news:
UK government conditionally approves £15bn Vodafone–Three merger
Nokia and Vodafone trial Open RAN with Arm and HPE
T-Mobile and Verizon to buy US Cellular, reports say

Broadband ISP Quickline, which is deploying a new gigabit speed full fibre (FTTP) and fixed wireless (5G FWA) network across rural and semi-rural parts of the North East and Midlands of England, has connected their first customer under the £60m (state aid) Project Gigabit roll-out contract that was awarded to them in February 2024 for West Yorkshire and York (Lot 8).

The West Yorkshire and York Area (Lot 8) contract aims to cover around 28,000 premises, in some of the hardest to reach areas, including rural locations surrounding Selby, York, Bradford, Kirklees, Leeds, Wakefield, Harrogate, Skipton and Ripon, Keighley, Calder Valley, Stamford Bridge and Pocklington.

As part of that, Quickline has separately also committed to make a further private investment alongside the Project Gigabit roll-out, which will see their full fibre network reach an additional 58,000 premises. This broadly reflects the usual additionality (i.e. separately expanding coverage out via commercial investment, based on the same geographic areas passed using public investment).

So far only three months have passed since the contract was announced, yet it’s impressive to note today that Quickline has just been able to connect their first homes to the new network in Escrick, near York. Quickline’s CEO, Sean Royce, even visited the customer and handed over a hamper to celebrate the milestone. Escrick is a small rural community to the south of York with around 380 households.

Sean Royce, CEO of Quickline, said:

“Winning the government Project Gigabit contract was a huge honour for us at Quickline but importantly, we want to ensure we make an impact quickly. That means we are building straight away, connecting customers straight away and taking communities out of the slow lane faster than other providers.

As a dedicated rural provider, we know there are thousands of people who have long been underserved by decent broadband and it is imperative this is addressed as soon as possible.

We are delighted to be able to make a difference to the lives of the people living in Escrick just three months after signing the contract and will continue to deliver our network quickly and efficiently to those hard-to-reach communities most in need of improved connectivity.

When you consider there is no mains gas supply to Escrick, it really does emphasise the type of rural communities where we build and that Project Gigabit is tackling.

This milestone underscores Quickline’s absolute commitment to bridging the digital divide and empowering rural communities across Yorkshire and Lincolnshire.”

Quickline is being supported by funding of around £500m from Northleaf Capital Partners and £104m of public subsidy from Project Gigabit (here and here). The provider holds an aspiration to cove around 500,000 premises in rural and semi-rural areas across Northern England and beyond with “ultrafast broadband” via both their Fibre-to-the-Premises (FTTP / XGS-PON) and 5G based fixed wireless technology “by 2025” (here). Some 200,000 of those rural premises will be tackled by their wireless network, with the other half or more coming from FTTP.

Residential customers reached by their new full fibre network are typically charged from £29 per month on a 24-month term for 100Mbps (50Mbps upload) speeds with free installation, and that goes up to £49 for their top 900Mbps (450Mbps upload) tier. The first 3 months of service are also free.

Mobile operator and UK ISP Vodafone has today published their Q4 FY24 financial results, which saw their fixed broadband base grow to total 1.383 million customers (up by 52k in Q4 vs 39k in the Q3) and their mobile base reach a total of 18.638 million (up by 66k in Q4 vs 330k in Q3).

In terms of their UK fixed broadband services, the operator has continued to report strong growth, with a quarterly addition of 52,000 customers – thanks in part to being widely available across both Openreach’s and CityFibre’s national networks. The provider’s full fibre FTTP network coverage can now reach a combined total of 15.3 million UK households (up from 14.5m in Q3).

As for their mobile base, Vodafone reported a quarterly fall of 9,000 in Pay Monthly customers (down from 18k added last quarter) and a rise of 75,000 in Prepaid / PAYG customers (down from 312k added last quarter). Meanwhile, the operator’s digital prepaid sub-brand, VOXI, continued to grow, with 120,000 customers added during the year.

Finally, quarterly mobile broadband (data) usage across their UK network actually fell a bit to 439,462 TeraBytes (down from 461,048 TB last quarter), which is the first time we’ve seen a fall.

Margherita Della Valle, Vodafone Group CEO, said:

“A year ago, I set out my plans to transform Vodafone, including the need to right-size Europe for growth. Since then, we have announced a series of transactions and we are now delivering growth in all of our markets across Europe and Africa.

We performed slightly ahead of expectations in the financial year, with good organic service revenue growth of 6.3% and organic EBITDAaL growth of 2.2%. Our Business division – a key growth driver – achieved 5.4% revenue growth in the fourth quarter.

Much more still needs to be done in the year ahead. We will step-up investment in our customer experience, improve our underlying performance in Germany and accelerate our momentum in Business, whilst also continuing to simplify our operations throughout the group. We are fundamentally transforming Vodafone for growth.”

Finally, the operator saw their quarterly UK service revenue reach €1,409m (up from €1,400m in the previous quarter). The full report is here (PDF).

Connexin joins prestigious roster of B Corp Certified Companies

UK-based smart technology and digital provider Connexin is pleased to announce it has earned B Corp™ Certification following a rigorous social and environmental impact evaluation, a rarity for technology and service-led providers. The certification places the business amongst some of the most respected B Corp brands globally, including Patagonia, Divine Chocolate, Octopus Energy and Innocent Smoothies.

Businesses certified by B Lab™, a third-party non-profit, are leaders in the global movement for an inclusive, equitable, and regenerative economy. B Lab measures a company’s entire social and environmental impact and attaining B Corp Certification means a company meets high standards of social and environmental performance, accountability, and transparency.

“Becoming a B Corp is further validation of our sustainable practices and our ongoing commitment to create positive social impact,” says Furqan Alamgir, CEO at Connexin. “We have always lived by the principle that businesses should be a force for good, and we practice this belief through everything we do, from our business strategy, product sets, to our operational practices. We are honoured to be recognised for this and become part of a global community that is championing change.”

The B Corp Certification follows in line with Connexin’s commitment to become Net Zero by 2040 and achieving a 5-Star ESG rating awarded by the Global Real Estate Sustainability Benchmark (GRESB).

Founded in 2006, Connexin offers services across three areas: broadband, smart solutions and digital training. Its mission is to connect the real world to the digital world to improve the way people live. The commitment to use technology to create positive and long-lasting social impact is rooted firmly in the business’s DNA.

Connexin’s smart water metering services enable its utility customers including Essex and Suffolk Water, Yorkshire Water and Severn Trent Water to rapidly detect water leaks across the UK. This helps reduce water wastage and carbon emissions from manual meter readings. Working with city councils, Connexin’s Smart City solutions help to build more efficient, sustainable and better connected communities.

Its education and training division, Connexin Academy, consistently demonstrates its dedication to narrowing the growing gap in tech skills across the nation. By offering training bootcamps ranging from Cybersecurity, IT Skills, and Advanced Fibre Engineering, Connexin Academy upskills individuals and businesses with a constantly updated curriculum and new courses for emerging markets.

Through its Connexin Cares scheme, the company donates up to £20 to a local charity for each new customer that signs up to its fast full-fibre broadband deals.

Notes to editors:

Connexin is a UK-based digital service and smart technology provider with an industry-leading offer across three areas: broadband, smart solutions and digital training.  

From day one we’ve been on a mission to connect the digital world to the real world to improve the way we live. We’re passionate about ending the digital inequalities that exist within society which prevent people and businesses from accessing the benefits of technological advancement.  

By connecting people, places and things to smart technologies we’re changing lives and communities for the better. 

Connexin recently ranked 2nd in the Top 100 league table at the annual Northern Tech Awards, a remarkable 14 place jump from 2023 (16th) and a staggering 28 places from 2022 (30th).

Earlier this year, Connexin was selected by Essex & Suffolk Water for the UK’s largest IoT advanced water metering infrastructure (AMI) framework contract, to manage the rollout of up to one million smart meters across the Essex and Suffolk supply regions. 

Connexin was also awarded £58.6 million in government funding by Building Digital UK, as part of Project Gigabit, to rollout lightning-fast fibre broadband to over 30,000 rural homes in Nottinghamshire and West Lincolnshire.

News

The German mobile operator says it had built 1,334 Open RAN sites by the end of Q1

Alongside the company’s Q1 financial results this week, Germany’s newest mobile operator, 1&1, has revealed that 700,000 customers are making use of its newly built Open RAN network.

1&1 launched commercial services over its new network in December last year, though at the time the company only had around three active mobile sites of its own. In the last five months, the number of sites has increased dramatically, with 1&1 saying that it now has 1,334 sites deployed.

1&1 won 5G spectrum at auction back in 2019, announcing its intention to become the country’s fourth national mobile network operator. Since then, the company has been slowly working to develop its own mobile network, as well as striking 5G roaming deals with rivals Telefonica and Vodafone to provide services in the meantime.

The company already serves over 12 million mobile customers as a mobile virtual network operator (i.e., using infrastructure from other mobile operators), all of which it says will gradually be migrated to its Open RAN infrastructure as its rollout continues.

“The smooth functioning of the new Open-RAN technology is evidenced by initial network tests conducted by connect, teltarif and Inside Digital, which have given positive ratings to the 1&1 O-RAN,” reads the company’s  Q1 report.

“Following the launch of our mobile services at the end of 2023, the first three months of financial year 2024 were focused on expanding our mobile network and starting the migration of our more than 12 million mobile customers from external networks to the new 1&1 mobile network,” the company added in a statement.

1&1 aims to expand its 5G coverage to a quarter of the German population by the end of 2025 and half the population by the end of 2030.

How is the German connectivity landscape changing in 2024? Join the operators in discussion at this year’s Connected Germany conference live in Munich

Also in the news:
UK government conditionally approves £15bn Vodafone–Three merger
Nokia and Vodafone trial Open RAN with Arm and HPE
T-Mobile and Verizon to buy US Cellular, reports say