Insight

By Rob Pocock, Technology Director, Red Helix

The initial deadline for the Telecommunications (Security) Act (TSA) 2021 is fast approaching. Drafted in response to our growing reliance on communications technology, and to help protect our networks from an expanding threat landscape, the Act is set to have a major impact on the UK’s approach to security and resilience in the telecoms industry.

The first of the deadlines requires all network operators in the tier 1 category (those with an annual turnover in excess of £1 billion) to action ‘the most straightforward and least resource intensive measures’ by March 31st, 2024. While there is no explicit guidance as to what this means, one of the easier measures to action is the implementation of secure remote access – a necessary measure which will help prevent unauthorised access to telecoms networks and systems.

There are a couple of different solutions that operators can put in place to try and achieve this. The traditional approach would be to use a VPN. In fact, as part of the code of practice, included with the guidance on regulation 4 ‘Protection of data and network functions’, there is a recommendation to use exactly that. Yet, while a VPN may address some of the requirements within the legislation, it is now quite outdated technology and could fall short of achieving others.

To avoid further work later down the line, and to benefit from far more robust network access control, operators ought to consider implementing a Zero-Trust Network Access (ZTNA) solution instead. It is widely recognised as the successor to VPN technology, offering increased security by working to the assumption that all requests have hostile intentions, and uses US military-grade AES-256 encryption to keep connections secure.

The shortcomings of a VPN

VPNs have been around for several years, and work by creating an encrypted tunnel between a user’s device and the network. This creates a point-to-point connection that, in theory, cannot be accessed by unauthorised users. They have, however, seen little change since they first came about in 1996, and their effectiveness in the context of modern cyber security threats is being increasingly questioned.

There are two key reasons for this. Firstly, authentication requirements for the VPN itself are often very basic, requiring little more than a username and password. Secondly, they can make it difficult to control or prevent any over-privileged lateral movement once inside the network. Therefore, if a cyber criminal were to bypass the authentication requirements, there is a chance they’ll be able to access systems and data across the entire organisation.

Of course, using a VPN is no doubt better than not having any access controls in place whatsoever, but it is far from the most secure choice. A VPN is also unlikely to help operators meet some other the more stringent security measures required in the TSA. For example, regulation 7 identifies measures needed to reduce supply chain risks, and regulation 8 outlines further details on the measures required for the ‘prevention of unauthorised access or interference’, both of which would be hard to achieve full compliance with using a VPN alone.

Additionally, there is a section included in the TSA code of practice that states providers should establish the principle of ‘assumed compromise’. This means assuming that network oversight functions are subject to high-end attacks that may not have been detected, and to ensure there are measures in place to make it difficult for the attacker. As lateral movement can be hard to prevent with a VPN, this is another area in which they are lacking.

Improved access control through ZTNA

In contrast, ZTNA has been designed with assumed compromise in mind, operating on the principle that the network is always hostile. Trust is never implicit, meaning users are only granted access to the specific applications and resources they need; with granular policies to determine what, where and when information can be accessed.

Not only does this meet with the requirements outlined in regulation 4 for which a VPN was recommended, but it can go a long way to complying with some of the other regulations as well. ZTNA’s comprehensive approach to network security ticks off most of the measures outlined in regulation 8, alongside many of those included in regulation 7 – by providing control over what third-party suppliers have access to, and limiting any potential damage should they be compromised.

ZTNA is also likely to become more of a significant factor in obtaining or maintaining cyber insurance. Owing to the rise in severity and frequency of cyber attacks, insurers have continued to increase the requirements needed to pass the risk assessment process. While the exact standards may vary between insurance providers, strong access control is one that appears to feature often, and the use of ZTNA will go a long way in demonstrating this.

Ultimately, ZTNA represents a more forward-looking approach to access control, aligning with the broader trend in cyber security of moving towards a more adaptive, dynamic, and user-centric security model. With its emphasis on continuous verification and granular access policies, it is a more robust solution that hits a number of the TSA regulations and will provide operators with stronger protection across their networks.

A future-proof solution

As the first deadline for the TSA approaches, network operators are faced with a choice. Either use traditional VPN technology to achieve secure remote access or to implement the more advanced ZTNA.

Despite their long-standing presence within the industry, VPNs fall short in addressing modern cyber security challenges, owing to their basic authentication processes and limitations in controlling internal network movements. ZTNA, on the other hand, offers a robust solution operating under the principle of ‘assumed compromise’, ensuring stringent access controls and aligning with several of the TSA’s requirements.

While continuing to use a VPN may seem like the most straightforward approach, and can help operators to meet the first ‘least resource intensive’ deadline, it is likely to be only a temporary solution. ZTNA is an easy to implement alternative that offers a more comprehensive, adaptable, and future-proof strategy – so why settle for something inferior when the option for better security is already present?

Broadband ISP Virgin Media UK (VMO2) has today announced that more than 17,000 additional homes and businesses in the South Yorkshire (England) town of Rotherham can now access their 2Gbps speed Fibre-to-the-Premises (FTTP) network, which was made possible by nexfibre’s network expansion. Rotherham is the latest in a long list of VMO2 areas that have, […]

Broadband and technology giant BT has today announced a new 10-year partnership with media group Global, which will jointly work to convert a further 2,000 of the operator’s legacy payphones and kiosks – across more than 200 UK towns and cities – into brand-new smart Street Hubs, starting in 2025. At present BT has already […]

Abingdon-based ISP Gigaclear, which specialises in deploying their gigabit-capable Fibre-to-the-Premises (FTTP) broadband network into rural parts England, has today announced that their network now covers 500,000 premises (ready for service) and they’ve also grown their customer base to 100,000 (up from 95k on 22nd Feb 2024). The internet provider is principally owned by major investor […]

Internet service provider Link Broadband, which typically sells FTTP broadband packages via a number of alternative networks, has today become the latest to have their customer base acquired by the Telecom Acquisitions (TAL) group. The deal applies to Link’s customers on the CityFibre network. The official press release is fairly light on detail and doesn’t, […]

Consumer magazine Which? has today published the results of their latest 2024 ranking of home broadband providers, which found that smaller ISPs like CommunityFibre, Zen Internet and Hyperoptic topped the table and eclipsed the biggest providers that now mostly inhabit the bottom half of the table. The latest ranking is based on a survey of […]

News 

Consolidation continues in the alnet market in the latest of a string of mergers 

UK fibre altnets VX Fibre and Freedom Fibre have completed their merger which was announced last December, following regulatory approval. 

The newly combined group will operate as name Freedom Fibre under their CEO Neil McArthur and his management team, and will have a network of 300,000 (which is up from the figure of 285,000 given in December). 

“This strategic merger leverages the strengths of both Freedom Fibre and VX UK to create a larger, stronger, and more diverse business backed by two significant investors with ambitions for growth,” said Freedom Fibre’s CEO, Neil McArthur. We are delighted to be joining forces with the VX team and are hugely excited about the future potential of the newly combined business.”  

VX UK mainly operates in and around Stoke-on-Trent, but has fibre assets in Bristol and Colchester. Freedom Fibre, which was launched in 2020, offers wholesale-only services on its network, and had a long-term partnership with leading UK broadband provider TalkTalk.  

Speaking to the financial times in January, Greg Mesch, CEO of the UK’s largest altnet CityFibre, said it is aiming to make as many of five acquisitions over the next two years. “Investment is drying up but I think that’s creating the opportunity to consolidate the network,” Mesch said. According to the article, the company is already in exclusive talks with two other altnets. 

Catch Greg Mesch at this year’s Connected North event, 22-23 April in Manchester. Secure your tickets now! 

Also in the news:
VEON exits Kyrgyzstan to focus on key markets
BT pledges to upgrade payphones nationwide
Spanish govt buys 3% stake in Telefonica, eyes 10%

News

The organisation says the new 5G lab stimulate growth and attract investment in the technology sector of the North of Tyne Combined Authority Region 

Digital Catapult has revealed plans to establish a new innovation lab in Newcastle, aiming to foster digital skills and innovation across the North of Tyne region.  

Situated in Newcastle’s Eldon Square, the facility will provide local companies and residents access to the latest advancements in 5G and immersive technologies. 

Collaborating with Vodafone, Digital Catapult’s innovation lab will focus on 5G Standalone (5G SA) and future network technology. Equipped with cutting-edge digital technology and a versatile workspace, including co-working areas and meeting rooms, the 5G Immersive Lab will help local businesses to leverage advanced technologies and accelerate product development.  

Recent Vodafone research found that UK SME’s are missing out on £8.6 billion a year in productivity savings due to the slow rollout of 5G SA. 

Funded by £700 million from the North of Tyne Combined Authority, the lab’s rollout will occur in two phases, with the co-working space expected to be operational by spring 2024 and the full 5G Immersive Lab set to follow by the end of summer. This initiative aims to bridge the digital gap and support innovation throughout the region. 

Technology industry organisation Dynamo North East will assist in identifying SMEs across the North of Tyne region that can benefit from the lab’s resources. Additionally, the maintenance of the innovation lab and co-working space will be managed by Floe, a provider of co-working spaces across the North of England. 

“5G is more than just being able to stream videos faster on your phone. It helps businesses to innovate and solve problems…” said North of Tyne Mayor Jamie Driscol. “That’s why this lab is really exciting, as it will provide the right environment and tools for businesses to test it out in a low cost, low risk way.” 

The partnership announcement comes just days after the Port of Tyne was awarded a £1.159 million contract to launch 5G-enabled ‘smart port’ operations. The project is a partnership with South Tyneside Council and will see5G cameras and Internet of Things (IoT) sensors installed to monitor the port estate and support its drive to go all-electric. 

The project was funded as part of the £3.7 million in government funding won by seven North East local authorities (Northumberland, North Tyneside, Newcastle, Gateshead, South Tyneside, Sunderland and Durham) to support four pioneering 5G and advanced wireless connectivity projects across the Northeast. This funding, in turn, is part of the £37 million earmarked by the Department for Science Innovation and Technology for their 5G Innovation Regions project.  

 Join Patrick Melia, Chief Executive of Sunderland City Council at this year’s Connected North event 22-23 April in Manchester – secure your tickets now! 

Also in the news:
VEON exits Kyrgyzstan to focus on key markets
BT pledges to upgrade payphones nationwide
Spanish govt buys 3% stake in Telefonica, eyes 10%

News

The Netherlands-based operator has sold its 50.1% stake in the business to CG Cell Technologies, a wholly owned subsidiary of CG Corp Global

This week, VEON has announced that it will exit Kyrgyzstan, selling its majority stake in Beeline Kyrgyzstan to Chaudhary Group (CG Corp Global)’s subsidiary CG Cell Technologies.

The deal will see VEON transfer its entire 50.1% stake to CG Corp Global, valuing the business at 3.4-times the company’s EBITDA in 2023.

According to VEON’s latest financial report, Beeline Kyrgyzstan’s EBITDA for 2023 was $22 million, hence the transaction for 50.1% has an estimated value of around $37.5 million.

Verny Capital holds the remaining 49.9% in the business.

“We are very pleased to become a major investor in the Kyrgyzstan telecommunications market with the purchase of the majority stake in Beeline Kyrgyzstan,” said CG Corp Global in a formal statement. “We are excited to cooperate with our partners in this joint venture as we continue to develop the business, ensuring that customers continue to get the modern, high-quality and reliable connectivity and digital services they have come to expect.”

The sale is subject to the usual regulatory approvals.

Beeline Kyrgyzstan has grown considerably over the past two years, with VEON CEO Kaan Terzioglu noting the unit’s “seven consecutive quarters of double-digit revenue growth, high penetration and quality of 4G services and solid foundations in digital offerings”.

Despite this, VEON’s Kyrgyzstan business remains the smallest of its international operations, generating just $56 million in revenue in 2023. By contrast, the company’s next smallest market, Uzbekistan, generated $269 million during the same period.

VEON, which also operates mobile networks in Ukraine, Pakistan, Kazakhstan, Bangladesh, Uzbekistan, and Georgia, has been working through a turbulent period in the past couple of years.

Following the Russian invasion of Ukraine in early 2022, the operator has fully withdrawn from Russia, selling the unit to senior members of its management team at the end of the same year. Now, the company is in the process of bolstering its embattled Kyivstar operations in Ukraine, pledging to invest $600 million to rebuild and expand the company’s networks over the next three years.

Keep up to date with the latest international telecoms news by subscribing to the Total Telecom newsletter 

Also in the news:
BT wins £26m contract to connect UK schools
Apple fined €1.8bn by European Commission over Spotify row
Japan to reduce regulatory pressure on incumbent NTT

Insight

In Landkreis Cloppenburg, CampusGenius took part in a groundbreaking project to transform healthcare with their private 5G-as-a-service solution, the GeniusCore

The project ‘Smart Emergency – Rescue Services Reconnected’ aims to address challenges facing the healthcare sector, such as a high burden on staff, low doctor density, and an increasing demand for emergency services in rural areas. Discover the impact of private 5G networks in healthcare. CampusGenius implemented 5G technology and telemedicine options in the St. Josefs Hospital and St. Pius-Stift care home, with the goal of enhancing medical services and accessibility. Find out how real-time monitoring, augmented reality applications, and easy collaboration among healthcare professionals can revolutionise patient care and operational efficiencies. With a focus on security, affordability, and user-friendly interfaces, this case study showcases the transformative potential of private 5G networks in shaping the future of healthcare.

Watch the full details on the video below!