Telecoms and broadband giant BT has announced that, as part of their ongoing UK programme to modernise and consolidate the number of offices they have, they’ve decided to close their Enniskillen Contact Centre in Northern Ireland. The move is expected to result in the loss of around 300 jobs from the site.

The Broadmeadow Place site is now expected to be formally closed by the end of October 2024. Some staff members may be able to move to a different site, although for many others this is likely to be impractical.

According to BT’s spokesperson: “We have now made the difficult decision to propose closing the site to the small number of remaining desk-based colleagues on 31st October and have entered into consultation with colleagues and trade union partners. We will continue to support all impacted colleagues throughout this process. These proposals will have no impact for customers.”

BT added that it would continue to make significant investments in the rollout of full fibre (FTTP) broadband and 5G mobile connectivity across Northern Ireland.

Deirdre Hargey, N.I Economy Minister, said:

“It is extremely disappointing that BT has decided to close its Enniskillen contact centre with a loss of 300 jobs. As a major employer in the region for over three decades, this decision is devastating for the workers and their families, and also for the wider community.

In line with his commitment to regional balance Conor Murphy met with both CWU representatives and BT to retain these skilled jobs. He also supported Invest NI’s concerted efforts to work with BT to find an alternative site within Enniskillen so these jobs could be retained. I have asked Invest NI to ensure every step possible is taken to support the staff impacted.”

Network builder and UK ISP CommunityFibre, which runs a 10Gbps capable Fibre-to-the-Premises (FTTP) network across London, as well as parts of Surrey and West Sussex, has today joined forces with the Department for Work and Pensions (DWP) to provide “free access to 100% full fibre broadband” to eligible Londoners struggling to get online.

The new initiative, which is supported by Jobcentre Plus, will see those eligible for the service receive 12-months of free full fibre broadband at speeds of 50Mbps. The offer is open to DWP customers who are “disabled, carers or have been in receipt of benefits for more than three months“.

The catch is that this new offer is only exclusively available across six Jobcentre Plus services within the Woolwich, Peckham, Tower Hamlets, Harlesden, Barnsbury and Finsbury Park sites in London only. But for those who are not eligible, Community Fibre also offers its own 35Mbps social broadband tariff at £12.50/month, although technically this isn’t a social tariff because it’s available to everybody covered by their network (not just those on state benefits).

According to the ISP, 1-in-10 Londoners (11%) say they have missed out on job opportunities, or experienced disruption during virtual job interviews, because of an unreliable internet connection. In addition, 15% of Londoners report that they cannot access basic services such as GP appointments, online banking, or government services because of poor broadband connectivity.

Mims Davies, DWP Minister of State, said:

“I am thrilled by how working with Community Fibre, DWP are able to give so many Londoners free, high speed internet for the next year.

Whether it’s interviewing for a job or accessing vital services, decent internet is necessary for all of us to get on with day to day lives. If you’re interested and think you might be eligible for this key support, speak to your local Jobcentre today.

This comes on top of our unprecedented £108b support package, which has prevented 1.3 million people falling into absolute poverty reflecting our commitment to help the British people through challenging times”.

We should point out that it’s by no means the first time that CF have done some kind of “free broadband” promotion (examples here and here) and sometimes even giving it away can prove to be unusually difficult (people don’t always trust “free” things). As part of its roll-out, the London-based fibre provider has also connected more than 600 community spaces with a free 1Gbps full fibre connection.

Mobile network operator O2 (VMO2) has today revealed that they’ve now rolled out enhanced 4G (mobile broadband) coverage across 150 rural sites (up from 100 in mid-Feb 2024) as part of their commitment under the £1bn Shared Rural Network (SRN) project, which aims to extend geographic 4G cover (aggregate) to 95% of the UK by the end of 2025.

The industry-led SRN – supported by £500m of public funding and £532m from operators – involves both the reciprocal sharing of existing masts in certain areas and the demand-led building and sharing of new masts in others between the mobile operators. But the 95% figure is only when the service is available from at least one operator, while the UK coverage forecast for SRN completion for all operators is actually just 84% for the same date (i.e. geographic areas where you’ll be able to take 4G from all providers).

The remote Scottish Inner Hebrides Isle of Eigg, which is home to less than 100 people, has become the home of Virgin Media O2’s 150th SRN site (mast) – some 117 of those are in rural parts of Scotland. While these 150 sites are controlled by O2, customers of Three UK and Vodafone are also benefitting from the operator’s rollout as part of shared access (EE didn’t take part in this aspect of the SRN).

O2 needed to use boats, helicopters and off-road vehicles to install a new 4G mast on the island, which previously only had coverage from just one provider, thus the upgrade offers residents more choice and will help many visitors stay connected for the first time.

Taking into account progress from all operators and the related infrastructure sharing agreements, VMO2’s customers can now benefit from faster 4G services at more than 200 rural locations.

Jeanie York, CTO at Virgin Media O2, said:

“We are continuing our Shared Rural Network rollout at pace to ensure more rural communities can access reliable mobile connectivity. Having delivered more sites than any other operator, our commitment to delivering this ambitious programme and levelling up rural areas is clear.

The 150 sites we have delivered will enable more residents, businesses and visitors in rural areas to benefit from better mobile coverage, with dozens more locations set to go live in the coming weeks. This work is vital in tackling the urban-rural digital divide that exists in the UK.”

Julia Lopez, Minister of state for Data and Digital Infrastructure, said:

“Backed by government funding, Virgin Media O2’s rapid rollout of the Shared Rural Network is delivering better 4G coverage to rural communities across the UK. The completion of its 150th mast in the Isle of Eigg in Scotland involved the use of helicopters, boats and off-road vehicles to get the build done and shows the UK Government’s commitment to rural residents and businesses, so the British public can enjoy good connectivity wherever they live.”

Despite the progress, the National Audit Office (NAO) recently confirmed (here) that Three UK, Vodafone and O2 were “each likely to miss their Ofcom licence obligation to provide 88% 4G coverage by June 2024” (i.e. the target for partial notspots (PNS) and had requested to “discuss an 18-month extension to the PNS element of the programme” (EE has already completed this target). At present, this only impacts the PNS, not the main target for Total Not-Spot (TNS) areas by early 2027.

Just to recap. Ofcom’s licence obligations commit each individual operator to increase its 4G coverage to 88% of the UK’s landmass by June 2024 – rising to 90% by January 2027 – with these individual obligations supporting the overall target of 95% by December 2025.

Last month saw the government reject calls for a delay to the PNS target (here), albeit partly because this is something that Ofcom first need to assess (they’re expected to reach a conclusion during the autumn). The government claims that the final TNS coverage target could still be achieved on time (i.e. they’ve build a fair bit of allowance for possible delays into the programme), even if there’s a delay to the PNS side.

Network operator CityFibre, which have so far deployed their 10Gbps capable Fibre-to-the-Premises (FTTP) broadband ISP network to cover 3.6 million UK premises (3.3m RFS), has today announced that they’ve completed their “primary” £17m deployment across the North Northamptonshire (England) town of Kettering.

The original build, supported by local contractor Granemore Group, officially got underway in April 2022 (here) and was due to reach completion by 2024. The good news is that, broadly speaking, they appear to have completed this project more or less on time and seemingly within its original budget.

The new network is now said to be ‘ready for service’ (RFS) at over 25,000 homes, which reflects about 86% of residential properties and “most” businesses in the town. CityFibre is understood to have laid 162km of dense full fibre infrastructure to cover the town.

However, while the primary-build is said to be completed, the operator added that they would “continue to explore opportunities to reach more sites including new build properties, multi-dwelling units, homes on private or unadopted roads and business parks.”

Charlie Kitchin, CityFibre’s Partnership Manager for Kettering, said:

“We’re thrilled to announce that the primary-build of our full fibre network in Kettering is now complete. With the UK’s best available digital infrastructure under its streets, residents can now enjoy seamless streaming with ample productivity and innovation benefits for the local economy. The rollout is an exciting step for Kettering’s connectivity, which will now benefit from faster and more reliable broadband.”

However, the operator’s new network will face competition from some existing gigabit-capable broadband networks in the area, such as Virgin Media, Openreach, FibreNest and Hyperoptic (the latter two only have very limited coverage).

The work supports CityFibre’s wider ambition of covering up to 8 million UK premises (funded by c.£2.4bn in equity and c.£4.9bn debt) – across over 285 cities, towns and villages (c.30% of the UK), although it’s unclear precisely when they will achieve this target (the original goal was for the end of 2025, but their current build + M&A plan may only get them to c.6m).

Network builder and ISP WightFibre, which operates a gigabit speed Fibre-to-the-Premises (FTTP) broadband network across the Isle of Wight – just off the South Coast of Hampshire in England, has managed to secure the ISO 27001 certification for Information Security Management Systems (ISMS).

Related certifications are a seal of approval from a recognised third-party body, which represents a series of global standards developed and published by the International Organisation for Standardisation (ISO). The idea is that by securing these certifications, companies can show that they’re safe, reliable and of good quality for particular tasks, features, management and / or services etc.

The ISO 27001 Standard is specifically intended to demonstrate that a company has a robust framework to help define, document, review, and update security controls, ensuing they are implemented consistently. Achieving ISO certification involves a rigorous process of assessment and checking that WightFibre adheres to the ISMS benchmarks, including the CIA Triad.

The CIA Triad is a model that forms the cornerstone of information security within the ISO 27001 framework. It stands for Confidentiality, Integrity, and Availability, three key principles that guide organisations in protecting sensitive information.

Benefits to Customers of the new ISO Certification

• Compliance: ISO 27001 certifications demonstrates that WightFibre adheres to the highest standards for information security, meeting legal, regulatory, and contractual obligations. This minimizes the risks of any data breaches, thereby protecting you from potential fraud and identity theft.
• Confidentiality: WightFibre is committed to the security of sensitive information. Our robust security policies and access management protocols ensure that your data is handled securely and confidentially.
• Risk management: By adhering to the ISO Standard, WightFibre effectively minimise risk exposure, providing you with the assurance that we are proactive in managing data security risks.
• Customer satisfaction: WightFibre’s dedication to constricted information security measures not only secures your data but also enhances your trust in our services, contributing to higher overall customer satisfaction.
• Culture of security: WightFibre has cultivated a security-first mindset among our employees and stakeholders, ensuring that everyone is aligned with our commitment to protecting your information.
• All-round protection: WightFibre’s heightened security awareness and practises extend beyond mere compliance; its integral to safeguarding our company, its assets, and everything in-between.

Securing an ISO certification requires a lot of work and is thus a significant achievement for any broadband company, although it’s worth noting that there are some broadband networks with multiple certifications, but those tend to be quite rare (e.g. Giganet and Freedom Fibre have five ISO standards under their belt, while Openreach has four).

However, as useful as ISO certifications are, they shouldn’t be conflated with expectations of always getting excellent customer support or perfect broadband service quality.

Network benchmarking firm Opensignal has published a new report that attempts to analyse the “user experience” impact of Virgin Media’s (VMO2) decision to open up their existing fixed broadband ISP network to wholesale (here) via a new business (NetCo), which is expected to be introduced during the second half of 2025.

Just to recap. Virgin Media’s existing gigabit-capable broadband network covers a shade over 16 million UK premises via a mix of different fixed line technologies, albeit primarily Hybrid Fibre Coax (HFC) and some Fibre-to-the-Premises (FTTP) lines (using both Radio Frequency over Glass (RFoG) or XGS-PON). The operator is also working to upgrade their entire HFC network (c.14.3m premises) to FTTP (XGS-PON) by 2028.

However, Virgin Media’s current network is closed, which means that only they (vertical integration) can sell broadband packages over it. Suffice to say that the recent decision to open this network up to wholesale by rival ISPs is a significant, albeit long-anticipated, development that could potentially give Openreach a major new competitor (Virgin and nexfibre combined will bring FTTP to 23 million premises or c.80% of the UK by 2028).

At present, it’s still far too early to judge what kind of impact this will actually have on the wider UK telecoms market, particularly since we don’t yet know anything about the kind of products, services or product flexibility they’ll be able to offer partner ISPs. Major question marks also exist over issues of cost, the scope for exclusivity agreements, and whether or not all ISPs will be treated equally and fairly by the new NetCo.

The User Experience Analysis

By comparison, Opensignal’s analysis attempts to compare the fixed broadband experience of existing VMO2 users against those users on the major Openreach tenant ISPs that aren’t owned by BT. It finds that within VMO2’s footprint, VMO2 users have, on average, a “better fixed broadband experience than those on the major ISPs that are Openreach tenants“.

However, the smaller footprint of VMO2’s network is also said to imply that “NetCo will — at least initially — only be able to compete for wholesale ISP tenants in a limited capacity, with a focus on urban and suburban areas“. This is to be expected, given Virgin Media’s pre-existing focus on urban areas, but then 16.2 million premises isn’t all that “limited“, unless they decide to initially only launch wholesale via the XGS-PON side of things to keep it aligned with nexfibre (the exact plan is still subject to some debate).

In addition, most Sky Broadband, TalkTalk and Virgin Media users within the latter’s footprint place within the two lowest speed brackets. This is especially pronounced for TalkTalk and Sky Broadband, with 71.4% and 66%, respectively, of Opensignal’s users’ download speeds placing in the bottom two brackets. Similarly, Virgin Media users in the slowest speed bracket also have a “more consistent experience” than those on Sky and TalkTalk.

The full report delves into all of this testing in a lot more detail, although we have significant doubts about the usefulness of this approach. This is because it’s generally unwise to try and predict future user experience by looking at Virgin Media’s own retail broadband performance, which may not be all that reflective of the services that NetCo ends up offering – wholesale is often much more complex and separate than this can reflect.

Much will admittedly depend upon the details of how NetCo actually design their wholesale proposition and how much flexibility they give to ISPs to differentiate themselves. But there can often be significant performance differences between retail and wholesale on the same physical network, which is often at least partly defined by the partner ISPs own network setup, product choices and capacity links etc.

The other difficulty for Virgin Media is that their standard retail pricing, particularly post-contract (after discounts), often comes out more expensive than many of today’s modern alternative networks. NetCo will thus need to be more competitive than that, but quite how this will be squared with the need to protect revenue and limit churn from Virgin’s retail base is as yet unclear.

Meanwhile, truly independent ISPs often find adopting a new network provider to be both a very complex and expensive process. Providers that make this leap also have to figure out a way of creating a streamlined set of packages for consumers, ideally without causing confusion with their existing services (i.e. too many different packages and prices make the market much harder to figure out).

Suffice to say, we’d take Opensignal’s report with a pinch of salt, since it may not be particularly reflective of NetCo’s wholesale proposition and the wider market will continue to change a fair bit by the second half of 2025.

Sources have informed ISPreview that the Government’s Building Digital UK (BDUK) agency has decided to extend the availability of their Gigabit Broadband Voucher Scheme (GBVS) to include urban areas. The scheme has, until now, only offered grants to help rural properties get a 1Gbps capable ISP connection installed.

The GBVS currently offers grants worth up to £4,500 to rural homes and businesses to help them get a gigabit-capable broadband service installed, which is available to areas with speeds of “less than 100Mbps” – assuming there are also no future plans for a gigabit deployment in the same area (either via private investment or state-aid). Some Local Authorities (LA) have, in the past, also provided top-up funding to boost the voucher values.

However, over the past year the GBVS has become somewhat diminished in its capacity to assist in rural areas, which is largely intended to avoid duplication of public investment with the wider Gigabit Infrastructure Subsidy (GIS) programme (i.e. awarding large state aid funded broadband deployments, for rural areas, to specific suppliers). As a result, the GBVS is currently suspended across much of the UK.

GBVS Availability Map

Despite this, we recently reported that the voucher scheme had been extended to run up to March 2028 (here). On top of that, BDUK is also known to have been exploring how the Project Gigabit programme could be expanded to help tackle poorly served urban areas (here), which can often sit neglected as patches of poor service, typically dotted about like small islands inside major cities and towns.

The latter problem can be caused by all sorts of challenges (e.g. high build costs, issues with securing wayleave / access and permits or road closures etc.), while state aid and competition law often make it difficult to use public funding in such areas (i.e. locations where private investment should be able to resolve without intervention).

The easiest solution to the legal and competition dilemma has typically been to use a voucher scheme, which was tried before and eventually morphed into today’s more rural-focused scheme. But the latest development appears to confirm that BDUK are going to give this approach another bash.

Gigabit Vouchers for Urban Areas

At present, the details of this are still subject to change, but our sources have informed us that the plan seems to involve a “soft launch” in June 2024 that will expand the voucher scheme into urban areas and run for about 10-weeks. The initial focus will be on 11 as yet unspecified areas, which are understood to contain a total of approximately 15,000 initial eligible premise.

The BDUK agency will spend the rest of this month conducting various market engagement work in order to help finalise their policy and assess how much interest might exist, as well as to identify any potential barriers that could hamper such builds.

As before, the aim of this expansion is to connect both businesses and residents to gigabit-capable broadband in urban areas, where there is no existing coverage, planned commercial coverage or coverage through other Project Gigabit schemes. The same voucher values (£4,500) and timescales as exist today will continue to apply (i.e. successful voucher projects must be delivered within just 12-months).

A DSIT spokesperson told ISPreview:

“We are committed to delivering lightning-fast gigabit broadband to communities across the UK, particularly to those who are hard to reach and not included in current commercial rollout plans.”

Assuming all goes to plan and there’s enough demand for urban gigabit vouchers, then BDUK will look to introduce phased extensions to the scheme from around September 2024. As usual, this expansion will be both demand-led and based on evidence.

Overall, we think this is a positive development, although it remains to be seen whether expanding the voucher scheme in this way will be enough to overcome some of the complex challenges that building in the remaining urban pockets of poor connectivity can often present (it’s not always a money problem).

Network security researchers have published details of a new vulnerability that arises from a “design flaw” in the IEEE 802.11 WiFi standard (CVE-2023-52424), which is said to impact “all operating systems and WiFi clients” and allows an attacker to trick Wi-Fi clients into connecting to an untrusted network.

According to TOP10VPN, which teamed up with security researcher Mathy Vanhoef to share this WiFi exploit – ahead of its presentation at the WiSec ’24 conference in Seoul – the root cause of this vulnerability stems from the fact that the IEEE 802.11 standard underpinning how WiFi works does not require the network name (SSID) to always be authenticated.

In short, the attack tricks a victim into connecting to a different WiFi network than the one they intended by exploiting the lack of SSID authentication. As if to make matters worse, routers that support the latest WPA3 encryption standard may be more vulnerable than those using WPA1 or WPA2. This is because WPA3 has an optional mode where the SSID is not used to derive the Pairwise Master Key (PMK) in the SAE (Simultaneous Authentication of Equals) handshake.

Unfortunately, while avoiding the use of the SSID is what makes this mode highly robust against a variety of cyberattacks, it is also what makes it vulnerable to the new attack outlined in the new report. But when WPA3 incorporates the network’s SSID, the new attack will fail. Mesh WiFi networks typically also use SAE rather than 802.11X to avoid introducing a single point of failure, which means they may also be vulnerable.

How Does the Attack Work?

For the SSID Confusion attack to succeed, the following must be true:

➤ The victim wants to connect to a trusted network.

➤ There is a second network available with the same authentication credentials as the first.

➤ The attacker is within range to perform a man-in-the-middle (MitM) attack between the victim and the trusted network.

Note that the victim doesn’t need to have ever connected to the untrusted network. Nor does the attacker need to know the victim’s credentials.

Once the target (victim) has connected to a different WiFi network from the one they intended, the attacker – who controls the bad network – can then do all sorts of nasty things, such as installing malware on the client’s device or snooping on their internet traffic. Full details can be found in this report (PDF).

A successful SSID Confusion attack also causes any VPN with the functionality to auto-disable on trusted networks to turn itself off, leaving the victim’s traffic even more exposed.

Report Conclusion

We showed that users, or their apps, make security-sensitive decisions based on the network they are connected to. For instance, some VPNs can disable themselves when connected to a trusted Wi-Fi network. However, we demonstrated that a client can be tricked into unknowingly connecting to a different network, even when enterprise or home WPA3 protection is used. This is caused by a design flaw in several authentication methods defined in the 802.11 standard. This vulnerability was assigned CVE-2023-52424.

A backwards-compatible defence is to use beacon protection and to verify the authenticity of a beacon, and the network name contained in it, before exchanging data frames. Alternatively, the 802.11 standard can be updated to always authenticate the network name when connecting to a network.

The big problem here is that, in order to properly resolve this, the existing WiFi standard(s) might need some updates, which is something that may only occur for kit that is still supported by the manufacturer.

In the meantime, existing networks can mitigate the attack by avoiding credential reuse across SSIDs, while enterprise networks should use distinct RADIUS server CommonNames and home networks should use a unique password per SSID (i.e. not one password shared across all the SSIDs put out by your router, which is fairly common).