• e& teams up with Ericsson to further its net-zero strategy
• Cloudbrink raises $25m as it aims to improve enterprise connectivity
• Telco security still sadly lacking, finds survey

In today’s industry news roundup: COP27 brings Ericsson and e& together; Cloudbrink raises cash but dreams up an horrendous five-letter acronym; telcos have a lot of work still to do on network security; and much more!

In the latest telecom industry announcement linked to the ongoing COP27 climate talks in Egypt, Middle East operator giant e& (formerly Etisalat) has teamed up with Ericsson to “explore initiatives aimed at reducing energy consumption and building more efficient and sustainable future networks”. Sabri Ali Albreiki, chief technology officer at e& (pictured, above left), noted: "Through our partnership with Ericsson, we aim to accelerate the decarbonisation of our network infrastructure business by exploring the deployment of their latest generation of energy-efficient radio equipment and software features. We will also work together to use the Ericsson product take-back programme to dispose of and recycle obsolete network equipment to high environmental standards. This agreement is part of e&'s broader commitment to reduce waste and achieve a sustainable low-carbon society.” For further details, see this announcement, and for more on the recent spate of green network announcements, check out TelecomTV’s Sustainability channel.    

Cloudbrink, which claims to have developed a software stack that can bring enterprise-grade reliability and security to any home broadband or cellular data connection and so enhance the experience of remote workers, has raised $25m to help promote its technology to the world’s enterprises. The company says its (gird your loins, folks…) hybrid-access-as-a-service (HAaaS) solution “replaces legacy VPN and SD-WAN architectures and enables employees to work from anywhere in the world,” boasts CEO Prakash Mana, who needs to be rebuked for exposing the world to an unpronounceable and unnecessary new five-letter acronym. Replacing SD-WAN? That’s bold. But Cloudbrink isn’t at the start of its development as it already has its software installed in “thousands” of points of presence (PoPs) and is being used by Zayo as part of its push to offer edge-enabled connectivity services to business customers. This looks like a company to watch, even if only for its brazen statements and should-never-catch-on abbreviations. Read more. 

As the availability of, and enthusiasm for, 5G increases, the majority of CSPs around the world that actually provide it say they need much stronger network security capabilities and protection as the incidence of breaches and incursions increases. Nokia commissioned UK-based data analytics and consulting house GlobalData to investigate what’s going on and the resulting joint report has now been published. Fifty CSPs from around the globe were interviewed about the state of their security environments as well as their partner and delivery experiences. All those surveyed had experienced at least one, and some many more, security breaches over the past 12 months. Some 56% of CSPs said they need to substantially improve their cyber capabilities against telecom-specific attacks, while 68% said they need to bolster and deepen their defences against ransomware threats. Significantly, the respondents said that as they disaggregate and open up their networks, 5G standalone deployments could actually increase security vulnerabilities rather than reduce them. To show how bad the situation is, 73% of the CSPs admitted their networks had suffered up to six security incursions in the past year. These not only resulted in specific regulatory liabilities, fraud and monetary theft but also severely disrupted and, in many cases, brought down systems completely. Sixty-five per cent of those surveyed complained that their security staff have to spend in excess of 30% of their time conducting manual security operations and procedures that could, and should, be automated. Incredibly 42% spend more than 40% of their time on automatable tasks. And unsurprisingly, 65% of respondents also expressed minimal confidence in the software security tools they currently use, complaining they are fragmented and too slow to be able to identify and stop breaches before they infect their systems. Furthermore, 40% of CSPs say they need immediate help with detection and response technologies, while 70% say they need that assistance either straightaway or in the very near future. The Nokia/GlobalData report concludes that the answer to these pressing problems are real-time threat detection and response capabilities. Andy Hicks, principal analyst at GlobalData, said: “Our survey shows that CSP security staff are doing as much as they can with the people and tools they have. But as CSP services multiply, vulnerabilities will also increase unless they can automate more of their security processes.“ Vishal Sahay, head of managed security services for cloud and cognitive services at Nokia, added, “The substantial changes taking place in the 5G ecosystem are bringing both new dimensions to the telecom threat landscape and opportunities for malicious actors to take advantage of network security vulnerabilities. And the findings we’ve announced today reinforce the critical need for CSPs and enterprises to step up their cyber protection practices and to rethink the tools and processes they are using in order to transform and strengthen their security capabilities.” 

Staying with the ransomware/malware theme, new research from Recorded Future Inc. reports that criminal gangs are becoming so sophisticated that they actually steal computer code from their victims, then apply it to invade the very systems from which they have been stolen, after which extortion payments are demanded, Bloomberg has reported. Either that or they actually write their own invasive code to infect their targets. This is a significant move away from the ‘established’ model whereby ransomware gangs effectively hire malicious code and even computing resources from what might best be described as malign wholesale suppliers providing ransomware-as-a-service. The marked trend is making it much more difficult for law enforcement agencies to identify, monitor and shut them down. According to Allan Liska, threat intelligence analyst at Recorded Future, “In the last year, ransomware has become a race to [the] bottom among ransomware groups.” Now they are “stealing from each other, lying even more than usual to victims and creating havoc among investigators and law enforcement”, he added. Liska surmised that the change in tactics is down to a growing fear that big ransomware groups are well and truly on the radar of law enforcement and liable to be shut down and individual hackers apprehended and jailed for a long time. Only last week, the US Department of Justice (DoJ) announced it had charged a dual Russian-Canadian national for working with the LockBit ransomware gang. Elsewhere, hackers associated with the Netwalker and REvil extortion groups have pleaded guilty to participating in, and benefiting financially from, ransomware attacks. The US Treasury Department recently said that various American financial institutions reported that at least $1.2bn in ransomware payments had been made in 2021. That was a doubling of extortion payments over 2020, and what has been reported is probably just the tip of the iceberg. Many companies, organisations, institutions and agencies keep resolutely schtum about when, where and how they were attacked and how much they shelled out in blackmail payments to get their systems and data back. Earlier in November, a ransomware summit conference held in Washington DC and attended by delegates from 35 countries, heard from a senior White House representative who told them that the sophistication and speed of deployments of cyberattacks by small ransomware gangs is accelerating to the point that the US government and its various agencies are unable to trace, disrupt and stop them. It’s a dismal outlook and likely to get bleaker until some sort of meaningful international co-operation can bring concerted policing action to bear in order to tackle a menace that is now so quick to mutate, strike and then mutate again.

The regulator in Romania, Ancom, has raised €432.6m (less than the expected €700m) from an auction of 5G spectrum in the 700MHz, 1500MHz, 2600MHz and 3400-3800MHz bands. Orange Romania spent  €264.6m on two blocks of 2x5MHz in the 700 MHz FDD band, all eight blocks of 5MHz available in the 1500 MHz band and 16 blocks of 10MHz in the 3400-3800MHz band. Vodafone Romania paid €122.5m for one block of 2x5MHz in the 700MHz band FDD, and 10 blocks of 10MHz in the 3400-3800MHz band. RCS & RDS paid €45.4m for four blocks of 2x5MHz in the 2600MHz FDD band and five blocks of 10MHz in the 3400-3800MHz band. Telekom Romania, which is owned by Greek national operator OTE (itself part of the Deutsche Telekom group), did not participate, which might raise some questions about its commitment to the market. Orange, though, is all in, saying it now has more spectrum assets than any other operator in the country. “Today we made a decision for the future, which once again shows our commitment to Romania,” noted Liudmila Climoc, CEO of Orange Romania. “A digital future that needs a modern and powerful telecommunications infrastructure, essential to respond to increased traffic needs, but also innovations in connectivity services. We have made a significant investment to offer customers, the business environment, central and local administrations, but also researchers, an Orange network prepared for the challenges brought by the digital transformation of the next 25 years," she added. For further details about the auction results, see this ANCOM announcement. 

What will become of Telecom Italia (TIM)? With a new government in place, there were hopes that the previously agreed deal to merge the Italian national operator’s fixed access network with that of wholesale rival Open Fiber might get the green light, but now it seems there is an alternative plan, dubbed Minerva, that involves the outright acquisition of all of TIM’s assets by the Italian government followed by the divestment of certain assets, such as the profitable and growing operations in Brazil. According to a report from Reuters, the new government’s industry minister Adolfo Urso stated at a conference in Rome that the privatisation of TIM in 1997 was a “mistake”.  

The Swedish Prosecution Authority has closed an investigation into suspected bribery payments made in China by Ericsson employees because there was no evidence a crime had been committed, Reuters has reported. “While payments amounting to several hundred million Swedish crowns, corresponding to tens of millions of dollars, were made over a period leading up to 2016, it was not clear that these were made in bad faith,” stated the prosecution authority.

“Up East” in Maine, the northeastern-most US state, internet access is provided by a fragmented patchwork of networks belonging to 22 different private ISPs. As the Maine Connectivity Authority (MCA), the quasi-governmental body responsible for achieving universal access to affordable high-speed broadband across the state, coyly puts it: "The middle mile infrastructure supporting these networks was generally not created to support the goal of universal broadband access throughout the state.” Very diplomatic. More than 10 years ago, Maine was awarded a $25.4m federal funding grant to help build what is a 1,100 mile-long regional fibre-optic network, quaintly called the "Three Ring Binder" middle mile infrastructure network. As you might imagine, it comprises three rings of fibre-optic cables covering the entirety of the state, which help to connect the local ‘last-mile’ internet networks to the wider world. However, 12 years after the Three Ring Binder project first broke ground, it remains incomplete and many parts of Maine, some suburban but mainly rural, remain underserved. Welcome, then, to the Maine Online Optical Statewide Enabling Network, or MOOSE Net, a new $53m MCA strategic initiative and public/private partnership to update the state’s data networking infrastructure. Convoluted but amusing, the name reflects the fauna of the state, which has at least 76,000 moose, excluding those that are pets and just hang out "loose aboot the hoose". The 530-mile MOOSE Net will cover 131 communities, representing over 11,000 unserved local businesses and residents, as well as more than 200 community “anchor institutions”, including schools, hospitals, libraries, local government buildings, and civic centres. 

- The staff, TelecomTV