Connect with us


Jimmy Jones: UK Telecom Security Bills Drive Global Regulation and Network Security Standards Beyond 5G



The author of this Expert Opinion is Jimmy Jones, a telecom cybersecurity expert for Positive Technologies

The telecoms security bills raised for consideration in the UK parliament recently are really interesting, but not just for the reason that has been the focus of the major news agencies.

The Huawei situation has been front and center of all reporting and as a reflection of the current global political environment, that is only right. The rift between China and the West has probably never been larger and Huawei have found themselves front and center.

However, uncertainty surrounding Huawei has been present for some time now, so it’s possible that mobile operators have already planned for life without them.

Reading deeper, there are other areas of interest. The law is establishing the operator’s security responsibility beyond the exclusion of certain vendors, to network security as a whole, as well as forcing change in the telecom supply chain, driving vendor diversity to combat the security vulnerabilities of monoculture or duo culture networks.

But these goals are not unique to the UK.

The Prague conference and a 5G agreement on security

In 2019, 32 countries attended a 5G conference in Prague and announced an agreement in principle on security. Shortly after the event, the European Union released the EU Toolkit, which was supported by a document from ENISA, the Europen Union’s Cyber security advisers. The Cybersecurity and Infrastructure Security Agency in the U.S. released a strategy document of late that mirrored much of the EU’s.

Within both papers, and others globally, we see reference to greater regulatory powers, and in the last week the UK has been the first to move enshrining these powers in law, while at the same time setting the bar for fines, £100,000 a day or 10% of revenue.

Even with Brexit looming, the UK will still closely align with the EU and are part of the wider “5 eyes partnership”, so it’s reasonable to expect the fines and laws to be similar and follow closely in these associated states. Additionally, the Trump administration’s “Clean Network” initiative again mirrors the Prague agreement and this is publicly supported by a number of their allies who were not present in Prague – for example, Latin America.

Therefore, while this legislation is specific to the UK, it indicates the direction of regulation well beyond those shores.

OFCOM, the UK regulator, will be given new powers to direct telecoms providers to take interim steps to address security gaps, but this is not restricted to standalone 5G networks. The legislation states who has access to sensitive parts of the core network, how security audits should be conducted, and how customer data must be protected. This will force operators to improve their security protection for all generations, rather than just 5G networks.

The regulation was released in two parts, the second concentrating on diversifying the network beyond the one or two vendors available today. This again mirrors the stated goals of the CISA though they take it further, offering prizes and R&D incentives for innovation to secure the supply chain.

Taking on the issue of security directly by excluding Chinese vendors

This addresses a big issue directed at policy makers when they excluded Chinese vendors. The argument is that exclusion slows the rollout of 5G, so the country will either fail to take full advantage of the move to industry 4.0, or make it more expensive, or slower for consumers to benefit from the new technology.

However, we do also see the opposite effect. The Huawei strategy has accelerated Open RAN, with Dell’Oro Group predicting huge rises in investment accelerated by the decision to limit Chinese equipment, reducing competition. The UK’s decision to create the SmartRAN Open Network Innovation Centre and the support of the NeutrORAN project with NEC should also create commercial opportunity and the incentives to drive innovation and new market entrants.

Ensuring the security for this abundance of new suppliers could be a problem. The program will have its hands full keeping track and vetting these new, likely small and niche vendors. I have no doubt the labs will be able to assure the quality of solutions. But many could be functions never seen before, driven by 5G applications we haven’t thought of yet. So complexity and volumes will put the pressure on labs to certify the solutions quickly enough for the market.

New applications develop much faster than established technologies, so they need updating more often. Interactions and behavior between applications may change as new ideas are developed. So just getting new vendors securely to market is ambitious. Yet this is just the start – you must secure the long-term maintenance and management processes. This means software patching, upgrades, configuration, expansion projects and the many other day-to-day activities a network needs.

It’s a massive task, but the UK government has to be commended for starting to address an issue that will affect every country and every individual for the rest of our lives.

Jimmy Jones has worked in telecoms for such major operators as WorldCom (now Verizon) and vendors including Nortel, Genband and Positive Technologies (since 2017). From legacy telecom exchanges to integration and protocol interoperability testing, Jones changed in 2005 to SIP and Session Boarder Controller equipment. He’s been on the front lines from Tier 3 and 4 wholesale carriers to Tier 1 operators using SIP for peering and access as part of the move to IMS and LTE networks. This piece is exclusive to Broadband Breakfast.

Broadband Breakfast accepts commentary from informed observers of the broadband scene. Please send pieces to The views expressed in Expert Opinion pieces do not necessarily reflect the views of Broadband Breakfast and Breakfast Media LLC.

Broadband Breakfast is a decade-old news organization based in Washington that is building a community of interest around broadband policy and internet technology, with a particular focus on better broadband infrastructure, the politics of privacy and the regulation of social media. Learn more about Broadband Breakfast.

Continue Reading
Click to comment

Leave a Reply


Industry Praises FCC Proposal to Revamp the 5G Rural Fund

The FCC proposed adjusting the $9-billion budget allocated for the fund using updated maps



Photo of FCC Commissioner Nathan Simington by Bonnie Cash from the Hill

WASHINGTON, September 26, 2023 – Industry associations are praising a proposal from the Federal Communications Commission Thursday to review coverage areas based on updated commission maps so that the 5G Fund can reach more communities without the wireless technology.

Thursday’s vote proposes to help dictate the eligibility requirements for areas in need of support of the 5G Rural Fund for America.

The commission proposed adjusting the $9-billion budget allocated for the 5G Fund, the optimal methodology for consolidating eligible areas into smaller geographic regions for bidding, the feasibility to extend 5G Fund support to qualifying regions in Puerto Rico and the U.S. Virgin Islands, possibly mandating cybersecurity and supply chain risk management plans for 5G Fund recipients, and the possibility of whether the 5G Fund should be utilized to encourage the deployment of Open Radio Access Networks.

“What this means is that as we develop the 5G Fund and build the successor to our existing universal service program supporting wireless networks in rural America, known as the Mobility Fund, we will be able to incorporate this detailed picture of where service is and is not,” FCC Chairwoman Jessica Rosenworcel said. “We will be able to see gaps in coverage and ensure support actually reaches the communities that need it most.”

Meredith Attwell Baker, president and CEO of industry association CTIA, praised the commission’s decision “for recognizing the crucial role that mobile wireless services play in keeping Americans connected.”

“Implementing the 5G Fund and using the FCC’s new maps will help extend the benefits of advanced 5G services to more communities and consumers,” she said.

Tim Donovan, president and CEO of the Competitive Carriers Association, also praised the decision, saying the 5G Fund “has been a top priority for CCA, and we will continue to work with the Commission and our members to ensure the final rules preserve and expand mobile broadband access to every American.”

The commission also adopted Thursday new regulations to expedite space applications, the availability of spectrum resources for space launches, old rules to combat robocallers, and handed down over $100 million in fines.

FCC space and spectrum allocations

The FCC unanimously ratified the Expediting Initial Processing of Satellite and Earth State Applications Space Innovation, which is the adoption of new rules to expedite its processing of space and earth station applications.

It also unanimously ratified new rules ensuring that commercial space launches have the necessary spectrum resources for reliable communication. These adoptions will “promote safety, competition, innovation, and continued American leadership in the new Space Age,” the agency said. The new rules will also provide an allocation within the 2025 to 2110 MHz band for ground-to-launch vehicle telecommand which is needed for space launch operations, and make “the entire 2200 to 2290 MHz band available for launch telemetry.”

“I believe that the most important part of streamlining the FCC’s application processing procedures is ensuring swift and efficient FCC action—which will maintain U.S. leadership in the satellite communications service industry. It will also nurture the growth of the broader space sector, which includes new and innovative manufacturing processes, robotics, earth surveillance and exploration and other future innovations,” Commissioner Nathan Simington said.

Robocallers losing access to phone numbers

The FCC also voted in favor of adopting rules that would modernize the commission’s requirements on how Voice over Internet Protocol providers get direct access to telephone numbers.

The adoption sets in motion parameters to limit access to “phone numbers by perpetrators of illegal robocalls, protect national security and law enforcement, safeguard the nation’s finite numbering resources, reduce the opportunity for regulatory arbitrage, and further promote public safety.”

In line with the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act, the new rules will require applicants to submit additional disclosures and certifications in regard to their “ownership structures and compliance with the Commission’s rules and state law and takes targeted steps to address the concerns” that were raised in the rulemaking.

These rules consist of making robocall-related certifications that will help ensure compliance with the commission’s rules targeting illegal robocalls; to keep and disclose current information about ownership, including foreign ownership, that will alleviate the risk of providing violators abroad with access to U.S. numbering resources; guarantee their compliance with other commission rules that are applicable to interconnected VoIP providers including particular public safety and access stimulation rules, and requirements to submit timely FCC Forms 477 and 499 filings; and compliance with state laws and registration requirements that apply to businesses in each state where numbers are requested.

FCC fines Dorsher Enterprise $116 million

The FCC additionally adopted a $116,156,250 fine against the Dorsher Enterprise, a group consisting of Thomas Dorsher, ChariTel, OnTel, and ScammerBlaster.

The Commission’s investigation revealed that the group promoted themselves as a crusade fighting against scam robocalls at the same “illegally robocalling toll free numbers” and used credits from their scam “to fund telephony denial of service (TDoS) attacks on other entities.”

The parties in the group, which allegedly made nearly 10 million robocalls to generate toll free dialing fees, are jointly liable for the fine.

“Dorsher’s claim that he was actually trying to ‘shut down scammers’ is meritless in the face of these facts,” Commissioner Geoffrey Starks said. “As I have said repeatedly, there are numerous hurdles to finding these bad actors, and bringing them to account for violations of our rules. I am pleased to see another example of how, by working together, we can untangle these schemes and protect consumers.”

Continue Reading


Rural Mobile Providers Push FCC to Alter 5G Fund Model

If carrier receiving legacy federal funds lose at auction, they could leave areas ‘stranded,’ providers say.



Screenshot of Carri Bennet, RWA's general counsel

WASHINGTON, September 14, 2023 – Rural mobile providers are urging the Federal Communications Commission to consider an alternative to the reverse auction funding model the agency proposed for a future 5G fund.

The fund has been in limbo since 2020 due to mapping issues. It makes $9 billion available for 5G mobile broadband infrastructure in areas unlikely to be served without subsidies.

With access to newer, granular data on mobile broadband coverage in the U.S., the FCC released on August 31 a notice proposing updates to the program’s methodologies for defining areas eligible for funding and seeking comment on potential new provisions like extending support to Puerto Rico and the Virgin Islands. The proposal is slated to be discussed at the agency’s open meeting on September 21. 

Ahead of that discussion, the Rural Wireless Association has met with FCC officials five times in the last month to reiterate the same concerns over the program’s reverse auction model. Under this procedure, providers would compete to develop the cheapest cost structure for serving an area with the minimum required speeds – at least 35 Mbps upload and 3 Mbps download in the case of the 5G Fund.

Rural providers are concerned because some areas served by carriers receiving support from legacy funding programs like the Mobility Fund will be eligible for auction. If those carriers lose at auction, the RWA says, the reduction in federal funds might make them unable to continue operating their infrastructure and leave other areas covered by their networks without service.

“There is no ‘safety valve’ put in place that would protect these networks built with federal dollars and maintained by legacy support mobile carriers,” the association wrote in an ex parte filing on Wednesday.

The RWA has proposed the commission seek comment on allowing these providers to opt out of the reverse auction if they are an area’s sole mobile carrier. In such a scenario, the group also wants the FCC to consider subsidizing 5G upgrades based on predicted costs.

Continue Reading


CTIA Report Says 5G Available in 54% of U.S., 35% of Korea and 27% of China

The wireless association says 5G will add $1.5 trillion in GDP and 4.5 million in new jobs over 10 years.



Illustration from CTIA–The Wireless Association

WASHINGTON, July 14, 2023 – A report by wireless trade association CTIA showed that the United States is making strides towards 5G development, and that the wireless standard is expected to add $1.5 trillion in GDP and 4.5 million of new jobs over the next decade.

Breaking the benefit down by geography, the study showed that 5G has contributed $139 billion to GDP growth in New York City, $65 billion to the Seattle area, $43 billion to Dallas, and $20 billion to San Diego.

The United States has emerged as a frontrunner among its global counterparts in terms of 5G availability, according to CTIA, with 54% coverage. This percentage appears to position it ahead of South Korea by nearly 20 percentage points, while surpassing China’s rate of 27% and more than three times the United Kingdom’s rate of 17%.

The report draws upon a 2021 study by BCG, 5G Promises Massive Job and GDP Growth in the U.S., February 2021, and supplements additional numbers sourced to prior CTIA reports. The trade group attributed the $275 billion of investment by service providers on infrastructure buildouts and enhancement. About $35 billion was spent in  2021.

5G’s faster deployment rate, increased consumer adoption, and superior performance compared to its 4G predecessor make it a key player in bridging the digital divide and mitigating climate change and strengthening national security, CTIA said.

Despite the progress made, the report reiterated the need to obtain more licensed mid-band spectrum to enable network expansion.

“This required a coordinated effort, starting with Congress re-establishing the Federal Communications Commission’s auction authority and auction pipeline,” urged the report.

The commission’s authority to license spectrum has expired in March and has not been renewed.

Continue Reading

Signup for Broadband Breakfast News

Broadband Breakfast Research Partner