Networking

Singapore telcos StarHub and M1 have been fined a total of SG$610,000 ($447,090) for broadband service disruptions that occurred in April and May this year. Two of the outages later were found to be due to human oversight, including a system configuration. 
In determining the financial penalties, industry regulator Infocomm Media Development Authority (IMDA) said in a statement Sunday that it had considered various factors such as the duration, impact, and customer service measures rolled out by the operators to mitigate impact. 
StarHub’s service outage on April 15 lasted almost five hours and affected up to 250,000 broadband subscribers. Triggered when an employee made a configuration error during a scheduled network migration exercise, IMDA said the incident could have been prevented if the operator had better supervised the staff during the migration exercise. 

Global pandemic opening up can of security worms
Caught by the sudden onslaught of COVID-19, most businesses lacked or had inadequate security systems in place to support remote work and now have to deal with a new reality that includes a much wider attack surface and less secured user devices.
Read More

For breaching the country’s Code of Practice for Telecommunication Service Resilience 2016, StarHub was fined SG$210,000 ($153,916), said IMDA, which added that it considered the operator’s efforts in restoring services as soon as possible and its swift response and compensation to affected subscribed. 
M1’s service disruptions occurred over two days on May 12 and May 13, affecting 18,000 and 20,000 broadband subscribers, respectively. 
The first outage, lasting 23 hours, was the result of a corrupted profile database in the operator’s Broadband Network Gateway, which IMDA noted could have been avoided if M1’s staff and service vendor had followed prescribed procedures. 
In the second disruption, which lasted six hours, a software fault in the operator’s network equipment was found to have affected internet traffic routing for the affected subscribers. Here, IMDA determined M1 could not have “reasonably foreseen and prevented” the incident since it was the first time the software fault had affected such equipment and deemed the operator not to be in breach of the Code of Practice.
However, M1 was found to have contravened the Code in the first service outage and fined SG$400,000 ($293,173). Noting that the disruption had spanned almost a full day, IMDA said it caused significant inconvenience to the affected subscribers.  
The industry regulator’s deputy chief executive Aileen Chia, said: “We take a serious view of any service disruption to public telecommunications services, particularly during the circuit breaker period when most people were working and studying from home, and will take firm and decisive action to safeguard our consumers’ interests. 
“Operators must communicate any service difficulties with their customers and rectify incidents expeditiously, and should provide good service recovery measures to affected customers,” Chia said.
RELATED COVERAGE More

The National Broadband Network (NBN) has gone back on its claims that its extension until the end of September to its 40% capacity boost at no charge for retailers would be the last.
On Friday, the company said it was extending its offer for a further 10 weeks, taking it up to the end of November.
As with all other extensions, the company is also extending its 45GB boost for satellite users to November 30.
The company is also extending its education assistance offer to waive its AU$37 monthly wholesale charge for unconnected low-income households that need connectivity for online schooling until 15 January 2021. NBN said it is also broadening its first timer discount, dubbed illuminate, to include education assistance users for a year after January 15.
“Illuminate provides retailers a 50% discount on the effective wholesale charge of most NBN speed tiers for premises that have not connected to the network and have passed 18 months since their premises was able to connect, or have disconnected after having an active service and have been inactive for more than six months,” it said.
“Under the illuminate offer, internet providers will have access to a 50% discount on the wholesale price of most fixed line and fixed wireless bundles for a period of 12 months.”
NBN said the extension arrived after receiving feedback from retailers over recent weeks.
“We also recognise that many Australian households are under financial pressure, particularly low-income households. Therefore, we are concentrating our efforts to help lower-income households continue to have access to affordable broadband services,” NBN chief customer officer Brad Whitcomb said.
“To date, NBN Co has invested heavily to support the industry through various measures such as the wholesale pricing and inclusion changes over the past nine months and we have maintained the offer of additional capacity for seven months to help internet providers adjust to changes in demand.”
Even though downstream throughput on its network is declining slightly in recent weeks, the levels reported by NBN during the third full week of August are between 22% to 36% higher than pre-COVID levels, upon which the 40% CVC boost is calculated from.
For upstream throughput, the business hour peaks remain 74% above pre-COVID levels.
Over recent months, NBN has faced criticism for wanting to pull its CVC boost and return to regular pricing.
“NBN’s extra 40% CVC bandwidth to cope with peak demand during COVID certainly cushioned the impact, but once it’s gone, we don’t believe traffic levels will return to original forecasts,” Aussie Broadband managing director Phil Britt said in July. “Given that telcos pay overage for CVC usage above the amount bundled into their NBN wholesale products, this puts them in a difficult situation.
“They will either need to raise retail prices to keep the service levels the same in peak time speeds, or lower peak time speeds to maintain at least some level of margin — which is almost non-existent as is.”
In its most recent set of results, NBN CEO Stephen Rue said Australia had undergone a seismic shift in relation to shifting to digital during the pandemic.
“COVID has induced changes over the last 6 months that would otherwise have taken years to play out. It’s changed not just where we work, but how we work: how we collaborate; how we innovate, and who we work with,” he said in August.
“The information superhighways made possible by NBN have never been more critical to our way of life.”
For its 2020 fiscal year, NBN reported revenue was up by 36% to AU$3.8 billion while operating expenses were down 7% to AU$2.07 billion. Payments to Telstra and Optus increased by 27% to AU$2.4 billion for the full year, leaving NBN with an earnings before interest, tax, depreciation, and amortisation loss of AU$648 million.
Related Coverage More

Cisco and ServiceNow announced Thursday a new collaboration aimed at improving COVID-19 contact tracing efforts. Contact tracing is considered one of the most effective ways to slow the spread of infectious disease and mitigate the long term impact of the coronavirus pandemic. 
To that end, the companies said they will integrate Cisco’s indoor location services platform, DNA Spaces, with ServiceNow’s contact tracing application. 

The combination will help companies better understand the extent of employee interactions and allow them to take more immediate and informed actions in the event of a positive test, the companies said.
“This partnership allows our joint customers to seamlessly import the Proximity Reporting data into ServiceNow’s case management tool, adding reliable employee location data to ServiceNow’s robust Safe Workplace workflows,” Cisco said in a blog post. “With this integration, companies can make more informed decisions to reduce the transmission of the virus.”
Cisco’s DNA Spaces platform is part of its network segmentation lineup. The platform includes Cisco’s wireless and enterprise geolocation technologies. In the context of contact tracing, the platform offers businesses location-based data and analytics about how people and things move about within physical office locations or other buildings, along with the ability to act on those insights in real-time, according to Cisco.
Meanwhile, ServiceNow’s Safe Workplace Suite is designed to give enterprises the tools to return employees to the workplace, track health and manage inventory for things like personal protective equipment as economies and companies re-open during the COVID-19 pandemic. A Safe Workplace Dashboard provides visualizations of the data collected by the apps as well as a map that brings in aggregated public data on infection rates.
RELATED: More

Image: Getty Images/iStockphoto
Intelsat announced on Monday that it has decided to part with $400 million in cash to buy the commercial aviation arm of Gogo.
The Gogo install base involves 21 airlines and over 3,000 aircraft, Intelsat said, and includes among its customers nine of the world’s top 20 carriers.
“Consumer demand for in-flight connectivity is expected to grow at a double-digit rate over the next decade, notwithstanding the impact of COVID-19, ” Intelsat CEO Stephen Spengler said.
“We are growing beyond satellite connectivity to expand into consumer-optimised managed services.”
Intelsat said passengers would get connectivity that could handle video streaming, browsing, and cloud-based applications, while airlines would get a fully integrated platform.
“This transaction will combine Intelsat’s next-generation high throughput space assets with Gogo’s best-in-class 2Ku antenna to uniquely position Intelsat to deliver more cost-effective and advanced commercial aviation broadband connectivity services,” the company said.
For its part, Gogo said it would use the money to pay down debt and focus on its business aviation segment, which it said was an “attractive and underpenetrated market” that was going through a “sharp recovery”.
Gogo further said Intelsat intends to operate the commercial airline business as a separate unit led by current president John Wade, and would remain in Chicago.
“As part of the transaction, Gogo will enter into a 10-year network services agreement under which Intelsat will have exclusive access to Gogo ATG services for the CA market in North America, subject to minimum revenue guarantees of $177.5 million,” Gogo said.
Provided the deal gets the proper approvals, it is expected to close in the first quarter of 2021.
In May, Intelsat filed for chapter 11 bankruptcy.
“Our success has come despite being burdened in recent years by substantial legacy debt. Now is the time to change that,” Spengler said at the time.
“We intend to move forward with the accelerated clearing of C-band spectrum in the United States and to achieve a comprehensive solution that would result in a stronger balance sheet.”
For its second-quarter releases released in August, Intelsat reported total revenue of $482 million, down $27.4 million, and a net loss of $405 million, which was a reduction on the $530 million lost during the second quarter of 2019.
The company said it spent almost $300 million during the quarter on costs related to its bankruptcy and reorganisation.
Intelsat said on Monday it intended to fund its Gogo commercial airline purchase from cash on hand and its debtor-in-possession financing. The US Bankruptcy Court for the Eastern District of Virginia, Richmond Division, approved the deal on Monday.
Related Coverage More

Image: Chris Duckett/ZDNet
The Australian government released its updated Telecommunications in New Developments (TIND) policy on Tuesday, as Canberra said the existing policy and market was working well and did not need additional regulation. 
“Most participants in the market have been operating in line with the policy and most outcomes are positive. The number of negative outcomes is limited,” it said.
“In this context a lighter touch approach is warranted. The government will, however, look at more direct approaches should this change and greater guidance be required.”
Building on the Statutory Infrastructure Provider (SIP) obligations for NBN to be the default network provider, the new TIND policy is focused mainly on the government-owned wholesaler.
“So they can meet their ongoing SIP requirements, carriers should install fixed-line networks in new developments unless this is not reasonable, in which case they should use either fixed wireless or satellite technologies,” the policy states.
Under the policy, NBN has a number of cost caps for installing connections, which it may lower if market forces demand it.
“These caps are to protect developers and occupants from costs that might otherwise discourage them from accessing telecommunications,” the policy states.
The policy further calls for NBN and carriers to publish costs to build infrastructure and connect premises on their websites.
“Carriers should not charge end-users more than the relevant published rate. The maximum end-user contribution charge is set by this policy at AU$300 for a telephone and internet service,” it states.
“The government will monitor carrier compliance with these aspects of the policy and will consider further regulation if warranted.”
Under the TIND, NBN must “consider” connecting a new development to fixed-line broadband if it is within 1 kilometre of its fixed-line network.
“In all such cases, NBN Co will need to consider whether it is cost effective for it to install fixed-line infrastructure,” the policy states.
“It must keep records where it decides not to use fixed-line infrastructure, including its reasons for not using such infrastructure, and must make those records available to the Minister or Department of Infrastructure, Transport, Regional Development and Communications on request.”
NBN is also required to submit a charging strategy and schedule with the Minister of Communications, as well as retain records of charging decisions, and reasons why it charged below its cap.
“NBN Co must also retain records of any decisions to build competing infrastructure in new developments being serviced by other carriers and the commercial case for such activities. NBN Co must also keep records of its compliance with competitive neutrality policy in relation to new developments,” the policy states.
In a submission to the Department of Communications, Telstra in March said it wanted NBN to pick up its obligations to supply voice services under the Universal Service Obligation (USO) and behave as a fixed-line infrastructure provider of last resort (IPOLR).
“To support the delivery of USO voice services, NBN Co’s fixed wireless service should be made USO-compliant. This is the logical next step from the SIP legislation, which will require NBN Co’s ‘qualifying fixed wireless network’ to have voice and broadband capability,” the telco said in its submission.
“It also lends support to our position that Telstra should no longer be the IPOLR outside NBN Co’s fixed-line footprint.
“Whether or not Telstra ultimately retains an IPOLR role under the revised TIND policy, the interaction between the SIP regime and the USO must be clarified.”
However that wish was not granted, with Telstra still being required to potentially deploy its own infrastructure for voice services.
“Telstra will generally provide a voice service where required using NBN Co’s infrastructure and wholesale services,” the policy states. “Where Telstra is unable to, or does not, use NBN Co’s infrastructure, it may need to provide its own infrastructure to supply voice services.”
The policy also stated the government would look into replicating, across all developers, the laws that force incorporated developers to offer “fibre-ready facilities” such as pits and pipes for communications when selling or leasing new lots.
The government is set to review the TIND policy in five years, but noted it would bring that forward “if warranted by changes in the market”.
“Telecommunications are a vital part of everyday life and people expect that when they move into a new development they will have ready access to modern services. The revised policy released today reflects the modern telco landscape and will promote a more efficient, competitive and sustainable marketplace in servicing new developments,” Communications Minister Paul Fletcher said.
“While core elements of the policy will continue, changes mean that NBN Co can better respond to growing competition.”
Last week the government added 17 companies to be SIPs to 325,000 premises in 1,592 areas around the country.
The new SIPs are: Advatel Wireless, CipherTel, CNTCorp, CommSol, Fibre Asset Management, Frontier Networks, Interphone, LBN Co, Lynham Networks, OMNIconnect, OPENetworks, OptiComm, PIPE Networks, Real World Networks, Reddenet, Telair Holdings, and TransACT.
Also on Tuesday, NBN claimed it could boost agriculture output by 20% each year, or AU$15.6 billion, thanks to involving artificial intelligence in decision making, the use of autonomous equipment, and embracing Internet of Things to provide real-time information on farm conditions.
The figures were from an AlphaBeta report commissioned by NBN, which claimed poor connectivity was costing farmers up to AU$5 a hectare.
The government expects to review this policy in five years’ time, but will do so earlier if warranted by changes in the market.
Related Coverage More

All four telcos hit with enforceable undertakings by ACMA, but Telstra says the shutdown of Indian outsourced offices has impacted its compliance efforts. More

A new ranking examines how easy it is to implement equipment such as fiber networks in 100 cities across the Latin American country. More

Image: Cisco // Composition: ZDNet
Cisco warned on Saturday about two zero-day vulnerability impacting the Internetwork Operating System (IOS) that ships with its networking equipment.

The vulnerabilities, tracked as CVE-2020-3566 and CVE-2020-3569, impact the Distance Vector Multicast Routing Protocol (DVMRP) feature that ships with the IOS XR version of the operating system.
This version of the OS is usually installed on carrier-grade and data center routers, according to the company’s website.
Cisco says the DVMRP feature contains a bug that allows an unauthenticated, remote attacker to exhaust process memory and crash other processes running on the device. Cisco explains:
“These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols.”
Exploitation attempts discovered last week
Cisco says that it discovered attackers exploiting this bug last week. The attacks were detected during a support case the company’s support team was called in to investigate.
“On Aug. 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of an attempted exploitation of this vulnerability in the wild,” Cisco said.
The company said its currently working on developing software updates for IOS XR. 
The patches are still a few days away. In the meantime, Cisco has provided several workarounds and mitigations for its customers in order to prevent that any exploitation fail — if they occur.
The Cisco security advisory also includes additional incident response instructions for companies to investigate their logs and see if they’ve been attacked using the two IOS zero-days.
It is unclear how attackers are using these bugs in the grand scheme of things. They may be using it to crash other processes on the router, such as security mechanisms, and gain access to the device. However, this is only a theory, and companies will need to thoroughly comb their logs after they spot any signs of CVE-2020-3566 and CVE-2020-3569 exploitation.
Article updated on September 2 with information on the second zero (CVE-2020-3569). More