UK altnets call for action after attacks on fibre infrastructure

Following a spate of what have been described as severe, targeted attacks on full-fibre critical internet infrastructure across the country, the UK’s alternative networks (altnets) independent network suppliers’ association INCA – led by South Wales fibre network providers Ogi and Vorboss – is demanding tougher sentencing laws and a wide-ranging review of the security of the UK’s physical networks.

Recent attacks have been witnessed in a range of locations from rural Wales to Liverpool, Sheffield and London, cutting off homes, businesses and public services, including hospitals.

The phenomenon has plagued the UK’s broadband sector for over a decade. In 2015, BT broadband provision division Openreach reaffirmed its commitment to protecting its vulnerable cable assets from theft after extending its partnership with the Crimestoppers charity for a fifth year. Theft of cables from the Openreach network was causes serious disruption to both residential and business services and was thought to have been behind a number of major outages in recent years. In 2013, a large part of London was knocked offline for three days after Openreach fibre cables in the Brentford were cut by thieves looking for copper to sell.

Responsibility for digital infrastructure sits within the Department of Science, Innovation and Technology (DSIT) – led by Michelle Donelan, the secretary of state for DSIT – and telecoms industry regulator Ofcom.

In a letter to Donelan, the altnets are demanding that attacks on critical digital infrastructure should carry tougher sentences and fines to act as a deterrent. They add that the severity of the penalties should reflect the potential risks to life and the critical role that full fibre plays in keeping our communities connected and safe. Ogi and Vorboss are leading the charge, calling on DSIT and Ofcom to conduct a review of security of fibre infrastructure across the UK.

They are also calling on direction from the UK government to ensure police forces prioritise engagement with attacks on critical digital infrastructure, in line with their impact on communities and the economy. In addition, they believe that strict enforcement of essential security compliance protocols by industry, specifically ensuring all network builders adhere to Openreach ‘whereabouts’ compliance.

The letter has been signed by leading industry chiefs representing investors, network builders and internet service providers. It has been shared with DSIT and Ofcom leadership teams – including the minister for data and digital infrastructure Julia Lopez MP, and Ofcom CEO Melanie Dawes – devolved governments and their officials, business leaders and local authorities.

Calling on the UK and devolved governments to do more, Ogi chief executive officer Ben Allwright, said: “Working with the UK and devolved governments now means we can make sure this infrastructure – feeding our homes, businesses and critical public services – is backed by laws that are fit for purpose, deterring those who aim to sabotage the connectivity we increasingly lean on for our working, social, and day-to-day lives. Now is the time for us to get around the table to make sure this vital infrastructure has the protection it needs.”

Vorboss CEO Tim Creswick remarked: “Change is needed to protect the country’s digital infrastructure. We’ve raised these concerns after a series of attacks on telecoms networks. Resilience of digital connectivity should be a critical priority, and DSIT and Ofcom have the responsibility to affect these important changes. A review of current rules is desperately needed, from sentencing to policing to enforcing industry compliance.”

“As the largest network in the UK with the highest regulated service standards to uphold, nobody suffers more from poor ‘whereabouts’ compliance than Openreach and no-one’s keener to improve it. We’re continuing to work closely with the industry and Ofcom to make sure that work is recorded properly and completed safely and securely,” added Openreach chief commercial officer Katie Milligan.

"We’ve been doing this in a very collaborative way and, whilst we do have options for stricter enforcement if that’s needed, we’d prefer not to have to enforce contractual penalties. Right now, no company using our network is 100% compliant, so everyone has work to do to improve. It’s also important to emphasise that compliance isn’t a silver bullet to prevent damage and security issues. It can help of course, but it doesn’t account for malicious acts or provide conclusive proof of causes.”