EU Roaming Charges Finally Finished

Roaming Free Euro Zone-1After a decade of campaigning by EU citizens and after 2 years of preparing the mobile networks for the change, The European Commission has announced that there will be no more EU roaming charges.

What Does This Mean?

The abolition of roaming charges applies to calls, texts and browsing the internet, and this means that citizens who travel within the 28 countries of the EU will be able to call, text and connect on their mobile devices at the same price as they pay at home.

Balance

Statements from the EU have focused on what a valuable achievement the agreement between mobile network operators and EU countries is in terms of its contribution to the idea of the EU’s Digital Single Market and accessibility for all citizens.

Other statements have focused on the balance that has been needed to strike the deal with the mobile phone networks. This means offering customers a better deal and maintaining profitability of mobile networks, and many people have taken this to mean the mobile networks could make up the charges lost in roaming fees in other ways e.g. increasing domestic phone tariffs and charges.

Are There Any Caveats And Exceptions?

Yes. Although, as the EU statements say that roaming charges have been abolished for travellers in the EU, there are some important caveats, exceptions and anomalies. These are:

  • Exceeding your agreed minutes, texts and data allowances are still chargeable in the in the EU, just as they are in the UK.
    The fair use clause still applies to data roaming. This means that even though you can make as many calls and send as many texts as you like at domestic prices, if your roaming data use exceeds “a reasonably high volume” at domestic rates, you may have to pay a surcharge of approximately £8.30 per gigabyte (inc VAT).
  • If you spend more time abroad than at home and consequently use your mobile more abroad than at home, you may still receive roaming charges. This is a result of a clause that was designed to dissuade people from taking out a contract in a low-cost country e.g. Romania.
  • Different providers include different countries in their roaming territories. Also, some countries are not automatically covered by the new rules e.g. Switzerland, Monaco, Andorra, some Eastern European nations, the Channel Islands and the Isle of Man.
    Roaming charges will still apply when you are on board European ferries or cruise ships in the Mediterranean, the Baltic and across the English Channel. This is because you are between EU ports and are using a satellite link to the ship.
  • Calling another EU country from the UK will still incur extra charges.
  • Calls to any EU country are now cheaper as long as you make them from any EU country that isn’t the UK.
  • Three non-EU countries in the European economic area have not yet introduced ‘Roam Like at Home’ charges, but have said that they may do so a short time after 15th June. These are Iceland, Norway and Liechtenstein.

What Does This Mean For Your Business?

For business people who are frequent overseas travellers, and for UK citizens who plan to use their mobile while on holiday abroad, this announcement is good news. There is still a rational suspicion that the mobile operators will make their lost roaming charges back somehow e.g. with higher tariffs and extra charges.

Brexit could, however, mean that the UK may lose its right to freedom from roaming charges. Some commentators believe that the UK could avoid this by negotiating equivalent measures, and / or that the mobile networks will introduce some lesser charges.

Legally, the UK government could decide whether EU price restrictions on roaming apply after Brexit because EU price restrictions on roaming or not after the UK leaves the EU are part of a regulation (not a directive), and, therefore, are not technically part of UK law. At this stage, it is unknown exactly how Brexit will affect the roaming charges issue going forward.

WannaCry Came From North Korea Say Experts

 

The UK’s National Cyber Security Centre (NCSC) led investigation into the origins of the WannaCry ransomware attack that crippled NHS systems last month has concluded that it came from a hacking group in North Korea.

What Happened?

The WannaCry global cyber attack back in May spread worldwide, claiming victims in 150 countries and leading to around 130,000 ransomware infections of computers. The attack also made the headlines in the UK because it temporarily crippled NHS computer systems.

WannaCry was made to exploit a vulnerability on an NSA-developed hacking tool called ‘Eternal Blue’. The rapid, global spread of WannaCry was eventually thwarted when UK security researcher Marcus Hutchins registered and took over the domain that was written into the ransomware’s core code.

Lazarus

The recent NCSC investigation has concluded that WannaCry was made and distributed by the North Korea-based hacking group known as Lazarus. This is believed to be the same group that targeted Sony Pictures with a hack in 2014 over the release of the film ‘The Interview’ that satirised the North Korean leadership. The Lazarus group is also believed to have targeted a South Korean supermarket chain.

Indiscriminate

It is believed that the WannaCry ransomware attack was indiscriminate, and the fact that the (old) NHS systems were particularly badly affected may have made it appear that it was targeted.

Traced

Initial reports from cyber security experts ruled out Russian-based hackers and focused on the fact that the code showed that it may have been created on a machine in a +9 GMT timezone.

A study and reverse-engineering of the WannaCry code, combined with some overlaps with previous code developed by the Lazarus group, plus taking into account wider evidence gathered by GCHQ’s NCSC, have led experts to confirm that WannaCry was the product of the North Korean Lazarus group. It is believed that America’s NSA did not contribute heavily to the investigation because the U.S. was not hit as badly as the UK by the attack.

Was It Worth It?

The motivation of the group has been called into question since the amount of ransom paid by victims is thought to only have been around £40,000, and none of the money has been collected by the group. Also, unlike many other hacking groups, Lazarus doesn’t claim responsibility for its attacks, does not release communiqués, and does not tweet about its exploits.
IT security commentators have, therefore, concluded that WannaCry is likely to have been an attack that was far more successful and widespread than the group had intended or expected.

What Does This Mean For Your Business?

In the wake of WannaCry’s rapid and extensive spread, Internet and data security, particularly with GDPR due to come into force next year, must surely now be given high priority by businesses and must be championed at board level. The danger and false economy of staying with old operating systems as long as possible was painfully exposed in this attack. For businesses, where an attack comes from is not as relevant and important as knowing that protection is in place.

Businesses need to take a range of measures to ensure that they are well defended against known cyber threats, and prepared for the aftermath, should defences be breached. Preparations could include making sure that all the latest updates and patches are installed on systems and that anti-virus software is up to date, all important data is regularly and securely backed-up, all staff are trained to spot and deal correctly with potential threats, and workable Disaster Recovery and Business Continuity Plans are in place.