FireEye hacked by nation-state, Facebook faces antitrust action and Kubernetes has an unfixable (but preventable) security hole

12/10/2020 - Jin Woo

The Blue Print recaps the industry’s most intriguing news, unexpected shifts and developing trends that are defining the business and technology landscape. This will be the final Blue Print of 2020. We look forward to sharing more news and insights next year. For now, Happy Holidays and here’s to a better 2021!

 

New York Times: FireEye, a Top Cybersecurity Firm, Says It Was Hacked by a Nation-State

For years, the cybersecurity firm FireEye has been the first call for government agencies and companies around the world who have been hacked by the most sophisticated attackers, or fear they might be. Now it looks like the hackers — in this case, evidence points to Russia’s intelligence agencies — may be exacting their revenge. FireEye revealed on Tuesday that its own systems were pierced by what it called “a nation with top-tier offensive capabilities.” The company said hackers used “novel techniques” to make off with its own tool kit, which could be useful in mounting new attacks around the world.

Why It Matters: The vast majority of cyber attacks are financially motivated. However, one in four are motivated by espionage, according to the Verizon 2020 Data Breach Investigations Report. Cybersecurity companies have long been the target of hackers, especially nation-state attacks, as these firms have deep knowledge and access to its government customers. Not only are attacks becoming more sophisticated but access to these advanced tools can and will be used in future attacks, as we continue to see the impact of the NSA tool leak several years ago. 

Tags: FireEye, cybersecurity, Russia, nation-state attack, FBI

 

siliconANGLE: Cloud, containers, AI and RPA will spur a strong tech spending rebound in 2021

Spending data shows that cloud, containers, artificial intelligence and automation initiatives are setting the stage for a strong rebound in tech spending next year. The year 2020 has acted as a hasty but effective proof of concept for how to digitally transform businesses. Chief information officers report that generally, technology spending levels have either rebounded or will do so in the near future, setting up what could be a stronger 2021 than we’ve previously reported.

Why It Matters: A better understanding of how to leverage the cloud and other technologies forced by an acceleration of digital initiatives due to the pandemic are helping transform businesses and providing a positive outlook for tech spending in 2021, primarily based on Q3 results. In January, we’ll see more data as we learn more about Q4 results and how the new administration will impact tech spending and Silicon Valley companies.  

Tags: tech spending, CIO, cloud, containers, automation, AI, ML

 

CNBC: C3.ai IPO adds to enterprise software deal boom with 100%-plus gains in opening day trade

C3.ai, the enterprise AI software company founded by tech entrepreneur Tom Siebel, opened for trading on the New York Stock Exchange Wednesday morning at $100 per share. The first trade valued the company more than 100% above its IPO pricing in another big Wall Street debut amid a frenzied IPO market that also included the mega deal for DoorDash on Wednesday. C3.ai was previously expected to have a market value of about $4 billion at $42 per share, after pricing its IPO on Tuesday night. Its first-day gain was as high as 143% with a market cap nearing $10 billion, according to CNBC data. The IPO market resurgence after the pandemic’s market bottom in March has defied the odds. 

Why It Matters: Despite the pandemic, 201 IPOs have priced year-to-date, on pace for the most IPOs in six years, with total proceeds up over 60% from last year at $69.9 billion.

Tags: C3, Tom Siebel, IPO, Microsoft

 

TheNewStack: Unfixable Kubernetes Security Hole Means Potential Man-in-the-Middle Attacks

Well, it had to happen eventually. Every now and again — I’m looking at you Intel with your Converged Security Management Engine (CSME) snafu — a security bug shows up that can’t be fixed. Now, it’s Kubernetes‘s turn. Tim Allclair, an Apple software engineer, who also helps oversee Kubernetes security, announced a “security issue was discovered with Kubernetes affecting multitenant clusters. If a potential attacker can already create or edit services and pods, then they may be able to intercept traffic from other pods (or nodes) in the cluster.” To be exact, if a hostile user can create a ClusterIP service and set the spec.externalIPs field, they can intercept traffic to that IP.  In addition, if a user can patch the status of a LoadBalancer service, they can also grab traffic. Now, the latter is a privileged operation and Joe and Jane User shouldn’t have that right, but, in practice, mistakes are made and it happens.

Why It Matters: As highly dynamic cloud-native platforms like Kubernetes find their way into the enterprise mainstream, security has become a front-and-center concern. Yet, as with all technologies and layers of the stack, vulnerabilities will be a virtual certainty, which means that enterprises adopting Kubernetes will need to devise “defence in depth” strategies to mitigate the risk of security gaps like this one. 

Tags: Kubernetes, Tim Allclair, multitenant clusters

 

CNET: Facebook Should Be Broken Up, FTC and states allege in twin lawsuits

Facebook’s purchases of photo-service Instagram and messaging app WhatsApp have helped fuel the social media giant’s massive growth. They’ve also prompted concerns from federal and state authorities about Facebook’s dominance in social networking.

The uneasiness with Facebook’s power bubbled over on Wednesday as the Federal Trade Commission and 48 attorneys general filed separate lawsuits in federal court accusing Facebook of illegally stifling its competition by snapping up its rivals.

The lawsuits are the latest sign that lawmakers and regulators are ratcheting up their scrutiny of the power that tech giants wield. In addition to Wednesday’s actions, the US Department of Justice’s antitrust division has been talking to developers about their interactions with Oculus, the virtual reality headset maker Facebook owns, Bloomberg reported last week. In October, the Justice Department filed a landmark lawsuit against Google for allegedly holding monopolies in both search and search advertising. 

Why it matters: Lawmakers and regulators have scrutinized the power wielded by tech giants for years. These suits, along with the DOJ case brought against Google in October, now lend those criticisms real teeth. Such antitrust action will prove highly controversial, as tech giants and the public sector hash out, likely over years in court, the degree of power and market influence allowed by the former. 

Tags: Facebook, Instagram, WhatsApp, antitrust, Justice Department, regulations

 

SDxCentral: Zscaler CEO: Network Security Is Dead. Long Live SASE

Zscaler kicked off its virtual Zenith Live event by adding zero-trust protection for public cloud workloads and a new push into 5G security as CEO Jay Chaudhry discussed his company’s direction heading into 2021. “We know that the internet is killing the wide area network,” he said during his opening keynote. “Now we see 5G eliminate the need for a local area network.”

“With tons of bandwidth available, 5G is going to push the edge of the cloud further and further out, so you have intelligent edge everywhere,” Chaudhry continued. “You will have a 5G high-speed connection connecting your data center or headquarters to the internet rather than traditional landlines.”

Why it matters: As more organizations adopt software-defined networking solutions, they are also eschewing more traditional, network-centric paradigms in favor of a zero trust model. With the announcement of new protections for cloud workloads and secure access service edge (SASE) technology (which is itself a Gartner framework), Zscaler is yet one more company to put a stake in the ground to bid traditional networking goodbye. 

Tags: zero trust, SD-WAN, 5G, edge, public cloud, wide area network