Porsche invests in German startup aiming to be a one-stop shop for carbon neutral homes

Porsche’s venture arm has taken a minority stake in 1Komma5, a five-month-old German startup aiming to offer households everything needed for a carbon neutral home, including energy storage, charging infrastructure for electric vehicles and solar.

The investment, the amount of which was not disclosed, follows a series of deals made by Porsche Ventures in the past two years, including Israel-based sensing technology startup TriEye, online electric micromobility dealership RidePanda and virtual sensing startup Tactile Mobility.

This investment is a bit of a departure from Porsche Ventures’ typical mobility tech play.

“With this investment, we want to underline our ambition in the area of smart city and sustainability,” Patrick Huke, head of Porsche Ventures Europe and Israel told TechCrunch.

The Hamburg, Germany startup was founded by Micha Grueber, who is the CFO, and Philipp Schröder, whose previous stints were at Tesla and energy storage systems company Sonnen.

The company — its name a nod to the goals of the Paris Climate Agreement to keep the increase of global temperatures down to 1.5°C — is taking an interesting route to its one-stop shop goal.

Today, companies are all focused on selling the components such as solar or energy storage, Schröder said in a recent interview. At the same time, no one in Europe is focused on bringing together these decentralized assets. That is bound to cause problems, Schröder contends.

“There will be issues in a decentralized energy world if every home is having a heat pump and a charge point and storage system and they do not communicate on the grid level (or with each other) there will be issues,” he said.

1Komma5 is aiming to bring everything together through its software as well as acquisitions. Specifically, 1Komma is seeking to buy leading electrical installation companies in Germany — and will eventually expand to other countries such as Austria and Switzerland — that focus on renewable energies such as solar, heat pumps and energy storage. 1Komma5 provides the enterprise software for these companies to handle administrative tasks and customer-relationship management as well as energy management software that ties the charging, solar and energy storage together.

What makes 1Komma5’s business interesting is its plan to interconnect these components like solar and energy storage at home level and at the grid level, Schröder said.

The startup has made five acquisitions so far through cash and stock deals.

The young startup has grand ambitions to use 100 million euro in cash and stock over the next to two years to acquire more of these renewable energy-focused installation companies. It’s targeting  installation companies that have revenue between 5 million and 20 million euro and skilled labor — not sales outfits that simply outsource to other contractors.

The funding from Porsche will be used to to help 1Komma5 expand, a plan that includes opening retail locations that embody a premium Apple design-like vibe where potential customers can learn about the essential building blocks of a carbon-neutral home. Customers to these stores might see a Porsche Taycan next to a home charger, energy storage and solar, for instance.

The first showrooms are planned at Hamburg’s Binnenalster and in Lingen an der Ems and are expected to open in the first quarter of 2022.

Porsche doesn’t have any immediate plans to offer 1Komma5 products to its own customer base. However, as Huke noted, Porsche Ventures makes strategic investments and it will be looking at different possibilities in the medium to long term.

Apple debuts 'From Apple Music With Love' featuring exclusive gifts for subscribers

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Apple Music kicks off this holiday season with brand new, exclusive content to help subscribers ring in the new year.

Each day over the next week, Apple Music will feature a bit of exclusive content from A-list musicians, including Mariah Carey, Coldplay, Alecia Keys, Elton John, DJ Khaled, Nile Rodgers, and more.

Subscribers can expect to see exclusive EPs, playlists, remixes, a special radio show, and, according to Apple, “a few treats so exciting that we don’t even want to tease you with them.”

In the description, Apple notes that the EP was recorded entirely in Spatial Audio with Dolby Atmos. It includes highlights from the band’s ninth album “Music of the Spheres,” as well as a rendition of their 2010 single “Christmas Lights.”

China’s ride-hailing giant is delisting from New York

China’s ride-hailing behemoth Didi has begun the procedure of delisting from the New York Stock Exchange and applying to list in Hong Kong instead, the company announced via a Weibo post on Friday morning.

The decision came days after Bloomberg reported the Chinese government had asked Didi to delist from the U.S. out of security fears. Didi could not be reached for comment by TechCrunch at the time.

The move is anything but surprising. The SoftBank-backed mobility powerhouse has faced immense regulatory pressure since it failed to assure Beijing its data practices were secure before its blockbuster IPO in July.

Over the past few months, China has rolled out a litany of new data regulations, including rules that would bolster user privacy protection and restrict cross-border data transfers. A Didi executive previously said it stored data in China and it was “absolutely not possible” that it passed data to the U.S., just like “many other U.S.-listed Chinese firms.”

More to come…

Our new hybrid lives: Tactile virtual experiences and hardware that lives with us

With hybrid models taking off across many aspects of society, it’s clear that though they offer incredible flexibility, the boundary lines between work and personal life are becoming increasingly blurred and emotionally draining.

Ritual has always been a powerful force in shaping our mental and emotional states; the gathering of people, physical totems, wardrobe and space design all work to choreograph that experience. But for people in the hybrid workforce, many of the rituals to which they’ve become accustomed are no longer accessible—their daily work experience involves no gathering, no change in location, and little (if any) wardrobe change.

We are doubling down on hybrid virtual experiences, even though studies reveal that young people who spend more than seven hours a day staring at a screen are more susceptible to depression, anxiety and have greater difficulty in completing tasks. Furthermore, employees are reporting fatigue and exhaustion from a sea of back-to-back meetings that stretch across multiple time zones, making the days feel endless.

Given that so much of the population is currently reliant on computing devices to engage in everything from work and school to shopping, banking and healthcare, we have to start taking a harder look at how we’re designing and developing those devices to better equip us for new rituals for the hybrid virtual world.

Today, computing devices account for every possible scenario, from the traditional desktop workstation to the ultra-portable handheld mobile phone. But what if the design of these objects could help users enforce the boundaries between work and personal life?

For instance, a device with a keyboard in front of a screen conveys “productivity tool,” while a touch tablet experience feels more casual and entertainment-focused. What if remote workers could have the option to switch between these two modalities to signal a switch from “work” to “personal”?

Another area that has exploded into the tech spotlight is video chat and conferencing tools. For many of us, the majority of our interactions are now playing out via virtual meetings on video conferencing apps. HD webcams and ring lights have been in high demand, and the number of virtual backgrounds and effects multiply daily.

But there are still many challenges and limitations to the video conference experience, partly because it’s so dependent on the hardware design. Tools like Zoom, Google Hangouts and Teams have all been racing to keep up with the latest upgrades, but the software can only go so far without tackling hardware hurdles like integrated lighting sources, improved audio or even tactile feedback.

However, if we start to accept these paradigm shifts of in-person to virtual, we can begin to design for the future normal with hardware upgrades like a camera lens no larger than a pixel that disappears into the screen to make it appear as if users are making direct eye contact with their colleagues. Other areas, such as the application of temperature and tactile technologies, can help us feel deeper connections with one another via virtual spaces. There may also be new possibilities in exploring olfactory technologies as immersive experiences continue to evolve.

But what does this hardware evolution actually look like when it comes to production and consumption? While the expediency and convenience of technology is certainly impressive, it comes at a cost to our planet.

Have consumers become Earth’s abusers?

When I think about my most cherished possessions, what they have in common is that they are old and rare. Of course, this is typical of valuable items, but why couldn’t we bring this value system to our tech products? While I swap out my iPhone every year or two, I take tremendous joy in upgrading parts on my Ducati motorcycle bit by bit. I would never think of tossing it out for a brand new one.

As consumer demand for sustainable solutions increase, hardware companies must adjust their offerings. Powerful brands like Apple could be a great leader in strong regenerative practices. Building your own desktop PC is nothing new (especially for hardcore gamers) but imagine a future where all portable tech is modular with swappable upgrades. What if 50 years from now, your smartphone from 2025 is a still functional and highly valued piece of vintage tech?

The reality of our new normal is that the plethora of devices is not going away, while software developments are continuing to make leaps and bounds. It’s time we started thinking about our devices as objects to keep and care for, repairing and refurbishing things like phones and computers to keep up with the latest advancements, much like we do with our cars or even our homes.

Judging by the future, not the past, Stride takes steps to turn student finance upside down

If you’re trying to get a mortgage or an auto loan, banks will put on their judging glasses and look into your past. Makes sense; it’s a reasonably reliable indicator as to whether you’ll be able to repay your loans or not. Student financing is a little different. Sure, your past plays a role, but for a lot of education, having a degree dramatically changes your earning potential, and hence your ability to repay. With a philosophy that the current student loan systems perpetuate the rich-get-richer systems, Stride Funding is taking a different approach and just raised $12 million to help it take the business a few more steps into the future.

The issue at the heart of the company is one of equality and access to education — one of the most significant indicators as to whether someone will have an opportunity for financial upward mobility. As you might expect, there are layers of privilege (can your parents help pay for your loans) and — more specifically — institutionalized racism in the picture. It is with quixotic optimism that Stride Funding is taking on the $130 billion student loan industry, which currently has $1.6 trillion worth of loans outstanding.

Since closing its seed round in 2019, Stride increased the capital committed to students to over $50 million, with capital providers such as Silicon Valley Bank seeking to finance hundreds of millions of additional funds.The main thrust behind the company is to make education more available, especially to populations that have traditionally struggled to secure financing.

“Especially in student lending, there’s this massive gap in terms of access to capital,” says Tess Michaels, CEO and founder at Stride Capital. “Ninety-two percent of private loans require co-signers, and less than a fourth of students actually have access.”

The company today announced it closed a $12 million Series A financing, led by Firework Ventures (co-founded by Brigette Lau and Ashley Bittner). Other investors include impact investors such as Juvo Ventures and Graham Holdings — alongside previous investors GSV Ventures, Slow Ventures and Sinai Ventures. The Stride Funding team has a personal mission at the core of its business:

“Both my parents immigrated here to the States, and education was their pathway to economic mobility. Education is what opens doors. And unfortunately for a lot of historical reasons, I think a lot of folks, especially underrepresented populations, are just left out of the market,” says Michaels, highlighting how this difference further amplifies the gap between the haves and the have-nots. “I feel very tied to the mission. We have supported such a wide range of really, really amazing, inspiring students, from refugees to DACA students, women, underrepresented minorities, and so on. We get such encouraging stories all the time from students, and it just reinforces that this is something that is worth doing.”

Oura Ring 3 review

I admit I was thinking about the Oura Ring incorrectly. I was thinking of the device as an alternative to my Apple Watch. I suppose this is true, in the vaguest sense — likely for most people, it’s one or the other. After all, two activity trackers is overkill for most. It’s also cost-prohibitive. At $299, we’re well within smartwatch territory on the pricing front.

There’s also the fact that, starting with the Ring 3, Oura is adding a $6/month subscription fee that kicks in after a six-month grace period. The new service arrives with additional features, but also sticks behind a paywall metrics that were previously free to users. The Oura Ring 3 is, in a word, an investment. But it isn’t a smartwatch.

If anything, it’s a successor to the fitness band — a category we don’t think about much these days, but one that utterly dominated the wearable category before Apple sunk its teeth into the space. Companies like Fitbit and Xiaomi still sell a ton of the things on an annual basis, but they’ve largely fallen out of fashion in favor of their more fully featured brethren. The more I’ve begun to think about the Oura Ring as a fitness band (or, perhaps more appropriately, health band), the more it has begun to make sense.

Image Credits: Brian Heater

It is, in a sense, a passive device — not one that buzzes and beeps, constantly demanding attention throughout the day. The Oura Ring is a device to be worn and largely ignored, save for the occasional predetermined nudge for things like movement reminders. And if we’re being honest, that’s always going to be the case here. Sure, many fitness bands have blurred the line with displays, but the ring form factor has some very real limitations with regard to real estate.

Rather, the Ring is designed to stay out of the way, collecting actionable sleep, health and fitness data that you can peruse later on a connected mobile app. And really, that’s long been the selling point here. For the most part, a ring is better at staying out of your way than a fitness band. That was the appeal of Motiv’s initial play — and while that product seemingly moved away from the fitness category, it’s a banner than Oura has been more than happy to pick up and run with.

Image Credits: Brian Heater

Before we venture any further, a confession: I’m not a ring guy. I don’t particularly like rings and don’t wear them (cue: “Don’t Fence Me In”). This is one of the big reasons I’m not going to be a regular Oura user. I’ve also, honestly, become fairly attached to my smartwatch. That said, I’ve been wearing the Ring 3 for the prescribed two weeks. That was Oura’s recommendation/soft demand for reviewing the product.

It was a strange request, as far as these things go. When reviewing hardware, you generally like to spend as much time with the product as possible. Easier said than done, sometimes. But here, the company insists that a fortnight is required for setting a kind of baseline measurement. It’s not that readings are going to be bad for the first two weeks, so much as things will be better when you’ve been wearing the device for a bit and Oura has a clearer idea of your habits, sleep and biometrics.

And it’s understandable, given that we’re all different, and customization is a key to any sort of health device. My guess is that sort of buy-in won’t be difficult to engender among those willing to plunk down $299 for a ring. It’s also a relatively simple lift given that it’s a minimally invasive product. Again, as someone who isn’t a ring person, it took some getting used to, but as a bit of a restless sleeper myself, it’s easier to wear to bed than a big, bulky smartwatch. Let’s take a moment to appreciate the built-in irony of a sleep-tracking device that’s hard to wear to bed. The Oura Ring is not that.

It’s comfortable. Because it’s a ring. Again, I’m not a ring guy, but the simple fact of it occupying less real estate makes it less invasive. Design-wise, the product is virtually identical to its predecessor. It’s a single-color metal band, round, but for a flatish edge that denotes the top of the product.

Image Credits: Brian Heater

If you don’t know your ring size, the company will send a sizing kit à la Warby Parker, featuring a number of plastic dummy rings. You’re encouraged to wear one around for 24 hours, as the human finger has a way of swelling and contracting during the day. I chose my size and color (a matte black) and waited. Ultimately, I found the final product to be a bit looser than its plastic counterpart, but the ring stayed on fine. And, indeed, I found that the exact fit tended to evolve over the day.

On the face of it, the device looks like a standard ring — and that’s really the appeal. You will, however, sometimes see a green glow emanating from the inner circle, as the ring’s sensors grab a heart rate reading. Daytime heart rate monitoring is among a handful of new features available at launch, along with period production (something I admit that I did not have an opportunity to test) and improved temperature sensing. Based solely on those new features, the 3 represents an incremental update over the 2.

The list of upcoming features arriving this year and next is a significantly longer one, including additional content like meditation and breathing sessions, workout heart rate monitoring, more accurate sleep staging and SpO2 blood oxygen sensing. In the case of that last one, in particular, it’s not entirely surprising it was delayed — and Oura’s certainly not alone in turning on a key health sensing feature after launch. In this case, it’s not about FDA approval (not yet, at least), but rather implementation.

This stuff is tricky to get right, and that likely goes double when you’re not Samsung or Apple. It is, however, a long list of promised features that will likely leave many potential consumers wondering why the company didn’t wait to launch a more fully realized product. I do ultimately wonder if it’s a piece of a deeper strategy to offer a base of hardware with the promise that features will continue to improve and roll out over the course of its life.

After all, there’s no question that Oura has some long-term ambitions with this stuff. Look no further than the myriad studies in which the company has participated. A cursory glance at its blog shows everything from depression to the impact of phone usage on sleep to adapting to undersea environments. Not everything is going to prove out, and certainly most or many would lead to brand new features, but at the very least, there’s some interesting insight here into precisely how much we’ll ultimately be able to monitor or predict with sensors. Among other things, those studies do appear to have proven out the accuracy of measuring things like heart rate on a finger versus the wrist.

Ultimately, I prefer a wrist-worn tracker like the Apple Watch for its workout tracking. I was able to pair the two and use them to paint an overall picture of my activity. I recognize not everyone has the means — or desire — to do this, however. Where the Oura Ring ultimately succeeds versus more traditional trackers is its emphasis on actionable insights — that’s precisely why the company is so insistent people let it determine a baseline before judging its efficacy.

Image Credits: Brian Heater

Things like recovery and readiness tend to be overlooked by these sorts of devices. Oura describes the latter thusly:

Readiness is your main Oura score and is designed for you and only you, helping you discover what works for your body and lifestyle. Readiness is a holistic picture of your health — taking into account your recent activity, sleep patterns, and direct body signals (like resting heart rate, heart rate variability, and body temperature) that can signify if your body is under strain.

Effectively, it takes all of the metrics it has been collecting and determines whether you’re doing a good enough job recovering between them. Recovery Time was a constant red flag for me. Which, fair enough. I could and probably should be doing a better job letting my body recover between workouts. It’s certainly something to improve on, as the red “Pay attention” notifications plainly indicate.

Image Credits: Brian Heater

Another place that pops up is sleep. Clicking over to the Home tab, the app notes, “Your heart rate decreased late last night, so you might not by fully recovered. To help your body recharge, how about taking a moment to unwind today?” It seems obvious on the face of it that, say, meditating at night (versus the morning when I usually do) or practicing breathing exercises before bed, would be better for my (admittedly restless) sleep than, say, doom scrolling with my buds on Twitter.

But in amongst the daily grind, it’s easy to lose sight of this fact. I’ve always said that one of the underrated and under discussed benefits of a wearable is that it’s kind of the tech equivalent of tying a string around your finger. It’s an injection of mindfulness and a reminder of why you made that investment in the first place. We buy these things because we want to better ourselves. And in a world where technology too often does the opposite, some positive technological reinforcement is a net positive.

Develop 'Foursight' — Keep Your Post-COVID Transformation on Track

Meeting the growing burden of legal and regulatory mandates is an ongoing, increasingly complex battle. Key to success is the ability to easily manage and analyze increasing volumes of digital information.

Coping with the rising amount and variety of digital information sources has become one of the main challenges for IT leaders. This powerful data is both a key requirement of digital transformation, and a potential compliance risk. Collaborative media platforms like Microsoft Teams, WhatsApp, and Zoom, can expose sensitive or proprietary organizational information. With remote work — in some form — likely to endure, it makes the problem of balancing today’s needs with tomorrow’s opportunities a real digital dilemma.

However, by finding the right technology answers to four data safety questions, enterprises can run today and transform for tomorrow.

1. Where is my data and who can access it? A distributed workforce needs access to organizational data and applications from any device. Without knowing what data is where — or who can access it — many organizations risk multiple regulatory violations, including GDPR, CCPA, CPRA, and Federal FRCP 37(e).

A robust unified endpoint management strategy and endpoint backup solution enables swift and secure deployment, management, and backup. Employees have access to data and applications with multilevel protection. It supports your business today, while advancing your digital transformation agenda.

2. Can my people access the right content, and how do I manage it throughout the data life cycle while remaining compliant with retention policies? Suddenly, sensitive corporate data — anything from contracts to PII — is living outside the corporate firewall and is therefore at risk for multiple regulatory violations.

The right content management or content services solution mitigates that risk today and gives the IT organization data hygiene practices that help meet future regulatory mandates. It ensures a global remote workforce can access the data when and where they need it, while a complete access audit trail meets internal security policies and regulatory mandates. Providing e-discovery functionality for rapid content search and retrieval boosts efficiencies, a key digital transformation journey milestone.

3. Is my data securely backed up, from servers through to endpoints? Many organizations discovered the true cost of abandoning traditional endpoint backup, or backup and disaster recovery systems the hard way. For some, the pandemic-driven flight to the cloud has meant data loss, accidental content deletion, security breaches, malware attacks, and loss of intellectual property.

Studies show the average UK adult loses two smartphones during their lifetime, and their US counterparts lose 70 million devices every year. So, enhance your file sync and share profile by implementing a future-enabled endpoint backup or backup and disaster recovery solution. Encrypting content in databases — behind the corporate firewall or in a certified cloud with redundant and secure data centers — is a business imperative. Meeting current mandates and future demands is where the principles of run and transform meet the real world.

4. Are my communications in a searchable archive where I can perform e-discovery at scale? Social collaboration platforms for remote workers need to be e-discovery-enabled. Without an audit trail, or the ability to capture, search, and monitor work, both content misuse and accidental and malicious insider threats are a real danger.

The right solution stores communications from social collaboration platforms in a central and compliant archive. It ingests and safely retains electronic information — structured and unstructured — including email, images, audio, print streams, and text. This enables the instant access that supports search and export exercises, policy application, and setting data life-cycle management parameters.

Run and Transform — Meeting the Compliance Challenge
If you answered “no” to any of the questions above, you risk compliance violations. Enforcement could expose your organization to fines and penalties that compromise both your ability to do business today and transform for the future.

Living the principles of run and transform may depend on having access to a broad software portfolio and strategic services that bridge the gap between current and emerging technologies. Micro Focus delivers technology and supporting services for managing core IT elements across businesses to help them run and transform — at the same time.

About the Author


Christina Wood serves as Head of Global Marketing for the Information Management & Governance (IM&G) product group at Micro Focus. She is responsible for market strategy and positioning across the IM&G product group. Christina joined Micro Focus in 2016 as part of the acquisition of GWAVA, where she served as CMO, Head of Global Marketing. With more than 20 years of experience in the high-tech industry, Christina has served within startups and large corporations focused on AI, security, mobility, and is a subject matter expert in information archiving. Christina holds a bachelor’s degree in Communication Studies with a minor in Biblical Studies from Azusa Pacific University.

Apple's 'CODA' nominated for nine Hollywood Critics Association Film awards

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Apple TV+ original film “CODA” has received nine Hollywood Critics Association Film Award nominations, including Best Picture and Best Indie Film.

CODA” follows Ruby, a young girl who is a child of deaf parents and who acts as an interpreter for them as she is the only hearing member of her family. When Ruby discovers a talent for singing and wants to apply to the Berklee School of Music, it causes friction in her family, which depends on her for their fishing business.

“CODA” received nine total nominations, including:

  • Best Picture
  • Best Director – Sian Heder
  • Best Actress – Emilia Jones
  • Best Supporting Actress – Marlee Matlin
  • Best Supporting Actor – Troy Kotsur
  • Best Cast Ensemble
  • Best Adapted Screenplay – Sian Heder
  • Best Indie Film
  • Best Original Song – “Beyond the Shore”

The ceremony will take place on January 8, 2022, at the Avalon in Hollywood, California.

The film recently won two Gotham awards. Star Emilia Jones won the Breakthrough Performer award, while Troy Kotsur took the Outstanding Supporting Performance trophy.

“CODA” was the first film to feature burned-in captions — that is, captions that were burned into the print itself, eliminating the need for special equipment usually required for deaf and hard of hearing users to watch films in theater.

Ransomware, Carding, and Initial Access Brokers: Group-IB Presents Report on Trending Crimes

Group-IB, one of the global cybersecurity leaders, has presented its research into global cyberthreats in the report Hi-Tech Crime Trends 2021/2022 at its annual threat hunting and intelligence conference, CyberCrimeCon’21. In the report, which explores cybercrime developments in H2 2020—H1 2021, Group-IB researchers analyze the increasing complexity of the global threat landscape and highlight the ever-growing role of alliances between threat actors. The trend manifests itself in partnerships between ransomware operators and initial access brokers under the Ransomware-as-a-Service model. Scammers also band together in clans to automate and streamline fraudulent operations. Conversely, individual cybercrimes such as carding are in decline for the first time in a while.

For the 10th consecutive year, the Hi-Tech Crime Trends report analyzes the various aspects of the cybercriminal industry’s operations, examines attacks, and provides forecasts for the threat landscape for various sectors. For the first time, the report was divided into five major volumes, all with a different focus: ransomware, the sale of access to corporate networks, cyberwarfare, threats to the financial sector, and phishing and scams. The forecasts and recommendations outlined in Hi-Tech Crime Trends 2020-2021 seek to prevent damage and downtime for companies worldwide.

Initial access brokers: US companies among the most frequent targets

One of the underlying trends on the cybercrime arena is a sharp increase in the number of offers to sell access to compromised corporate networks. Pioneered by the infamous hacker Fxmsp, who was charged by the US Department of Justice in 2020, the market of corporate initial access grew by almost 16% in H2 2020—H1 2021, from $6,189,388 to $7,165,387. The number of offers to sell access to companies almost tripled over the review period: from 362 to 1,099. This exclusive data was obtained by Group-IB’s Threat Intelligence & Attribution system, which gathers even deleted information from cybercriminal underground forums.

This segment of the cybercriminal underground has a relatively low entry barrier. Poor corporate cyber risk management combined with the fact that tools for conducting attacks against corporate networks are widely available both contributed to a record-breaking rise in the number of initial access brokers. In H2 2019—H12020, the Group-IB Threat Intelligence team detected only 86 active brokers. In H2 2020—H1 2021, however, this number skyrocketed to 262, with 229 new players joining the roster.

Most companies affected belonged to the manufacturing (9% of all companies), education (9%), financial services (9%), healthcare (7%), and commerce (7%). In the review period, the number of industries exploited by initial access brokers surged from 20 to 35, which indicates that cybercriminals are becoming aware of the variety of potential victims.

The geography of initial access brokers’ operations has also expanded. In H2 2020—H1 2021, the number of countries where cybercriminals broke into corporate networks increased from 42 to 68. US-based companies are the most popular among sellers of access to compromised networks — they account for 30% of all victim-companies in H2 2020—H1 2021, followed by France (5%), and the UK (4%).

One of the main driving forces for initial access market growth is the steep increase in the number of ransomware attacks. Initial access brokers remove the need for ransomware operators to break into corporate networks on their own.

Lock, Lock Who’s There? Corporansom

The unholy alliance of initial access brokers and ransomware operators as part of Ransomware-as-as-a-Service (RaaS) affiliate programs has led to the rise of the ransomware empire. In total, data relating to 2,371 companies were released on DLSs (Data Leak Sites) over H2 2020—H1 2021. This is an increase of an unprecedented 935% compared to the previous review period, when data relating to 229 victims was made public.

Thanks to the Threat Intelligence & Attribution system, Group-IB researchers were able to trace how the ransomware empire has evolved since it appeared. Group-IB’s team analyzed private Ransomware affiliate programs, DLSs where they post exfiltrated data belonging to victims who refused to pay the ransom, and the most aggressive ransomware strains.

Over the review period, Group-IB analysts identified 21 new Ransomware-as-a-Service (RaaS) affiliate programs, which is a 19% increase compared to the previous period. During the review period, the cybercriminals mastered the use of DLSs, which are used as an additional source of pressure on their victims to make them pay the ransom by threatening to leak their data. In practice, however, victims can still find their data on the DLS even if the ransom is paid. The number of new DLSs more than doubled during the review period and reached 28, compared to 13 in H2 2019—H1 2020.

It is noteworthy that in the first three quarters of 2021, ransomware operators released 47% more data on attacked companies than in the whole of 2020. Taking into account that cybercriminals release data relating to only about 10% of their victims, the actual number of ransomware attack victims is likely to be dozens more. The share of companies that pay the ransom is estimated at 30%.

Having analyzed ransomware DLSs in 2021, Group-IB analysts concluded that Conti was the most aggressive ransomware group: it disclosed information about 361 victims (16.5% of all victim-companies whose data was released on DLSs), followed by Lockbit (251), Avaddon (164), REvil (155), and Pysa (118). Last year’s top 5 was as follows: Maze (259), Egregor (204), Conti (173), REvil (141), and Pysa (123).

Country-wise, most companies whose data was posted on DLSs by ransomware operators in 2021 were based in the United States (968), Canada (110), and France (103), while most organizations affected belonged to the manufacturing (9.6%), real estate (9.5%), and transportation industries (8.2%).

Carding: The Joker’s Last Laugh

Over the review period, the carding market dropped by 26%, from $1.9 billion to $1.4 billion compared to the previous period. The decrease can be explained by the lower number of dumps (data stored on the magnetic stripe on bank cards) offered for sale: the number of offers shrank by 17%, from 70 million records to 58 million, due to the infamous card shop Joker’s Stash shutting down. Meanwhile, the average price of a bank card dump fell from $21.88 to $13.84, while the maximum price surged from $500 to $750.

An opposite trend was recorded on the market for the sale of bank card text data (bank card numbers, expiration dates, names of owners, addresses, CVVs): their number soared by 36%, from 28 million records to 38 million, which amongst others can be explained by the higher number of phishing web resources mimicking famous brands during the pandemic. The average price for text data climbed from $12.78 to $15.2, while the maximum price skyrocketed 7-fold: from $150 to an unprecedented $1,000.

The Scamdemic

Another cohort of cybercriminals actively forging partnerships over the review period were scammers. In recent years, phishing and scam affiliate programs have become highly popular. The research conducted by Group-IB revealed that there are more than 70 phishing and scam affiliate programs. Participants aim to steal money as well as personal and payment data. In the reporting period, the threat actors who took part in such schemes pocketed at least $10 million in total. The average amount stolen by a scam affiliate program member is estimated at $83.

Affiliate programs involve large numbers of participants, have a strict hierarchy, and use complex technical infrastructures to automate fraudulent activities. Phishing and scam affiliate programs actively use Telegram bots that provide participants with ready-to-use scam and phishing pages. This helps scale phishing campaigns and tailor them to banks, popular email services, and other organizations.

Phishing and scam affiliate programs, initially focused on Russia and other CIS countries, recently started their online migration to Europe, America, Asia, and the Middle East. This is exemplified by Classiscam: an automated scam-as-a-service designed tosteal money and payment data. Group-IB is aware of at least 71 brands from 36 countries impersonated by affiliate program members. Phishing and scam websites created by affiliate program members most often mimic marketplaces (69.5%), delivery services (17.2%), and carpooling services (12.8%).

Darktrace Reports 30% More Ransomware Attacks Targeting Organizations During the Holiday Period

CAMBRIDGE, United Kingdom, Dec. 2, 2021 /PRNewswire/ — Darktrace, a global leader in cyber security AI, today reported that its security researchers discovered a 30% increase in the average number of attempted ransomware attacks globally over the holiday season in every consecutive year from 2018 to 2020 compared to the monthly average.

The researchers also observed a 70% average increase in attempted ransomware attacks in November and December compared to January and February. Following a record number of ransomware attacks this year, the company expects the spike to be higher over the 2021 holiday period.

During the nascent 2021 holiday season, Darktrace’s AI detected and autonomously stopped an in-progress, early-stage ransomware attack on a U.S. city before any data exfiltration or encryption could occur. The city’s security team had the foresight to deploy an AI solution to combat multi-stage ransomware attacks, enabling them to stop the attackers at the earliest stage. 

Ransomware is often falsely considered an encryption problem. This misconception masks and undermines attackers’ determination and creativity to initially break into and then move around within an organization’s digital environment first to discover, then steal and encrypt data. The break-in is often through email, but that quickly evolves to targeting servers where the data lives. Therefore, a combination of email and network security is crucial to stop these attacks. 

Powered by Self-Learning AI, Darktrace technology develops an understanding of normal business operations for each organization. It autonomously interrupts in-progress attacks at every stage from the initial entry with sophisticated spearphishing emails to brute-forced remote desktop protocol (RDP), command-and-control, and lateral movement, all without business disruption. 

“Based on what we’ve seen in previous years, holidays are consistent target periods for cyber-attackers. Interestingly, the largest rise in attempted ransomware attacks is between Christmas and New Year’s when attackers know there will be fewer eyeballs on screens defending against threats,” commented Justin Fier, Director of Cyber Intelligence and Analytics, Darktrace. “Business leaders should know that there is available technology that can identify and respond to the initial warning signs of ransomware before attackers can hold critical systems hostage, even when human security teams are out of office.”

About Darktrace

Darktrace (DARK.L), a global leader in cyber security AI, delivers world-class technology that protects almost 6,000 customers worldwide from advanced threats, including ransomware, and cloud and SaaS attacks. The company’s fundamentally different approach applies Self-Learning AI to enable machines to understand the business in order to autonomously defend it. Headquartered in Cambridge, UK, the company has 1,600 employees and over 30 offices worldwide. Darktrace was named one of TIME magazine’s ‘Most Influential Companies’ for 2021.