Tech Brew Ride Home - Mon. 12/14 – The “10-out-of-10” US Treasury/SolarWinds Hack

Episode Date: December 14, 2020

Hackers attack the US Treasury in an attack so severe one person called it a 10 out of 10. Pornhub has removed millions of videos. Amazon’s Zoox has a robo electric taxi. Are the recent IPO pops sig...n of a bubble? And could Jony Ive’s next job be as the head of luxury automaker Ferrari? Sponsors: GetArmorLock.com Amazon.com/ridehome Links: Suspected Russian hackers spied on U.S. Treasury emails - sources (Reuters) U.S. Agencies Hacked in Foreign Cyber Espionage Campaign Linked to Russia (WSJ) Pornhub Just Purged All Unverified Content From the Platform (Vice) Amazon’s Zoox Unveils Robotaxi for Future Ride-Hailing Service (Bloomberg) Google Delays Return to Office and Eyes ‘Flexible Work Week’ (NYTimes) Sizzling Tech IPO Market Leaves Investors Befuddled (WSJ) Jony Ive is reportedly in the running to take the driver’s seat at Ferrari (Cult of Mac) Ferrari's Camilleri will be a hard act to follow (Reuters) Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript
Discussion (0)
Starting point is 00:00:00 On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco. Hey, who did this to you? What happened next turned the story into a political firestorm. Reports have identified the victim as Bob Lee, the founder of Cash App. From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16. Welcome to the TechMean Brian home for Monday, December 14th, 2020. I'm Brian McCalla today. Hackers attack the U.S. Treasury and an attack so severe one person called it a 10 out of 10. Pornhub has removed millions of videos. Amazon's Zooks has a robo-electric taxi. Are the recent IPO pops sign of a bubble? And could Johnny Ives' next job be as the head of luxury automaker Ferrari? Here's what you miss today in the world of tech.
Starting point is 00:01:00 Over the weekend, news broke that suspected state-sponsored hackers had broke into and then monitored the internal emails of the U.S. Treasury, as well as broke into the National Telecommunications and Information Administration. Quoting Reuters' original piece breaking this news, The hack is so serious it led to a National Security Council meeting at the White House on Saturday, said one of the people familiar with the matter. U.S. officials have not said much publicly beyond the Commerce Department confirming there was a breach at one of its agencies and that they asked the cybersecurity and infrastructure security agency and the FBI to investigate. National Security Council spokesman John Uliott added that they, quote, are taking all necessary steps to identify and remedy any possible issues related to this situation, end quote. The U.S. government has not publicly identified who might be behind the hacking,
Starting point is 00:01:54 but three of the people familiar with the investigation said Russia is currently believed to be responsible for the attack. Two of the people said that the breaches are connected to a broad campaign that also involved the recently disclosed hack of Fire Eye, a major U.S. cybersecurity company with government and commercial contracts, end quote. Since that original piece, according to the Washington Post sources, have told them that it was indeed allegedly the Russian Hacking Group ATP 29 or Cozy Bear, which was behind the attacks, including the previous attack on Fire Eye, which I believe we talked about last week. Now this morning, the Wall Street Journal says that the hack into the U.S. Treasury specifically exploited a flaw in a Solar Winds product. Who is Solar Winds? Quoting the Journal.
Starting point is 00:02:40 The company says it has more than 300,000 customers worldwide, including more than 400 of the U.S. Fortune 500 companies. Based in Austin, Texas, solar winds worldwide, employs more than 3,200 people, and counts Booz Allen Hamilton, the Secret Service, the Defense Department, the Federal Reserve, Lockheed Martin, Pricewaterhouse Coopers, and the National Security Agency among its customers, according to the SolarWinds website. A SolarWind spokesman said the company was aware of a potential vulnerability related to updates of its Orion Technology Management software that were released between March and June of this year. Quote, we believe that this vulnerability is the result of a highly sophisticated, targeted and manual supply chain attack by a nation state, the spokesman
Starting point is 00:03:27 said in an email. The company is working with Fire Eye, the intelligence community, and law enforcement on an investigation, he said. In a sign of the severity of the threat, the cybersecurity and infrastructure security agency issued a rare emergency directive instructing all federal civilian agencies to review their networks for possible compromise and immediately shut down the use of SolarWind's Orion products. A source added that several government agencies in total have likely been compromised. The hacking operation exposed as many as hundreds of thousands of thousands of government and corporate networks to potential risk and alarmed national security officials in the Trump administration, as well as executives at Fire Eye, some of whom view it as
Starting point is 00:04:06 far more significant than a routine case of foreign cyber espionage, people familiar with the matter said. While those familiar with the hack couldn't precisely specify its scope or the resulting damage to the U.S. government, several described it as among the most potentially worrisome cyber attacks in years, because it may have allowed Russia to access sensitive information from government agencies, defense contractors, and other industries. One person familiar with the matter said the campaign was a 10 on a scale of 1 to 10 in terms of its likely severity and national security implications, end quote. Sounds pretty bad. Wanted to share this tweet from security consultant Brian Honan, quote. Seeing lots of info flying around on this, suspect it will be tomorrow before dust settles.
Starting point is 00:04:51 Saw a tweet stating SolarWinds believes the vulnerability to be in their software since early this year, which could have huge implications on how many orgs have been breached and for how long. If it's a security flaw in SolarWinds, then many others are at risk. Also a reminder that all remote management tools while providing benefits are also a useful vector for attackers to use, end quote. I didn't cover this story on First Pass, so I'm going to have to catch you up real quick. First, earlier this month, the New York Times ran a piece on Pornhub. The, well, you know what Pornhub is and what it does. The piece alleged that since anyone could potentially upload videos to Pornhub, there were tons of videos on the site depicting things like rape and underage sex. Pornhub a few days later said it would
Starting point is 00:05:43 no longer let unverified users upload videos to the site in order to prevent this from happening in the future. That was not enough for MasterCard, which said it would not allow its credit cards to be used on Pornhub after its own review of the site found illegal content on there. Visa has suspended its card usage pending its own probe. Well, that certainly got Pornhub's attention because as of this morning it announced it has removed all videos, repeat all videos from unverified accounts. The total number of videos hosted on Pornhub has dropped from 13.5 million to now 7.2 million. So that's quite the purge, quoting Vice. Pornhub said the videos will be removed pending verification and review, and the verification process will begin in the new year. Prior to this change,
Starting point is 00:06:30 anyone could create an account on Pornhub and upload any video they wanted to since the platforms launched in 2007. Pornhub made the policy change on Tuesday to ban all unverified users from uploading or downloading content to the site and said it would expand its moderation efforts. but by Thursday, MasterCard and Visa announced they'd both stop processing payments with the site altogether. Visa's announcement also specifically stated it would drop all of the Mind Geek Network, which includes a number of adult sites, including Red Tube, U-Porn, X-Tube, and Brazzers. Verified users, according to the site, are those who have submitted a selfie of themselves holding a piece of paper with their username and Pornhub.com, or the Mindgeek site they're signing up for, handwritten on it. Pornhub told Motherboard that this process will be more thorough in the new year, but didn't provide specifics about what it will involve. Verification makes users eligible to join the Model Hub program, which allows them to monetize their videos.
Starting point is 00:07:26 A lot of unverified videos on Pornhub aren't even porn. People uploaded pirated full-length movies to Pornhub, as well as memes and jokes. Last year, users uploaded more than 6.83 million new videos to Pornhub, according to the platform's 2019 year-and-review, end quote. Amazon's Zooks Self-Driving Car Initiative has unveiled an autonomous electric robotaxie that can hold up to four passengers and run for acclaimed 16 hours on a single charge, quoting Bloomberg. The vehicle which Zooks describes as a driverless carriage or robo taxi can carry as many as four passengers. With a motor at each end, it travels in either direction and maxes out at 75 miles per hour. Two battery packs, one under each row of seats, generate enough juice for 16 hours of roll. runtime before recharging, the company said, to commercialize the technology, Zook's plans to launch
Starting point is 00:08:21 an app-based ride-hailing service in cities like San Francisco and Las Vegas. This is really about reimagining transportation, Zook's chief executive officer, Aitja Evans said in an interview with Bloomberg television, not only do we have the capital required, we have the long-term vision, end quote. The company also plans to launch ride hailing services in other countries, Evan said. Executives didn't say how much rides would cost, but that they would be. be affordable and competitive with services operated by Uber and Lyft. Nor did they say when the service would launch, but confirmed it wouldn't happen in 2021. In a video released Monday, Evans used Zook's app to hail the vehicle outside San Francisco's Fairmont Hotel and took a spin
Starting point is 00:09:03 around the block, end quote. I guess we'll be seeing a bunch more stories like this one in the coming months, or at least I certainly hope so for all of our sakes. The New York Times has seen an internal memo from Google outlining its plans for returning Googlers to work on the regs. Google now plans to have employees return to the office in September 2021 and is testing a flexible model of three days in the office and two days work from home as the regular schedule going forward, quoting the times. In an email to the staff on Sunday night, Sundar Pichai, chief executive of Google's parent company Alphabet, said, quote, we are testing a hypothesis that a flexible work model will lead to greater productivity, collaboration, and well-being, Mr. Pachai wrote in an
Starting point is 00:09:53 email obtained by the New York Times. Quote, no company at our scale has ever created a fully hybrid workforce model, though a few are starting to test it, so it will be interesting to try, end quote. One thing not mentioned in Mr. Pichai's email is whether the company will require employees to take the coronavirus vaccine before returning to the office. Google has said it recommends that employees obtain the vaccine when their health care provider or local public health authority has told them it's available to them, said Gina Skigliano, a Google spokeswoman. Google has said it is looking for opportunities in mid to late 2021 to help make COVID-19 vaccines available to its workers, but only after high-risk and high-priority people globally have received the vaccines, end quote.
Starting point is 00:10:36 This is something that I've been thinking about a lot over the last weekend and certainly over the last few weeks. There was a piece in the Wall Street Journal over the weekend talking about the recent IPO pops we've been seeing. Should investors be worried? Are we in a bubble? Not an overall tech bubble, but certainly a bubble for certain types of tech startups that go public. I think there's no doubt that we are, and note that according to this piece, valuations of recent IPOs relative to these companies' underlying revenue are at their highest levels since the dot-com era. Quote, investors this year have valued newly public tech companies at a median of 23.9 times the revenue they reported in the 12 months before going public, according to University of Florida Business Professor Jay Ritter, who tracks initial public offerings. That measure is by far the highest of the past two decades. For most of the 2010s, the median multiple for a tech company after its first day of trading, hovered around six times its revenue in the prior 12 months. The same measurement for stocks in the NASDAQ Composite Index, is 4.3, according to fact set. So I'm going to interrupt again to say that the median of the recent
Starting point is 00:11:50 IPOs is 23.9 times revenue. Back to the piece, quote, I have a great deal of difficulty understanding the valuations of some of these companies, Mr. Ritter said. The difference in enthusiasm for the unprofitable young companies and old corporate giants with consistent profits is night and day, he said. The valuations imply investors are counting on years of continued rapid growth by these companies, hoping some will dominate their industries and turn out large profits, Mr. Ritter said. Tech enthusiasts and some observers say there are concrete reasons for the enthusiasm, as businesses across the country spend more on software and cloud computing services while more consumers
Starting point is 00:12:27 are comfortable with ordering food or rooms on apps. Quote, without a doubt, there's a major transformation, said Jeffrey Sondonfeld, a professor at Yale University School of Management, end quote. Well, yes, two things can be true. at the same time. An IPO can be grossly overvalued and also sometime down the road that same IPO might be worth even more money than it is today. Remember, Amazon stock was maybe a bit frothy in the late 90s and say early 1999, but if you timed it right, you'd still make a killing so long as you sold in early 2000. If you timed it wrong and sold around 2003 when Amazon was down
Starting point is 00:13:09 to a $5 stock, then you maybe felt like you got it wrong. If you held that same clutch of Amazon stock for 21 years and sold it today, you're selling at $3,179 a share. So it all depends on your time horizon. If you have a Robin Hood day trader's time horizon, then maybe reconsider getting into Airbnb at these levels this week. But if you have a Warren Buffett-style 40-year time horizon, then who knows? But the IPO frothiness has other tangible repercussions right now today. Both Roblox and a firm delayed their initial public offerings which were supposed to come this week until next year. Why? Neither company thinks they can accurately price the shares of their offerings right now. That's how frothy markets are.
Starting point is 00:14:00 Remember, every time you see an IPO pop 100% or so on its first day of trading, keep in mind that company could have raised as much as twice as much money while giving up the exact same amount of equity had the offering been priced closer to what the market bore out. In other words, companies don't want to leave that much money on the table. So at least these two companies are going to wait a bit for the frothiness to die down slightly. Finally, today, might Johnny Ive be cutting his quasi-retirement a bit short? Reuters is reporting that I've might be in the running to take over the driver's seat at Ferrari. Quote, Chief Executive Officer Lewis Camilleri, 65, retired with immediate effect,
Starting point is 00:14:48 citing personal reasons late on Thursday after being in the role for nearly two and a half years. Chairman John Ecken, the Sion of Italy's Agnelli family, will lead the company on an interim basis while a permanent successor is found. It was not long before the names of possible candidates emerged. A spokesman for F1 dismissed rumors that the former head of Ferrari's racing team and ex-Lamburgini chief, Stefano Domenicali, could take Camilleri's role, saying he was looking forward to starting his new job as F1 CEO on January 1st as planned. A source close to former Vodafone CEO, Vittorio Kolao, said media reports about him as a candidate for Ferrari's top job were groundless. Besides Domina Kalao, Italian media cited other names, including Apple's CFO, Luca Mastery, and Apple's former design chief officer Jonathan Paul Ive, as other possible candidates, end quote.
Starting point is 00:15:41 Now, I don't know about Mastery's pedigree, but according to Cult of Mac, Ive is, quote, passionate about cars. One of the moments that made him want to be a designer was when his dad, Mike Ive, took him to a car design studio in London. The pair spent hours restoring a vintage Austin Healy Sprite car. He briefly considered studying car design at university. After he made it big at Apple, I've bought himself supercars like the James Bond-associated Aston Martin DB-9, a Bentley and more. He also attended and maybe still attends the Goodwood Festival of Speed, where people show off
Starting point is 00:16:16 various high-end cars. And while it's never been confirmed, it wouldn't seem too surprising if I've had been a key figure in pushing the Apple car project inside Apple. Quote, there are some shocking cars on the road. Ive was quoted as saying in a 2015 New Yorker article referring to a Toyota Echo. It is baffling, isn't it? I've continued. It's just nothing, isn't it? It's just insipid. Not too long after that, the Apple car rumors really took off, end quote. So get ready for that seasonal tradition. When New Yorkers tell the world about our weather as if we're the only folks in the world to have weather, because we're supposed to get
Starting point is 00:16:59 as much as 10 inches of snow on Wednesday. Also on Wednesday, our friend here in the city who is an emergency room nurse is apparently going to get the COVID vaccine. So it's all happening, people. Talk to you tomorrow.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.