2018’s Most Prevalent Ransomware – We Took it for a Ride

Despite determined efforts to neutralize it, GandCrab ransomware has continued to evolve and spread throughout 2018. We took it for a ride.

GandCrab is an aggressive piece of malware that has struck nearly half a million victims since it was first detected in January 2018. It uses a variety of infection vectors to compromise endpoints including email campaigns, websites and exploit kits such as Rig and GrandSoft.

The first stage of the infection collects data such as the computer name, OS version, and whether any legacy AV software is installed. It also checks whether the target machine has a Russian keyboard and, if not, proceeds to the next stage. This involves terminating applications and processes that the victim may be using for content creation such as text editors and email clients. The malware infects every connected drive, except for CD-ROM media, and also ensures that any backup or Shadow copies of the user data are deleted:

The malware may then attempt to elevate privileges before checking in with its C&C server, at which point the server receives an encrypted key containing a unique ID for the victim.

GandCrab is “smart” enough to ignore system and program files, which of course may be needed by the victim to make payment to the attackers, and focuses on user data files. It encrypts each file with a unique AES-256 key.

On successfully encrypting a target device, GandCrab delivers a ransom note instructing the victim to make payment in Bitcoin or Dash, demanding anything between $300 to $6000 USD.

There have been several attempts to defeat GandCrab. In February,  a first decryption tool was made available on No More Ransom by the Romanian Police, with the support of the Europol. A second version of the GandCrab ransomware was subsequently released by the criminals with improved coding and even comments directed at law enforcement, security companies and No More Ransom. A third version followed a day later. Now in its fifth version, this file-locking malware continues to be updated at an aggressive pace. Each version appears with new, more sophisticated techniques to bypass cybersecurity vendors’ countermeasures.

As shown in the demonstration video, SentinelOne can prevent execution of GandCrab and, as a final safety measure, even decrypt the user’s encoded .crab files through rollback.


Like this article? Follow us on LinkedInTwitter, YouTube or Facebook to see the content we post.

Read more about Windows Security

The hybrid cloud market just got a heck of a lot more compelling

Let’s start with a basic premise that the vast majority of the world’s workloads remain in private data centers. Cloud infrastructure vendors are working hard to shift those workloads, but technology always moves a lot slower than we think. That is the lens through which many cloud companies operate.

The idea that you operate both on prem and in the cloud with multiple vendors is the whole idea behind the notion of the hybrid cloud. It’s where companies like Microsoft, IBM, Dell and Oracle are placing their bets. These died-in-the-wool enterprise companies see their large customers making a slower slog to the cloud than you would imagine, and they want to provide them with the tools and technologies to manage across both worlds, while helping them shift when they are ready.

Cloud-native computing developed in part to provide a single management fabric across on prem and cloud, freeing IT from having two sets of tools and trying somehow to bridge the gap between the two worlds.

What every cloud vendor wants

Red Hat — you know, that company that was sold to IBM for $34 billion this week — has operated in this world. While most people think of the company as the one responsible for bringing Linux to the enterprise, over the last several years, it has been helping customers manage this transition and build applications that could live partly on prem and partly in the cloud.

As an example, it has built OpenShift, its version of Kubernetes. As CEO Jim Whitehurst told me last year, “Our hottest product is OpenShift. People talk about containers and they forget it’s a feature of Linux,” he said. That is an operating system that Red Hat knows a thing or two about.

With Red Hat in the fold, IBM can contend that being open source; they can build modern applications on top of open source tools and run them on IBM’s cloud or any of their competitors, a real hybrid approach.

Microsoft has a huge advantage here, of course, because it has a massive presence in the enterprise already. Many companies out there could be described as Microsoft shops, and for those companies moving from on prem Microsoft to cloud Microsoft represents a less daunting challenge than starting from scratch.

Oracle brings similar value with its core database products. Companies using Oracle databases — just about everyone — might find it easier to move that valuable data to Oracle’s cloud, although the numbers don’t suggest that’s necessarily happening (and Oracle has stopped breaking out its cloud revenue).

Dell, which spent $67 billion for EMC, making the Red Hat purchase pale by comparison, has been trying to pull together a hybrid solution by combining VMware, Pivotal and Dell/EMC hardware.

Cloud vendors reporting

You could argue that hybrid is a temporary state, that at some point, the vast majority of workloads will eventually be running in the cloud and the hybrid business as we know it today will continually shrink over time. We are certainly seeing cloud infrastructure revenue skyrocketing with no signs of slowing down as more workloads move to the cloud.

In their latest earnings reports, those who break out such things, the successful ones, reported growth in their cloud business. It’s important to note that these companies define cloud revenue in different ways, but you can see the trend is definitely up:

  • AWS reported revenue of $6.7 billion in revenue for the quarter, up from $4.58 billion the previous year.
  • Microsoft Intelligent Cloud, which incorporates things like Azure and server products and enterprise services, was at $8.6 billion, up from $6.9 billion.
  • IBM Technology Services and Cloud Platforms, which includes infrastructure services, technical support services and integration software reported revenue of $8.6 billion, up from $8.5 billion the previous year.
  • Others like Oracle and Google didn’t break out their cloud revenue.

Show me the money

All of this is to say, there is a lot of money on the table here and companies are moving more workloads at an increasingly rapid pace.  You might also have noticed that IBM’s growth is flat compared to the others. Yesterday in a call with analysts and press, IBM CEO Ginni Rometty projected that revenue for the hybrid cloud (however you define that) could reach $1 trillion by 2020. Whether that number is exaggerated or not, there is clearly a significant amount of business here, and IBM might see it as a way out of its revenue problems, especially if they can leverage consulting/services along with it.

There is probably so much business that there is room for more than one winner, but if you asked before Sunday if IBM had a shot in this mix against its formidable competitors, especially those born in the cloud like AWS and Google, most probably wouldn’t have given them much chance.

When Red Hat eventually joins forces with IBM, it at least gives their sales teams a compelling argument, one that could get them into the conversation — and that is probably why they were willing to spend so much money to get it. It puts them back in the game, and after years of struggling, that is something. And in the process, it has stirred up the hybrid cloud market in a way we didn’t see coming last week before this deal.

macOS Cryptomining Malware on the Rise

Following on from our introduction to Cryptojacking, let’s take a closer look at the current situation on the macOS platform.

It’s been a busy 12 months, with macOS researchers from SentinelOne, MalwareBytes and Digita Security all contributing to the discovery of a variety of Cryptojacking software on the platform. Even Apple’s App Store got involved, hosting an app that was surreptitiously mining cryptocurrency, as did malware researchers from China, proving that both malware and malware hunters truly know no borders.

Here’s a brief timeline of the major events we’ve seen so far:

A Trend is Born

OSX.CPUMeaner was first analyzed by a SentinelOne researcher in November 2017. That was the second Cryptominer to be unearthed in 2017 by the same SentinelOne researcher.

Next came “CreativeUpdate”, so named after it was found being distributed by popular 3rd party distribution network macupdate.com in early 2018. In one of its forms, this trojan presented itself as a fake version of Firefox. The malware actually wraps and executes a real version of the Firefox browser, which will even update itself inside the malware wrapper. Here, the executable (highlighted in red) is the malware, and the path to the real Firefox (highlighted in green) is seen to be contained inside the malware’s Resources folder:

That means while the running version of Firefox will appear to the user as up-to-date in the About menu, the Finder only shows the older version named in the malware’s plist:

While the real Firefox gets on with the user’s browsing tasks, the malware runs a script to download and install the Cryptominer and a persistence agent:

CreativeUpdate was far from an isolated incident, with at least 23 older variants discovered through retro-hunts on VirusTotal.

Of course, all the Cryptominers mentioned above are detected and blocked by the SentinelOne agent.

Go Miners, Go…

Appearing in May 2018, OSX.ppminer was first spotted on Apple Support Communities. The launcher is intriguingly written in Go, or “Golang” as it is widely called, while the miner itself is an older version of XMLRig written in C. The choice of Go for the launcher is odd. It may reflect the background of the author, who could perhaps have worked on blockchain technology such as Ethereum or HyperLedger, where Go is a popular choice due its performance benefits.

OSX.ppminer is detected by the SentinelOne agent pre-execution:

Chinese malware researchers brought to light a more recent threat in August 2018. Again the Cryptojackers targeted those looking for pirated software such as games like League of Legends and productivity tools like MS Office. In this case, the miner came in the form of an executable called SSL or SSL2.plist, and was launched by an AppleScript applet hidden inside the fake pirated software bundle.

The trojan installs two items in the user’s LaunchAgent’s folder. The first com.apple.Yahoo.plist is in fact a compiled, “run-only” AppleScript, rather than the property list it appears to be. It’s executed on load and every 360 days by a real plist LaunchAgent, disguised with the name com.apple.Google.plist.

The program arguments reveal that the coder was unfamiliar with AppleScript and osascript, confusingly using osascript to call itself via an AppleScript do shell script command.

Like the bitcoin-mining “free” Calendar app found in the App Store some months prior, SSL.plist uses the XMR-Stak pool miner and can leverage CPUs, AMD and NVIDIA GPUs to mine Monero, Aeon and many other Cryptonight coins.

As with other miners for macOS, the SentinelOne agent can block, kill or quarantine this threat, depending on the Management policy in force:

Prepare For More…

Cryptojacking is on the rise on macOS just as it is on other platforms. While it’s tempting to think of Cryptominers as not particularly dangerous as malware goes, they can cause performance problems on your endpoints and your network, and they could lead to rising costs through the amount of power they consume. In so far as it is used to make money by harnessing your resources, Cryptojacking is a form of exploitation and theft. In that respect, unwanted Cryptominers are no different from any other kind of malware and should be treated as such.

Like this article? Follow us on LinkedInTwitter, YouTube or Facebook to see the content we post.

Read more about macOS Security

Mojave’s security “hardening” | User protections could be bypassed

Inside Safari Extensions | Malware’s Golden Key to User Data

Inside Safari Extensions | Malicious Plugins Remain on Mojave

Command Line Intrusion | Mojave Blocks Admins, Too

The Weakest Link: When Admins Get Phished | MacOS “OSX.Dummy” Malware

Cockroach Labs launches CockroachDB as managed service

Cockroach Lab’s open source SQL database, CockroachDB, has been making inroads since it launched last year, but as any open source technology matures, in order to move deeper into markets it has to move beyond technical early adopters to a more generalized audience. To help achieve that, the company announced a new CockroachDB managed service today.

The service has been designed to be cloud-agnostic, and for starters it’s going to be available on Amazon Web Services and Google Cloud Platform. Cockroach, which launched in 2015, has always positioned itself as modern cloud alternative to the likes of Oracle or even Amazon’s Aurora database.

As company co-founder and CEO Spencer Kimball told me in an interview in May, those companies involve too much vendor lock-in for his taste. His company launched as open alternative to all of that. “You can migrate a Cockroach cluster from one cloud to another with no down time,” Kimball told TechCrunch in May.

He believes having that kind of flexibility is a huge advantage over what other vendors are offering, and today’s announcement carries that a step further. Instead of doing all the heavy lifting of setting up and managing a database and the related infrastructure, Cockroach is now offering CockroachDB as a service to handle all of that for you.

Kimball certainly recognizes that by offering his company’s product in this format, it will help grow his market. “We’ve been seeing significant migration activity away from Oracle, AWS Aurora, and Cassandra, and we’re now able to get our customers to market faster with Managed CockroachDB,” Kimball said in a statement.

The database itself offers the advantage of being ultra-resilient, meaning it stays up and running under most circumstances and that’s a huge value proposition for any database product. It achieves up time through replication, so if one version of itself goes down, the next can take over.

As an open source tool, it has been making money up until now by offering an enterprise version, which includes backup, support and other premium pieces. With today’s announcement, the company can get a more direct revenue stream from customers subscribing to the database service.

A year ago, the company announced version 1.0 of CockroachDB and $27 million in Series B financing, which was led by Redpoint with participation from Benchmark, GV, Index Ventures and FirstMark. They’ve obviously been putting that money to good use developing this new managed service.

Air, Land, Sea, Law, and Cybersecurity | Inbal Levi, Global Renewals Manager

Life at one of the world’s fastest growing cybersecurity companies can get hectic. Between constant threat and vulnerability research, product development and launches, marketing, customer retention, and an ongoing battle against the competition to own market share, it is easy to forget what makes SentinelOne so special – people.

That is why we’re proud to kick off a new blog series titled Life @ S1, where we’ll highlight an individual from our global team and delve into what makes them tick outside the office. For our first post in the series, it is an honor to present S1’s very own renaissance woman, Inbal Levi.

Inbal works out of S1’s Tel Aviv office as Global Renewals Manager, but attaching just one title to Inbal and her wealth of professional and life experience is a great injustice. Growing up in the Tel Aviv area as the oldest of three, Inbal’s two greatest passions – people and the sea – have led her on an amazing life journey.

Upon completing her service in the Israeli Army as an Education Officer, Inbal embarked on a career in law, receiving her LLB in Law from the Hebrew University. After passing the bar, Inbal practiced criminal law as a public defender with great success but found herself searching for something more in her pursuit of professional happiness.

“The long hours preparing for cases with my nose in a book was a great learning experience, but the process left a void in my desire for creating meaningful relationships through human interaction on a daily basis,” said Inbal.

So, what did Inbal do? She took the path that any attorney does while figuring out how to best align their personal and professional goals – she became a flight attendant!

While working for El Al across Europe, Asia, Africa, South America, and North America, Inbal continued her advanced education and in three short years earned her MBA from the Open University of Israel – law degree, check, MBA, check – see what we mean about renaissance woman? Keep reading, the story is just beginning!

Inbal landed at SentinelOne after excelling in several high-profile, customer-facing positions that satisfied her desire for working closely with people each and every day. Inbal has been an integral member of SentinelOne for a little over a year, but before joining the team, Inbal discovered an avenue to pursue her other main passion in life, the sea.

Not often does someone pick up a completely new activity and become a national champion within a few short years, but that is exactly what Inbal has done with paddle boarding, winning the 2017 Israel Championships. Inbal was exposed to the sport through a friend, and began paddle boarding in a beach club group in Tel Aviv.

“Spending early mornings on the water with friends satisfied my greatest pleasures. Being introduced to paddle boarding was a gift and I knew I had to take full advantage of the opportunity to do something I truly love.”

And that is exactly what Inbal did. Inbal began training seriously, and in her very first competition, took home first prize. Even with sustaining a scooter injury, Inbal returned to the sport winning first prize yet again.

Inbal now leads a group of S1 employees as a staff trainer, taking the group paddle boarding every Tuesday morning. With the 2018 Israel Championships quickly approaching in November, Inbal is in training, looking to repeat as champion – we wish her all the best. 

Inbal’s diversity of experience and passion for growth is what inspires her to help our customers and partners each and every day as Manager of Global Renewals. Whether it be turbulence in the sky, waves at sea, or a tough court case, Inbal’s can-do attitude and perseverance to win is contagious, felt on a global scale outside and inside the SentinelOne customer, partner, and employee family.

SentinelOne is comprised of an amazing group of talented, driven and diverse individuals. We hope you have enjoyed our first Life @ S1 post, and a big thank you to the champ for being the first profile in the ongoing series.

IBM to buy Red Hat for $34B in cash and debt, taking a bigger leap into hybrid cloud

After rumors flew around this weekend, IBM today confirmed that it would acquire open source, cloud software business Red Hat for $190 per share in cash, working out to a total value of $34 billion. IBM said the deal has already been approved by the boards of directors of both IBM and Red Hat but is still subject to Red Hat shareholder and regulatory approvals. If all goes as planned, the acquisition is expected to close in the latter half of 2019.

The deal is all about IBM, which has long continued to rely on its legacy server business, taking a bigger bet on the cloud, and very specifically cloud services that blend on-premises and cloud-based architectures — something that the two companies have already been working on together since May of this year (which now might be looked at as a test drive). Red Hat will be a distinct unit within IBM’s Hybrid Cloud team — which is already a $19 billion business for IBM, the company said — and it will continue to focus on open-source software. 

“The acquisition of Red Hat is a game-changer. It changes everything about the cloud market,” said Ginni Rometty, IBM Chairman, President and Chief Executive Officer, in a statement. “IBM will become the world’s number-one hybrid cloud provider, offering companies the only open cloud solution that will unlock the full value of the cloud for their businesses.”

The combined businesses will be able to offer software in services spanning Linux, containers, Kubernetes, multi-cloud management, and cloud management and automation, IBM said. IBM also added that together the companies will continue to build partnerships with multiple cloud providers, including AWS, Microsoft’s Azure, Google Cloud, Alibaba and others, alongside the IBM Cloud.

As Josh Constine notes here, it’s one of the biggest-ever tech acquisitions, and arguably the biggest that is dedicated primarily to software. (Dell acquired EMC for $67 billion, to pick up software but also a substantial hardware and storage business.)

While companies like Amazon have gone all-in on cloud, in many cases, a lot of enterprises are making the move gradually — IBM cites stats that estimate that some 80 percent of business workloads “have yet to move to the cloud, held back by the proprietary nature of today’s cloud market.” Buying Red Hat will help IBM better tap into an opportunity to address that.

“Most companies today are only 20 percent along their cloud journey, renting compute power to cut costs,” she continued. “The next 80 percent is about unlocking real business value and driving growth. This is the next chapter of the cloud. It requires shifting business applications to hybrid cloud, extracting more data and optimizing every part of the business, from supply chains to sales.”

On top of that, it will give IBM a much stronger footing in open source software, the core of what Red Hat builds and deploys today.

“Open source is the default choice for modern IT solutions, and I’m incredibly proud of the role Red Hat has played in making that a reality in the enterprise,” said Jim Whitehurst, President and CEO, Red Hat, in a statement. “Joining forces with IBM will provide us with a greater level of scale, resources and capabilities to accelerate the impact of open source as the basis for digital transformation and bring Red Hat to an even wider audience –  all while preserving our unique culture and unwavering commitment to open source innovation.”

While IBM competes against the likes of Amazon, the companies will see to remain partners with them with this acquisition. “IBM is committed to being an authentic multi-cloud provider, and we will prioritize the use of Red Hat technology across multiple clouds” said Arvind Krishna, Senior Vice President, IBM Hybrid Cloud, in a statement. “In doing so, IBM will support open source technology wherever it runs, allowing it to scale significantly within commercial settings around the world.”

IBM said that Red Hat will add to its revenue growth, gross margin and free cash flow within 12 months of closing.

Forget Watson, the Red Hat acquisition may be the thing that saves IBM

With its latest $34 billion acquisition of Red Hat, IBM may have found something more elementary than “Watson” to save its flagging business.

Though the acquisition of Red Hat  is by no means a guaranteed victory for the Armonk, N.Y.-based computing company that has had more downs than ups over the five years, it seems to be a better bet for “Big Blue” than an artificial intelligence program that was always more hype than reality.

Indeed, commentators are already noting that this may be a case where IBM finally hangs up the Watson hat and returns to the enterprise software and services business that has always been its core competency (albeit one that has been weighted far more heavily on consulting services — to the detriment of the company’s business).

Watson, the business division focused on artificial intelligence whose public claims were always more marketing than actually market-driven, has not performed as well as IBM had hoped and investors were losing their patience.

Critics — including analysts at the investment bank Jefferies (as early as one year ago) — were skeptical of Watson’s ability to deliver IBM from its business woes.

As we wrote at the time:

Jefferies pulls from an audit of a partnership between IBM Watson and MD Anderson as a case study for IBM’s broader problems scaling Watson. MD Anderson cut its ties with IBM after wasting $60 million on a Watson project that was ultimately deemed, “not ready for human investigational or clinical use.”

The MD Anderson nightmare doesn’t stand on its own. I regularly hear from startup founders in the AI space that their own financial services and biotech clients have had similar experiences working with IBM.

The narrative isn’t the product of any single malfunction, but rather the result of overhyped marketing, deficiencies in operating with deep learning and GPUs and intensive data preparation demands.

That’s not the only trouble IBM has had with Watson’s healthcare results. Earlier this year, the online medical journal Stat reported that Watson was giving clinicians recommendations for cancer treatments that were “unsafe and incorrect” — based on the training data it had received from the company’s own engineers and doctors at Sloan-Kettering who were working with the technology.

All of these woes were reflected in the company’s latest earnings call where it reported falling revenues primarily from the Cognitive Solutions business, which includes Watson’s artificial intelligence and supercomputing services. Though IBM chief financial officer pointed to “mid-to-high” single digit growth from Watson’s health business in the quarter, transaction processing software business fell by 8% and the company’s suite of hosted software services is basically an afterthought for business gravitating to Microsoft, Alphabet, and Amazon for cloud services.

To be sure, Watson is only one of the segments that IBM had been hoping to tap for its future growth; and while it was a huge investment area for the company, the company always had its eyes partly fixed on the cloud computing environment as it looked for areas of growth.

It’s this area of cloud computing where IBM hopes that Red Hat can help it gain ground.

“The acquisition of Red Hat is a game-changer. It changes everything about the cloud market,” said Ginni Rometty, IBM Chairman, President and Chief Executive Officer, in a statement announcing the acquisition. “IBM will become the world’s number-one hybrid cloud provider, offering companies the only open cloud solution that will unlock the full value of the cloud for their businesses.”

The acquisition also puts an incredible amount of marketing power behind Red Hat’s various open source services business — giving all of those IBM project managers and consultants new projects to pitch and maybe juicing open source software adoption a bit more aggressively in the enterprise.

As Red Hat chief executive Jim Whitehurst told TheStreet in September, “The big secular driver of Linux is that big data workloads run on Linux. AI workloads run on Linux. DevOps and those platforms, almost exclusively Linux,” he said. “So much of the net new workloads that are being built have an affinity for Linux.”

Google beefs up Firebase platform for the enterprise

Today at the Firebase Summit in Prague, Google announced a number of updates to its Firebase app development platform designed to help it shift from an environment for individuals or small teams into a full-blown enterprise development tool.

Google acquired Firebase 4 years ago to help developers connect to key cloud tools like a database or storage via a set of software development kits (SDKs). Over time, it has layered on sophisticated functionality like monitoring to fix performance issues and access to analytics to see how users are engaging with the app, among other things. But the toolkit hasn’t necessarily been geared towards larger organizations until now.

“[Today’s announcements] are going to be around a set of features and updates that are catered more towards enterprises and sophisticated app teams that are looking to build and grow their mobile apps,” Francis Ma, head of product at Firebase told TechCrunch.

Perhaps the biggest piece of news was that they were adding corporate support. While the company boasts 1.5 million apps per month running on Firebase, in order to move deeper into the enterprise, it needed to have a place corporate IT could call when they run into issues. That is coming with the company expected to announce various support packages in Beta by the end of the year. These will be tied to broader Google Cloud Platform support.

“With this launch, if you already have a paid GCP Support package, you will be able to get your Firebase questions answered through the Google Cloud Platform (GCP) Support Console. Once the change is fully launched, Firebase support will be included at no additional charge with paid GCP Support packages, which includes target response times, a dedicated technical account manager (if you are enrolled in Enterprise Support) and more,” Ma explained in a blog post.

In addition, larger teams and organizations need more management tools and the company announced the Firebase Management API. This allows programmatic access to manage project workflows from IDE to Firebase. Ma says this includes direct integration with StackBlitz and Glitch, two web-based IDEs. “Their platforms will now automatically detect when you are creating a Firebase app and allow you to deploy to Firebase Hosting with the click of a button, without ever leaving their platforms,” Ma wrote.

There were a bushel of other announcements including access to better facial recognition tools in the Google ML kit announced last spring. There were also improvements to Crashlytics performance monitoring, which includes integration with PagerDuty now, and Firebase Predictions, its analytics tool, which is now generally available after graduating from Beta.

All of these announcements and more, are part of a maturation of the Firebase platform as Google aims to move it from a tool aimed directly at developers to one that can be integrated at the enterprise level.

IBM is betting the farm on Red Hat — and it better not mess up

Who expects a $34 billion deal involving two enterprise powerhouses to drop on a Sunday afternoon, but IBM and Red Hat surprised us yesterday when they pulled the trigger on a historically large deal.

IBM has been a poster child for a company moving through a painful transformation. As Box CEO (and IBM business partner) Aaron Levie put it on Twitter, sometimes a company has to make a bold move to push that kind of initiative forward:

They believe they can take their complex mix of infrastructure/software/platform services and emerging technologies like artificial intelligence, blockchain and analytics, and blend all of that with Red Hat’s profitable fusion of enterprise open source tools, cloud native, hybrid cloud and a keen understanding of the enterprise.

As Jon Shieber pointed out yesterday, it was a tacit acknowledgement that company was not going to get the results it was hoping for with emerging technologies like Watson artificial intelligence. It needed something that translated more directly into sales.

Red Hat can be that enterprise sales engine. It already is a company on a $3 billion revenue run rate, and it has a goal of hitting $5 billion. While that’s somewhat small potatoes for a company like IBM that generates $19 billion a quarter, it represents a crucial addition.

That’s because in spite of its iffy earnings reports over the last five years, Synergy Research reported that IBM had 7 percent of the cloud infrastructure market in its most recent report, which it defines as Infrastructure as a Service, Platform as a Service and hosted private cloud. It is the latter that IBM is particularly good at.

The company has the pieces in place now and a decent amount of marketshare, but Red Hat gives it a much more solid hybrid cloud story to tell. They can potentially bridge that hosted private cloud business with their own public cloud (and presumably even those of their competitors) and use Red Hat as a cloud native and open source springboard, giving their sales teams a solid story to tell.

IBM already has a lot of enterprise credibility on its own, of course. It sells on top of many of the same open source tools as Red Hat, but it hasn’t been getting the sales and revenue momentum that Red Hat has enjoyed. If you combine the enormous IBM sales engine and their services business with that of Red Hat, you have the potential to crank this into a huge business.

Photo: Ron Mller

It’s worth noting that the deal needs to pass shareholder muster and clear global regulatory hurdles before they can combine the two organizations. IBM has predicted that it will take at least until the second half of next year to close this deal and it could take even longer.

IBM has to use that time wisely and well to make sure when they pull the trigger, these two companies blend as smoothly as possible across technology and culture. It’s never easy to make these mega deals work with so much money and pressure involved, but it is imperative that Big Blue not screw this up. This could very well represent its last best chance to right the ship once and for all.

Atlassian sells Jitsi, an open-source videoconferencing tool it acquired in 2015, to 8×8

After announcing earlier this year that it planned to shut down HipChat and Stride and sell the IP of both to Slack, today enterprise software company Atlassian made another move related to its retreat from enterprise chat. It is selling Jitsi, a popular open-source chat and videoconferencing tool, to 8X8, a provider of cloud-based business phone and internal communications services. 8X8 says it plans to integrate Jitsi with its current conferencing solutions, specifically a product called 8X8 Meetings, and to keep it open source.

Terms of this latest sale to 8×8 have not been disclosed. Both the tech and the engineering team working on Jitsi, led by Emil Ivov, are coming with the acquisition.

Atlassian originally acquired Jitsi and its owner BlueJimp for an undisclosed sum in 2015 with the intention of adding video communications to HipChat, and later Stride (which launched in 2017).

But now those two products are headed for the graveyard — they are both being discontinued on February 15, 2019 — and that made Jitsi less core to Atlassian’s new direction, where it is focusing less on enterprise chat, and more on tools for developers and customer care, including Jira, Trello, and Bitbucket (a competitor to GitHub).

The deal is one of the final moves for Atlassian as it focuses more on its business building and operating productivity tools that are not direct competitors in the crowded field of enterprise chat applications. It seems that in any case, Jitsi is hoping for more investment under its new owner.

“This is a great thing and will only help to keep Jitsi’s momentum with renewed investment,” writes Ivov in a blog post announcing the news. “The Jitsi team will remain 100 percent intact and will continue to be an independent group. Operationally things will work much the same way as they did under Atlassian. Jitsi users and developers won’t see any impact, though we do expect with continued funding and support you will see even more new features and capabilities from the project!”

Technology in the acquisition includes Jitsi’s modular open-source projects for businesses to build and deploy secure video communication solutions based around WebRTC; the Jitsi Videobridge conferencing server; and the Jitsi Meet conferencing and collaboration application.

“The best video communications solutions are so intuitive and reliable that they help employees conduct shorter, more productive meetings. 8×8 has already developed a world-class meetings solution for enterprises, and we’re focused on maintaining leadership in delivering reliable, crystal-clear video and audio conferencing quality across mobile and desktop applications,” said Dejan Deklich, Chief Product Officer at 8×8, in a statement. “Incorporating Jitsi’s open-source technology into our video communications technology platform, and having Jitsi’s talented engineering team play a role in leading our development of dedicated conferencing applications and WebRTC, will open new paths for our customers and further enhance our meetings solution.”

Jitsi’s tools are used by a variety of platforms and businesses that want to include videoconferencing but would rather use an independent third-party service rather than incorporate one from a would-be competitor or build it themselves. Customers include Comcast and Symphony, the chat app used by the financial services industry.

“Some of the most innovative WebRTC products and companies use Jitsi to support millions of minutes of daily usage as part of their meetings, messaging and collaboration product ecosystems. The open source community has played a critical role in advancing Jitsi’s projects by validating its use in a diverse set of environments and complementing the core team’s development. As part of this acquisition, 8×8 is committed to continuing to support the growing developer community, and we are excited to engage even more,” commented Bryan Martin, Chairman and Chief Technology Officer at 8×8.

This past weekend’s big news of IBM acquiring Red Hat for $34 million has emphasised just how central open source and cloud-based software are in today’s enterprise IT market. This purchase is far smaller, but is also part of that bigger trend.

“8×8 sees tremendous value in the open source community and is committed to helping grow the community even larger,” Ivov notes. “With a major, high-motivated backer like 8×8 behind the project, we are confident about our ability to continue building great open source products.”