Okta COVID-19 app usage report finds it’s not just collaboration seeing a huge uptick

Okta released a special COVID-19 edition of its app usage report today, and you don’t need a Ph. D. in statistics to guess what they found. Indeed, Zoom surged 110% on the Okta network, leading the way in usage growth just as you would expect, but another whole class of tools besides collaboration also saw huge increases in usage.

As Okta wrote in the report, “We see growth in two major areas: collaboration tools, especially video conferencing apps, and network security tools such as VPNs that extend secure access to remote workers.”

These plumbing tools might not be as sexy as the collaboration tools or boast triple digit growth like Zoom did, but they are seeing a substantial increase in usage as company IT departments try to bring some order to a widely distributed workforce.

As Okta pointed out in the report, bad actors have been looking to take advantage of the situation, as they tend to do, and these folks do love to sew some chaos.

Image Credit: Okta

The biggest winners here beyond collaboration tools were VPN businesses with Palo Alto Networks GlobalProtect and Cisco AnyConnect coming in at 94% and 86% usage increases respectively. But they weren’t the only tools growing, as Okta reported the Citrix ADC load balancing tool and ProofPoint’s security training apps also showed strong gains.

It’s probably not surprising that these kinds of tools are seeing an increase in usage with so many employees working from home, but it is interesting to see which vendors are benefiting from the move.

It’s also worth noting that Okta can point to a clear demarcation date when usage began to tick up. It’s easy to forget now, but March 6th was the last day of “normal” app usage before we started to see usage of these tools start to surge.

Image Credit: Okta

While reports of this kind are somewhat limited because of the focus on a particular set of customers and the tools they use, it does give you a sense of general trends in technology involving 8,000 Okta customers and 6,500 app integrations.

Material Bank, a logistics platform for sourcing architectural and design samples, raises $28M

Material Bank, a logistics platform for the architectural and design industry, has announced the close of a $28 million Series B financing today, led by Bain Capital Ventures. Bain’s Merritt Hummer led the round on behalf of the firm and will join the board of directors at Material Bank, along with Jeff Sine, cofounder and partner at The Raine Group.

Existing investors Raine Ventures and Starwood Capital Group cofounder, Chairman and CEO Barry Sternlicht also participated in the round.

Material Bank launched in January 2019, founded by Adam I. Sandow. Its platform is meant to serve designers, architects and others who source and purchase the very building blocks of our physical world: materials.

Most architectural firms and designers have their own physical library of materials in their office, like carpet swatches, wall covering samples, tiles, and hardwoods for flooring. These libraries are nearly impossible to keep up to date — not only do styles change over time (just like clothes or anything else) but architects pull this or that binder of wall coverings or carpets and there’s no telling if or when that binder returns to the library, or if the binder will still be complete when it does return.

The other big obstacle for designers and architects is that there’s no real aggregation across the many, many manufacturers of these materials.

Sandow likens it to searching for a flight in the old days.

“We all used to book airline travel through an agent, and then the airlines offered websites,” said Sandow. “We thought ‘this is great! I can just go to AA.com or Delta.com to book my flights.’ Until we wanted to price shop. Then you had to search four or five different websites and write down all the prices and by the time you found the price you wanted, it may be gone.”

Then came Expedia and Hotwire.

That’s how Sandow thinks of Material Bank for the architectural industry.

Material Bank aggregates materials across hundreds of vendors, giving users the ability to filter around multiple parameters to find a selection of materials in minutes instead of hours.

But aggregation and powerful search are only half the battle. Designers and architects are also burdened by the time it takes to get their samples. One package may arrive tomorrow, with two others in the next three days, and still more coming in one week.

This leads to a confusing experience of getting all these samples together to show a client, and is a huge environmental waste with dozens of boxes arriving at the same exact location over several days.

To combat this waste, Material Bank built a facility in Memphis directly next door to FedEx’s sorting center. This facility is the very last stop that FedEx makes each night before sorting and sending off its overnight packages by plane.

That means that Material Bank users can place an order by midnight EST and get their samples, from any vendor on Material Bank, by 10am ET the next morning. These samples come in a single box with a tray that can be repurposed into a return package to send back unneeded samples.

Obviously, Material Bank’s facility would require hundreds of workers to turn around orders that come in late to be picked up by FedEx if it weren’t for advancements in robotics. Material Bank partners with Locus Robotics in its facility, and is thus able to pay $17.50 an hour to its human workers in the building.

Sandow says that coronavirus has not hampered the business at all, with the company seeing record revenues in March and with expectations to beat that record in April. That is partially due to the fact that those physical sample libraries in architectural and design firms are no longer accessible to employees who have had to shift to working from home.

Material Bank doesn’t charge architects or designers for the service, but does have a hybrid SaaS model in place for manufacturers and vendors on the platform. Manufacturers pay a monthly fee to access and use the platform, listing their SKUs, as well as a transactional fee to get access to the architects and designers placing orders for samples of their materials. Essentially, the manufacturers pay for the lead generation and hand-off to potential customers.

Sandow spent the last two decades growing a media network of architectural and design-focused magazines and knew early on that a reliance on advertising wouldn’t cut it as media moved online, with plans to build tools and services instead.

Material Bank was born out of that effort, and spun out of Sandow group relatively early on in its life.

The company has raised a total of $55 million since inception.

Figma raises $50 million Series D led by Andreessen Horowitz

Figma, the design platform that lets folks work collaboratively and in the cloud, has today announced the close of a $50 million Series D financing. The round was led by Andreessen Horowitz, with partner Peter Levine and cofounding partner Marc Andreessen managing the deal for the firm. New angel investors, including Henry Ellenbogen from Durable Capital, also participated in the round alongside existing investors Index, Greylock, KPCB, Sequoia and Founders Fund.

Forbes reports that the latest funding round values Figma at $2 billion.

Dylan Field, Figma founder and CEO, told TechCrunch that discussions between a16z and Figma actually began towards the end of the fundraising cycle for the company’s Series C, which closed in February of 2019.

“It felt a bit like a shotgun wedding,” said Field, explaining that both parties instead opted to get to know each other better. They’ve been building their relationship over the past year, leading to today’s Series D close. Field also added that he has not met other investors in this round in person, and the vast majority of the deal was done over Zoom.

“When you think about the future of Silicon Valley, there is an interesting question around capital infrastructure being here and people not being able to access that if they’re not here, too,” said Field. “I got to see firsthand how a deal done online can work and I think more and more investors aren’t going to worry about whether you’re in Silicon Valley or not.”

Figma launched in 2015 after nearly six years of development in stealth. The premise was to create a collaborative, cloud-based design tool that would be the Google Docs of design.

Since, Figma has built out the platform to expand access and usability for individual designers, small firms and giant enterprise companies alike. For example, the company launched plug-ins in 2019, allowing developers to build in their own tools to the app, such as a plug-in for designers to automatically rename and organize their layers as they work (Rename.it) and one that gives users the ability to add placeholder text that they can automatically find and replace later (Content Buddy).

The company also launched an educational platform called Community, which gives designers the ability to share their work and let other users ‘remix’ that design, or simply check out how it was built, layer by layer.

A spokesperson told TechCrunch that this deal was “opportunistic,” and that the company was in a strong cash position pre-financing. The new funding expands Figma’s runway during these uncertain times, with coronavirus halting a lot of enterprise purchasing and ultimately slowing growth of some rising enterprise players.

Field explained that Figma’s data is counter to the expected narrative around enterprise purchasing because Figma is specifically built to let teams collaborate in the cloud.

“We’re actually seeing a lot of acceleration for bigger deals on the sales side,” said Field. “Figma is a tool that can help right now.”

The company says that one interesting change they’ve seen in the COVID era is a significant jump in user engagement from teams to collaborate more in Figma. The firm has also seen an uptick in whiteboarding, note taking, slide deck creation and diagramming, as companies start using Figma as a collaborative tool across an entire organization rather than just within a team of designers.

This latest deal brings Figma’s total funding to $132.9 million. Field added that, though the company is not yet profitable, this latest financing gives the company three to four years of runway, even with aggressive scaling and hiring efforts moving forward.

New Red Hat CEO Paul Cormier faces a slew of challenges in the midst of pandemic

When former Red Hat CEO Jim Whitehurst moved on to become president at parent company IBM earlier this month, the logical person to take his place was long-time executive Paul Cormier. As he takes over in the most turbulent of times, he still sees a company that is in the right place to help customers modernize their approach to development as they move more workloads to the cloud.

We spoke to Cormier yesterday via video conference, and he appeared to be a man comfortable in his new position. We talked about the changes his new role has brought him personally, how he his helping his company navigate the current situation and how his relationship with IBM works.

One thing he stressed was that even as part of the IBM family, his company is running completely independently, and that includes no special treatment for IBM. It’s just another customer, an approach he says is absolutely essential.

Taking over

He says that he felt fully prepared for the role having run the gamut of jobs over the years, from engineering to business units to CTO. The big difference for him as CEO is that in all of his previous roles he could be the technical guy speaking a certain engineering language with his colleagues. As CEO, things have changed, especially during a time when communication has become paramount.

This has been an even bigger challenge in the midst of the pandemic. Instead of traveling to offices for meetings, chatting over informal coffees and having more serendipitous encounters, he has had to be much more deliberate in his communication to make sure his employees feel in the loop, even when they are out of the office.

“I have a company-wide meeting every two weeks. You can’t over communicate right now because it just doesn’t happen [naturally in the course of work]. I’ve got to consciously do it now, and that’s probably the biggest thing,” he said.

Go-to-market challenges

While Cormier sees little change on the engineering side, where many folks have been working remotely for some time, the go-to-market team could face more serious hurdles as they try to engage with customers.

“The go-to-market and sales side is going to be the challenge because we don’t know how our customers will come out of this. Everybody’s going to have different strategies on how they’re coming out of this, and that will drive a lot,” he said.

This week was Cormier’s first Red Hat Summit as CEO, one that like so many conferences had to pivot from a live event to virtual fairly quickly. Customers have been nervous, and this was the first chance to really reconnect with them since things have shut down. He says that he was pleasantly surprised how well it worked, even allowing more people to attend than might pay to travel to a live event.

Conferences are a place for the sales team to really shine and lay the groundwork for future sales. Not being there in person had to be a big change for them, but he says this week went better than he expected, and they learned a ton about running virtual events that they will carry forth into the future.

“We all miss the face-to-face for sure, but I think we’ve learned new things, and I think our team did an amazing job in pulling this off,” he said.

No favorites for IBM

As he navigates his role inside the IBM family, he says that new CEO Arvind Krishna has effectively become his board of directors, now that the company has gone private. When IBM paid $34 billion for Red Hat in 2018, it was looking for a way to modernize the company and to become a real player in the hybrid cloud market.

Hybrid involves finding a way to manage infrastructure that lives on premises as well as in the cloud without having to use two sets of tools. While IBM is all-in on Red Hat, Cormier says it’s absolutely essential to their relationship with customers that they don’t show them any favoritism, and that includes no special pricing deals.

Not only that, he says that he has the freedom to run the company the way he sees fit. “IBM doesn’t set our product strategy. They don’t set our priorities. They know that over time our open-source products could eat into what they are doing with their proprietary products, and they are okay with that. They understand that,” he said.

He says that doing it any other way could begin to erode the reason that IBM spent all that money in the first place, and it’s up to Cormier to make sure that they continue to do what they were doing and keep customers comfortable with that. So far, the company seems to be heading in the same upward trajectory it was on as a public company.

In the most recent earnings report in January, IBM reported Red Hat income of $1.07 billion, up from $863 million the previous year when it was still a private company. That’s a run rate of over $4 billion, putting it well within reach of the $5 billion goal Whitehurst set a few years ago.

Now it’s Cormier’s job to get them there and beyond. The pandemic certainly makes it more challenging, but he’s ready to lead the company to that next level, all while walking the line as the CEO of a company that lives under the IBM family umbrella and all that entails.

AWS hits $10B for the quarter putting it on a $40B run rate

AWS, the cloud arm of Amazon, would be a pretty successful business on its own. Today, the company announced it has passed $10 billion for the quarter, putting the cloud business on an impressive run rate of more than $40 billion.

It was a bright spot for the company in an earnings report that saw it report net income of $2.5 billion, down $1 billion from a year ago.

Still, most companies would take that for the entire business, but AWS, which started off as kind of a side hustle for Amazon back in 2006, has grown into a powerful business all on its own. With a growth rate of 33%, it’s still growing briskly, even if it’s slowing down a bit as the law of large numbers begins to work against it.

Even though Microsoft has grown more quickly — in yesterday’s report Microsoft reported that Azure was growing at a 59% clip — AWS had such a big head start and controls a big chunk of the market share.

To give you a sense of how quickly this business has grown, Bloomberg’s Jon Erlichman tweeted the Q1 numbers for AWS since 2014, and it’s pretty amazing growth:

In 2014, it was a $4 billion a year business. Today it is 9.1x that and still going strong. The good news for everyone involved is that this is a huge market, and while nobody could ever characterize the pandemic and it’s economic fall-out as good news for anyone, the fact is that it is forcing companies to move to the cloud faster than they might have wanted to go.

That should bode well for all the cloud infrastructures vendors, even as the economy shrinks, the kinds of services these vendors offer should be in more demand than ever, and that means these numbers could just keep growing for some time.

How Cybercriminals are Weathering COVID-19

In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. In addition, many crooks are finding the outbreak has helped them better market their cybercriminal wares and services. But it’s not all good news: The Coronavirus also has driven up costs and disrupted key supply lines for many cybercriminals. Here’s a look at how they’re adjusting to these new realities.

FUELED BY MULES

One of the more common and perennial cybercriminal schemes is “reshipping fraud,” wherein crooks buy pricey consumer goods online using stolen credit card data and then enlist others to help them collect or resell the merchandise.

Most online retailers years ago stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia. These restrictions have created a burgeoning underground market for reshipping scams, which rely on willing or unwitting residents in the United States and Europe — derisively referred to as “reshipping mules” — to receive and relay high-dollar stolen goods to crooks living in the embargoed areas.

A screen shot from a user account at “Snowden,” a long-running reshipping mule service.

But apparently a number of criminal reshipping services are reporting difficulties due to the increased wait time when calling FedEx or UPS (to divert carded goods that merchants end up shipping to the cardholder’s address instead of to the mule’s). In response, these operations are raising their prices and warning of longer shipping times, which in turn could hamper the activities of other actors who depend on those services.

That’s according to Intel 471, a cyber intelligence company that closely monitors hundreds of online crime forums. In a report published today, the company said since late March 2020 it has observed several crooks complaining about COVID-19 interfering with the daily activities of their various money mules (people hired to help launder the proceeds of cybercrime).

“One Russian-speaking actor running a fraud network complained about their subordinates (“money mules”) in Italy, Spain and other countries being unable to withdraw funds, since they currently were afraid to leave their homes,” Intel 471 observed. “Also some actors have reported that banks’ customer-support lines are being overloaded, making it difficult for fraudsters to call them for social-engineering activities (such as changing account ownership, raising withdrawal limits, etc).”

Still, every dark cloud has a silver lining: Intel 471 noted many cybercriminals appear optimistic that the impending global economic recession (and resultant unemployment) “will make it easier to recruit low-level accomplices such as money mules.”

Alex Holden, founder and CTO of Hold Security, agreed. He said while the Coronavirus has forced reshipping operators to make painful shifts in several parts of their business, the overall market for available mules has never looked brighter.

“Reshipping is way up right now, but there are some complications,” he said.

For example, reshipping scams have over the years become easier for both reshipping mule operators and the mules themselves. Many reshipping mules are understandably concerned about receiving stolen goods at their home and risking a visit from the local police. But increasingly, mules have been instructed to retrieve carded items from third-party locations.

“The mules don’t have to receive stolen goods directly at home anymore,” Holden said. “They can pick them up at Walgreens, Hotel lobbies, etc. There are a ton of reshipment tricks out there.”

But many of those tricks got broken with the emergence of COVID-19 and social distancing norms. In response, more mule recruiters are asking their hires to do things like reselling goods shipped to their homes on platforms like eBay and Amazon.

“Reshipping definitely has become more complicated,” Holden said. “Not every mule will run 10 times a day to the post office, and some will let the goods sit by the mailbox for days. But on the whole, mules are more compliant these days.”

GIVE AND TAKE

KrebsOnSecurity recently came to a similar conclusion: Last month’s story, “Coronavirus Widens the Money Mule Pool,” looked at one money mule operation that had ensnared dozens of mules with phony job offers in a very short period of time. Incidentally, the fake charity behind that scheme — which promised to raise money for Coronavirus victims — has since closed up shop and apparently re-branded itself as the Tessaris Foundation.

Charitable cybercriminal endeavors were the subject of a report released this week by cyber intel firm Digital Shadows, which looked at various ways computer crooks are promoting themselves and their hacking services using COVID-19 themed discounts and giveaways.

Like many commercials on television these days, such offers obliquely or directly reference the economic hardships wrought by the virus outbreak as a way of connecting on an emotional level with potential customers.

“The illusion of philanthropy recedes further when you consider the benefits to the threat actors giving away goods and services,” the report notes. “These donors receive a massive boost to their reputation on the forum. In the future, they may be perceived as individuals willing to contribute to forum life, and the giveaways help establish a track record of credibility.”

Brian’s Club — one of the underground’s largest bazaars for selling stolen credit card data and one that has misappropriated this author’s likeness and name in its advertising — recently began offering “pandemic support” in the form of discounts for its most loyal customers.

It stands to reason that the virus outbreak might depress cybercriminal demand for “dumps,” or stolen account data that can be used to create physical counterfeit credit cards. After all, dumps are mainly used to buy high-priced items from electronics stores and other outlets that may not even be open now thanks to the widespread closures from the pandemic.

If that were the case, we’d also expect to see dumps prices fall significantly across the cybercrime economy. But so far, those price changes simply haven’t materialized, says Gemini Advisory, a New York based company that monitors the sale of stolen credit card data across dozens of stores in the cybercrime underground.

Stas Alforov, Gemini’s director of research and development, said there’s been no notable dramatic changes in pricing for both dumps and card data stolen from online merchants (a.k.a. “CVVs”) — even though many cybercrime groups appear to be massively shifting their operations toward targeting online merchants and their customers.

“Usually, the huge spikes upward or downward during a short period is reflected by a large addition of cheap records that drive the median price change,” Alforov said, referring to the small and temporary price deviations depicted in the graph above.

Intel 471 said it came to a similar conclusion.

“You might have thought carding activity, to include support aspects such as checker services, would decrease due to both the global lockdown and threat actors being infected with COVID-19,” the company said. “We’ve even seen some actors suggest as much across some shops, but the reality is there have been no observations of major changes.”

CONSCIENCE VS. COMMERCE

Interestingly, the Coronavirus appears to have prompted discussion on a topic that seldom comes up in cybercrime communities — i.e., the moral and ethical ramifications of their work. Specifically, there seems to be much talk these days about the potential karmic consequences of cashing in on the misery wrought by a global pandemic.

For example, Digital Shadows said some have started to question the morality of targeting healthcare providers, or collecting funds in the name of Coronavirus causes and then pocketing the money.

“One post on the gated Russian-language cybercriminal forum Korovka laid bare the question of threat actors’ moral obligation,” the company wrote. “A user initiated a thread to canvass opinion on the feasibility of faking a charitable cause and collecting donations. They added that while they recognized that such a plan was ‘cruel,’ they found themselves in an ‘extremely difficult financial situation.’ Responses to the proposal were mixed, with one forum user calling the plan ‘amoral,’ and another pointing out that cybercrime is inherently an immoral affair.”