Week in Review: IoT, Security, Auto

Internet of Things
Pepper IoT collaborated with the Dark Cubed cybersecurity firm to produce “The State of IoT Security Report,” which can be downloaded here. Pepper IoT is an Internet of Things platform and service provider. Key findings of the report: Device security is important, but the platform is much more critical; patching will not fix systemic problems; and the market must make security a priority. Dark Cubed CEO Vince Crisler said in a statement, “If we do not address the problem of insecure consumer IoT devices and the lack of respect for consumer privacy soon, it is going to be too late. Just because the space is complex and rapidly developing is not an excuse for retailers and regulators to turn a blind eye. In fact, the opposite is true. Retailers must consider security as a part of their buying processes and government must consider regulations that focus on consumer protections. We are passionate about these issues and excited to work with Pepper IoT in leading change.”

Cybersecurity
Arm is working with UK Research and Innovation, a government-backed organization, on enhancing cybersecurity resilience in the U.K. The government has just approved £70 million (about $91.7 million) in new funding for the Digital Security by Design project backed by UKRI’s Industrial Strategy Challenge Fund. Arm has collaborated with the University of Cambridge to incorporate concepts from the CHERI project into the Arm architecture.

Things are going from bad to worse for Huawei Technologies. The U.S. government is trying to convince its allies in Asia and Europe from using Huawei equipment in their networks, especially in the new infrastructure for 5G cellular communications. Vodafone Group, the world’s second largest mobile operator (behind China Mobile), said it would “pause” purchases of Huawei products while governments debate whether to ban systems from the world’s largest supplier of telecommunications equipment. Such discussions may also include prohibitions against ZTE products. The U.S. Department of Justice this week brought separate indictments against Huawei and its chief financial officer, Meng Wanzhou. Federal prosecutors allege the company has engaged in a decade-long effort to steal trade secrets, obstruct a criminal investigation, and evade economic sanctions against Iran. The U.S. will ask for the extradition of Meng from Canada, where she was arrested two months ago while changing flights in Vancouver, B.C.

Cujo AI of El Segundo, Calif., released a report revealing results of an online survey it conducted among more than 2,000 U.S. users of the company’s Internet Security Firewall. Nearly 90% of respondents said they think cybercrime risks are increasing; 41.3% know someone affected by cybercrime; and about one-quarter of the respondents said they have been a cybercrime victim. While 59.1% feel “well-informed” about cyberthreats, 51.2% don’t think they can fully protect themselves. While a majority of users resort to traditional precautions, such as updating passwords and antivirus protection, slightly less than 57% are using two-factor authentication and other measures recommended by cybersecurity experts. More disturbing – just over half don’t use a virtual private network when they are on public Wi-Fi and just over half regularly change the settings on their browsers, email, and social media accounts.

Singapore prides itself as a high-technology hub, where cutting-edge data science drives government decisions. For all of its business and technical prowess, the country was hit with two significant data breaches, this analysis notes. A 2018 cyberattack on the public health system compromised the data of 1.5 million people. The Health Ministry this week disclosed that medical records for 14,200 HIV-positive people living in Singapore were obtained by an American whose Singaporean partner worked at the ministry. The ministry learned last month that these sensitive records were illegally disclosed online.

Malwarebytes Labs, a security firm, reports that backdoor and trojan attacks are on the rise, overtaking ransomware attacks as the chief types of cyberattacks. Trojan attacks went up by 132% from 2017 to 2018, while backdoor attacks increased 173%, the company says. Its “2019 State of Malware” report can be found and downloaded here.

Shane Huntley leads a team that tracks Iranian hackers, exposed North Korea’s role in creating a crippling computer virus, and identified the Russian actors behind the 2016 hacking of the Democratic National Committee. Is this team part of the National Security Agency or another intelligence agency? No, it’s Google’s Threat Analysis Group, this analysis details.

FireEye reports its identification of another Iran-linked cyberespionage group, which it calls APT39. The company has been tracking the group’s activities since November of 2014. “APT39’s focus on the widespread theft of personal information sets it apart from other Iranian groups FireEye tracks, which have been linked to influence operations, disruptive attacks, and other threats. APT39 likely focuses on personal information to support monitoring, tracking, or surveillance operations that serve Iran’s national priorities, or potentially to create additional accesses and vectors to facilitate future campaigns,” FireEye says in a statement.

The ”Collection #1” trove of purloined email addresses, unique usernames, and related passwords was just the beginning. That hacker database has metastasized into multiple collections, encompassing 25 billion records in 845 gigabytes of stolen data.

Automotive/Mobility
Logan Green, Lyft’s publicity-averse CEO, is profiled by The New York Times about his company’s plans for an initial public offering this year, which may happen before the IPO of its much larger competitor in ride-hailing services, Uber Technologies. Privately held Lyft was most recently valued at $15.1 billion, while Uber may command a valuation of $120 billion when it goes public. In 2014, Uber briefly considered acquiring Lyft, but then-CEO Travis Kalanick is said to have laughed at the purchase price proposed by John Zimmer, Lyft’s president. Lyft has raised a total of $4.9 billion over 19 rounds, according to Crunchbase, with the most recent round, Series I funding of $600 million, concluded last June.

Didi Chuxing, China’s largest ride-hailing operator, has set up joint ventures with BAIC and Volkswagen Group to develop purpose-built cars for specific services. BAIC-Xiaoju New Energy Auto Technology, the joint venture with BAIC, will work on “next-generation connected-car systems,” it was said. Didi owns 60% of Shanghai Juzhong Smart Mobility, with 40% going to Volkswagen Group China. VW says the Chinese JV will address fleet operations, fleet sales, and fleet management, along with maintenance and repair services. It will also explore fleet leasing.

Volkswagen plans to invest €870 million (nearly $1 billion) by 2020 for developing electric vehicle components. The group plans to manufacture EV batteries and charging stations in Lower Saxony, close to its global headquarters.

When Porsche brings its all-electric Taycan sedan to market this year, the high-performance automotive manufacturer will be touting how quickly the car’s battery can recharge, putting less emphasis on zero-to-60-mph acceleration speeds. The Taycan will feature an 800-volt battery that can absorb charging rates of up to 350 kilowatts. That compares with Tesla’s 120-kilowatt supercharging stations, which usually take about 30 minutes to recharge the vehicle’s battery to around 80%.

Daimler plans to cultivate closer relations with automotive suppliers in China, planning to bring more advanced technology to Mercedes-Benz vehicles and other brands. “We will intensify scouting of Chinese suppliers. China is more advanced than the United States in many areas of digital innovation,” said Wilko Stark, head of procurement and supplier quality at Mercedes-Benz.

Zotye Automobile International has lined up 19 dealerships across the U.S. to sell a crossover vehicle in the States. The Chinese company plans to enter 80 U.S. markets by the end of 2020. HAAH Automotive Holdings of Lake Forest, Calif., signed a distribution agreement with Zotye and formed Zotye USA in October to lead the rollout.

VeloMetro Mobility of Vancouver, B.C., wants to raise C$9.5 million (about $7.2 million) for manufacturing of its 3-wheeled Veemo vehicle, having previously taken in C$2.4 million (about $1.8 million) in equity financing. It seeks a pre-money valuation of C$11.4 million (almost $8.7 million) in the private funding round. VeloMetro plans to spend the money on building a fleet of 500 vehicles, production tooling, a Veemo launch in Vancouver, working capital, and a runway to Series A funding.

The California Department of Motor Vehicles issued a permit to Pittsburgh-based Argo.ai to test its self-driving cars on California roadways. Argo AI has a close relationship with Ford Motor, which is investing $1 billion over five years in the autonomous vehicle startup. Argo is testing its autonomous systems in Detroit and Miami, with plans to expand to Washington, D.C.

The United Kingdom’s untidy departure from the European Union is weighing upon the country’s automotive industry. Investment last year fell 46.5% from 2017, according to the Society of Motor Manufacturers and Traders. Jaguar Land Rover has already scheduled layoffs, as has London Electric Vehicle Company, which makes the electric taxicabs used in the capital of the U.K.

Products/Services
Arteris IP reports that it signed 20 new licensees during 2018. They included Baidu, Arbe Robotics, AutoChips, AutoTalks, Canaan Creative, Enflame Technology, and Iluvatar CoreX. The other 13 licensees have not been publicly identified. This represented the largest number of new licensees in one year for the company. K. Charles Janac, president and CEO, said in a statement, “In 2018, Arteris IP’s focus on automotive and artificial intelligence markets paid off with the highest number of new Arteris IP customers in history selecting our interconnect IP technology. This high rate of customer adoption allows us to invest more than any other company in the on-chip interconnect technologies needed for tomorrow’s SoC applications for artificial intelligence and machine learning, automated driving and data center acceleration.”

Marvell Technology Group was named by Clarivate Analytics to its Derwent Top 100 Global Innovator listing for the seventh consecutive year. Marvell holds more than 10,000 patents for its technology.

Rambus announced its GDDR6 PHY offering was taped out on Taiwan Semiconductor Manufacturing’s 7-nanometer FinFET process technology. The company’s GDDR6 PHY IP is now available for licensing. Meanwhile, Rambus and Worldline are expanding their collaboration for U.K. rail operations, integrating the Rambus remote ticket download software with Worldline’s @Station and Mobile Ticket Issuing Service.

The new Dell SafeGuard and Response portfolio combines managed security, incident response expertise, and threat behavioral analytics from Secureworks with CrowdStrike’s unified endpoint protection platform to provide next-generation endpoint security.

Silicon Labs introduced Bluetooth 5.1 software for its Wireless Gecko portfolio, enhancing the company’s connectivity offerings for the IoT. The new software uses the direction finding feature just added this week to version 5.1 of the Bluetooth Core Specification.

Organizations
The Industrial Internet Consortium is completing its merger with the OpenFog Consortium. The IIC scheduled the first formal meeting of the combined organizations for Feb. 11-14 in Raleigh, N.C.

M&A
Microsoft acquired Citus Data, a provider of open-source database software; financial terms weren’t revealed. The startup was founded in 2011 and has about 40 employees in offices in San Francisco and Turkey. Citus Data raised a total of $13.2 million in private funding over five rounds from investors that include Y Combinator, Data Collective, and Khosla Ventures.

CACI International agreed to acquire LGS Innovations of Herndon, Va., for $750 million. LGS, owned by Madison Dearborn Partners and CoVant, specializes in C4ISR and cybersecurity products for U.S. intelligence agencies and the Department of Defense. CACI is also buying Mastodon Design of Rochester, N.Y., for $225 million. Mastodon is involved in rugged signals intelligence, electronic warfare, and cyber operations.

Dropbox will purchase San Francisco-based HelloSign for $230 million in cash. The provider of an e-signature platform had raised $16 million in private funding from Foundry Group, U.S. Venture Partners, Greylock Partners, Khosla Ventures, and Webb Investment Network, among other investors. The transaction is expected to close during the first quarter of this year.

Evergrande Health Industry Group will pay $156 million to take a 58.1% equity stake in Shanghai CENAT New Energy, an automotive battery manufacturer in China. It is acquiring the majority stake from Shenzhen Clou Electronics.

Baffin Bay Networks of Stockholm, Sweden, acquired a U.S. research data platform, Loryka, which specializes in botnet and IoT cybersecurity research.

Finance
NIO, the electric vehicle manufacturer in China that competes with Tesla, raised $650 million from a five-year convertible bond. The company will use the money for expansion. With an over-allotment option, the bond offering could bring in a total of $750 million.

Connectivity
Verizon Communications reports it successfully tested multi-access edge compute equipment and platform software on its 5G test bed in Houston. Its engineers used an automated intelligence-enabled facial recognition application to identify people.

Semtech says about 80 million LoRa-enabled end nodes have been cumulatively deployed by the end of last year. The LoRa Alliance announced that there are more than 100 LoRaWAN-based network operators now. Semtech also reports the availability of a new open-source packet forwarder for Linux-based gateways, enabling secure, resource-efficient data communication and remote management for IoT networks.