Tag: Ten Eleven Ventures

Posted on

Aembit raises $16.6M to bring identity management to workloads

Aembit, a Maryland-based security startup that focuses on helping DevOps and security teams manage how federated workloads talk to each other, is officially launching its service today and announcing a $16.6 million seed funding round from Ballistic Ventures and Ten Elven Ventures.

In essence, Aembit’s workload identity and access management service applies industry knowledge, from managing user and device access to cloud workloads such as APIs, databases and other cloud resources — all without requiring developers to make changes to their code.

Image Credits: Aembit

The co-founders, David Goldschlag and Kevin Sapp, spent the last 17 years working together. Among other startups, they co-founded the zero trust platform New Edge Labs, which was acquired by Netskope, and the mobile device management platform Trust Digital, which was acquired by McAfee.

“Along the way, people would always ask us: what about workload-to-workload application-level access? It’s always been this thing that’s there and that’s important, but we hadn’t addressed it,” Goldschlag explained. When the founders left Netskope in the summer of 2021, they decided to finally tackle this challenge. “It was important, because you had all these things happening in the ecosystem, right? You had all of these APIs that were becoming part of people’s applications,” he noted. “If you think about open source from a couple of years ago, people built apps by including open source. Today, people build apps by including databases and APIs — and now you need to enable secure access between those.”

Aembit co-founders David Goldschlag (l) and Kevin Sapp (r). Image Credits: Aembit

He noted that Aembit’s mission is different from that of API gateways and security services. These services live in front of the API and help developers build and expose those securely to internal and third-party developers. But Aembit’s focus is on the client that accesses the API and ensures that this client is authorized to access it. He likened it to how today’s identity management systems help enterprises authorize their users. When a user uses Okta to log into Microsoft 365, for example, that user interacts with Okta and then gets the credential to access the service.

To do all of this, Aembit also has to become the system of record not just for all of these workload identities but also the workloads themselves (and these days, those workloads are often ephemeral, making this an even harder problem).

Image Credits: Aembit

“You want to start with the foundational level, which is you have identities and you have policies. You enable access and you log this. But you probably want to discover more and more workloads from all these fragmented places — and then you may want to discover access patterns,” Goldschlag explained. “Our system can already do that. We can deploy the system in a non-enforcement mode — a discovery mode — to tell us what accesses are happening.”

Then, using this as a roadmap, it becomes much easier to see how these workloads typically interact — and take action when something changes.

“Enterprises have spent significant resources securing the connections between people and the software they use. However, as businesses move to the cloud, a new and fast growing attack surface has emerged,” said Jake Seid, co-founder and general partner of Ballistic Ventures. “The mesh of workload-to-workload connections created when software talks to other software need to be identified, secured and managed. Aembit is defining this new category of Workload IAM to defend enterprises’ most critical digital assets. It’s been an honor to work with the Aembit founders since day 1 and to continue to support them on their journey.”

Aembit currently has 11 full-time employees, virtually all of them in engineering. With the new funding, the company plans to grow its marketing team and build out its product. Specifically, Aembit, which has been doing well in selling to large enterprises, plans to launch a self-serve product soon, which will allow it to expand to more small and medium-sized businesses, too.

Aembit raises $16.6M to bring identity management to workloads by Frederic Lardinois originally published on TechCrunch

Posted on

The cybersecurity funding bubble hasn’t burst — but it’s starting to deflate

Last year was record-breaking for the cybersecurity market. Data from Momentum Cyber, a financial advisory firm for the security industry, showed that cybersecurity startups raised a “record-shattering” $29.5 billion in venture capital in 2021, more than doubling the $12 billion raised in 2020, while a record number — including Dragos and Noname Security — were minted as unicorns.

The past few months have started to paint a different picture for the industry, which has managed to successfully navigate the pandemic, geopolitical conflict, and — so far — the looming economic storm.

Posted on

HiddenLayer emerges from stealth to protect AI models from attacks

As AI-powered services like OpenAI’s GPT-3 grow in popularity, they become an increasingly attractive attack vector. Even shielded behind an API, hackers can attempt to reverse-engineer the models underpinning these services or use “adversarial” data to tamper with them. According to Gartner, 30% of all AI cyberattacks in 2022 will leverage these techniques along with data poisoning, which involves injecting bad data into the dataset used to train models to attack AI systems.

As in any industry, fighting security threats is a never-ending task. But Chris Sestito claims that his platform, HiddenLayer, can simplify it for AI-as-a-service vendors by automatically identifying malicious activity against models and responding to attacks.

HiddenLayer today emerged from stealth with $6 million in seed funding from Ten Eleven Ventures, Secure Octane and other investors. Sestito, the former director of threat research at Cylance and VP of engineering at Qualys, co-founded the company several months ago with Tanner Burns and Jim Ballard. Burns and Ballard also worked at Qualys and Cylance and spent time together at BlackBerry, where Ballard was a data curation team lead and Burns was a threat researcher.

“Virtually all enterprise organizations have made significant resource contributions to machine learning to give themselves an advantage — whether that value is in the form of product differentiation, revenue generation, cost savings or efficiencies,” Sestito told TechCrunch in an email interview. “Adversarial machine learning attacks are capable of causing all of the same damage we’ve seen in traditional cyber attacks including exposing customer data and destroying production systems. In fact, at HiddenLayer, we believe we’re not far off from seeing machine learning models ransomed back to their organizations.”

HiddenLayer claims that its technology can defend models from attacks without the need to access any raw data or a vendor’s algorithms. By analyzing model interactions — in other words, the data fed into the model (e.g., a picture of cats) and the predictions that the model outputs (e.g., the caption “cats”) — to spot patterns that could be malicious, HiddenLayer can work “non-invasively” and without prior knowledge of training data, Sestito said.

“Adversarial machine learning attacks are not loud like ransomware — you have to be looking for them to catch them in time,” Sestito said. “HiddenLayer has focused on a research-first approach that will allow us to publish our findings and train the world to be prepared.”

Mike Cook, an AI researcher who’s a part of the Knives and Paintbrushes collective, said that it’s unclear whether HiddenLayer is doing anything “truly groundbreaking or new.” (Cook is unaffiliated with HiddenLayer.) Still, he notes that there’s a benefit to what HiddenLayer appears to be doing: trying to package up knowledge about attacks on AI and make them more widely accessible.

“The AI boom is still booming, but a lot of that knowledge about how modern machine learning works and how best to use it is still locked away mostly to people who have specialist knowledge. Memorable examples for me include researchers managing to extract individual pieces of training data from OpenAI’s GPT-2 and GPT-3 systems,” Cook told TechCrunch via email. “When expert knowledge is inaccessible and hard to come by, sometimes all a business really needs is to provide convenient ways to get at it.”

HiddenLayer is currently pre-revenue and doesn’t have customers, although Sestito says that the startup has engaged several “high-profile” design partners. Ultimately, Cook believes its success will depend less on HiddenLayer’s technology and more on whether the threat from attacks is as great as the company claims.

“I don’t know how prevalent attacks on machine learning systems are [at present]. Tricking a spam filter into letting through an email is very different in scale and severity to extracting proprietary data from a large language model,” Cook said.

To his point, it’s difficult to pin down real-world examples of attacks against AI systems. Research into the topic has exploded, with more than 1,500 papers on AI security published in 2019 on the scientific publishing site Arxiv.org, up from 56 in 2016, according to a study from Adversara. But there’s little public reporting on attempts by hackers to, for example, attack commercial facial recognition systems — assuming such attempts are happening in the first place.

Sestito asserts the threat — regardless of its size today — will grow with the AI market, implicitly to the advantage of HiddenLayer. He acknowledges that several startups already offer products designed to make AI systems more robust, including Robust Intelligence, CalypsoAI and Troj.ai. But Sestito claims that HiddenLayer stands alone in its AI-driven detection and response approach.

“PwC believes that AI will be a $15.7 trillion dollar market by 2030. We absolutely have to start defending this technology now,” Sestito said. “Our biggest goal by far is educating the market on this new threat. The commitment to AI and machine learning is relatively new to many organizations and few have been focusing on defending those assets. With any new technology comes new attack vectors; this is the same fight on a new frontier.”

Austin, Texas-based HiddenLayer currently has 11 employees and expects to finish 2022 with 14.
Posted on

Data governance startup Immuta lands $100M to pursue acquisitions

Immuta, a provider of data privacy and access controls services, today announced that it closed a $100 million Series E round at a $1 billion valuation, bringing the company’s total funding to $267 million. NightDragon led the funding with participation from Snowflake Ventures as well as existing investors Dell Technologies Capital, DFJ Growth, IAG, Intel Capital, March Capital, StepStone, Ten Eleven Ventures, and Wipro Ventures.

The new cash will be used to support product development and R&D efforts, CEO Matthew Carroll said, as well as expand Immuta’s sales, marketing, customer success, and support teams and enable “key” acquisitions in the data monitoring space. “The pandemic has accelerated the move to the cloud and that has increased the need for cloud data security,” he told TechCrunch in an email interview. “We don’t see that slowing down.”

Immuta was co-founded in 2015 by Steven Touw and Carroll, who began his career as a U.S. Army intelligence officer in Baghdad. Before founding Immuta, Carroll spent several years at consulting group CSC after it acquired his previous employer, 42six Solutions, where Touw also worked.

Carroll led data fusion and analytics programs and advised the U.S. government on data management and analytics issues at CSC. “I quickly realized the power of data and the ways that governing large amounts of critical information can better streamline operations of all kinds,” he added. “With proper data access controls, organizations can truly maximize the utility of their data.”

Carroll pitches Immuta as an “enterprise-scale” alternative to manual processes for creating and implementing data policies. It’s his assertion that many IT teams use tools that rely on role-based access control technologies dating back to the ’90s, which aren’t well-suited to emerging privacy regulations like GDPR and CCPA. Adding to the challenge, Carroll claims, these tools can introduce “data locality” challenges in situations where data must be migrated from on-premises data stores to the cloud. For example, a company may be operating in a certain set of countries globally but have data stored in a data center in Germany.

To Carroll’s point, surveys show that organizations face a range of issues when it comes to establishing data policies. Specialists in a recent TechRepublic poll cited corporate culture, lack of knowledge, financial cost, and poor integration with existing tools as some of the top blockers. The public sector wrestles with these same issues as revealed in research from the Center for Digital Government (CDG), a national research and advisory institute. The CDG reported in May that frameworks to address digital privacy at the state and local government level are only in the “nascent stages.”

Immuta

Image Credits: Immuta

“The question is understanding what rules apply and also how to apply them — it can get complex very quickly,” Carroll said. “This is all happening while organizations are trying to speed up access to data. The most common challenge we hear is that organizations are trying to innovate, trying to move their business forward, but there’s a disconnect between IT and the business and they are forced into this decision between being compliant or providing fast access to the data.”

Immuta’s customers — which range from private sector organizations like S&P Global and Mercedes-Benz Group to the U.S. Army — gain access to a dashboard designed to automate aspects of data policy federation. It provides tools for the discovery, classification, and tagging of sensitive information to comply with contractual obligations and regulations. Beyond this, Immuta can audit data usage and gather insights to show users what data was accessed, when, by whom, and for what purpose.

The platform integrates with data centers, on-premises servers, and hybrid cloud services including Databricks and Snowflake. (Immuta recently launched a software-as-a-service deployment, Immuta SaaS.) Any user accessing services where Immuta is integrated gets the benefit of using Immuta to control data access, according to Carroll.

“Immuta takes a different approach to a handful of newer alternatives wherein we’ve written code that natively integrates into the compute layer, meaning the consumer sees no performance hit when applying data access controls policies to queries,” Carroll said. “Immuta operates as the data security and privacy layer across customers’ environments … [it] improves compliance and mitigates risk, [which] means that teams can safely share more data and easily prove compliant data use with full visibility into all data access.”

Data governance is a red-hot sector, with one analytics firm predicting that it’ll be worth $6 billion by 2026. Immuta’s competitors include TrustArc, which helps companies implement privacy and compliance programs. Others are Privitar, OneTrust, and BigID.

Fortunately for Immuta, venture capital sees big opportunities in data privacy. Venture spending in the broader security segment surged to nearly $30 billion in 2021, more than doubling the total from the previous year, according to Momentum Cyber.

“We are very well funded,” Carroll said, demurring when asked about Immuta’s total number of customers and annual recurring revenue. “[We] see the recent reality check across tech as a big opportunity to solidify our market position and expand with new acquisitions.”

Stefan William, VP of corporate ventures at Snowflake Ventures, added in an emailed statement: “Data security is only increasing in importance and we strongly believe in Immuta as both a partner and investor. With enhanced data security, Snowflake customers can further accelerate their use of cloud data, and that’s a win for everyone.”

Boston, Massachusetts-based Immuta claims to have over 250 employees currently, with plans to double headcount within the next 18 months.

Posted on

Cybersecurity startup Ordr nabs $40M to monitor connected devices for anomalies

In 2015, there were approximately 3.5 billion internet of things (IoT) devices in use. Today, the number stands around 35 billion, and is expected to eclipse 75 billion by 2025. IoT devices range from connected blood pressure monitors to industrial temperature sensors, and they’re indispensable. Yet every device increases an organization’s attack surface, along with the potential for a cybersecurity attack.

The challenge was the driving force behind Ordr, a startup focused on network-level device security. Pandian Gnanaprakasam and Sheausong Yang — who between them had tenures at Cisco, Aruba Networks, and AT&T Bell Labs — co-founded Ordr in 2015 to address what they call the “visibility gap” in enterprise networks. 

“We realized that enterprise security had reached a breaking point as enterprises tried to implement zero trust strategies when they could not even determine what devices were connected to their own networks,” CEO Greg Murphy told TechCrunch in an email interview. “The visibility gap and the resulting risk was greatest for those unmanaged IoT, internet of medical things, and operational technology devices that could not be secured like traditional IT infrastructure.”

Certainly, the risk of breaches and ransomware has grown recent years, especially as the pandemic spurred organizations to move more of their devices online. According to one study, 75% of all internet-connected infusion pumps contain at least one vulnerability — a problematically high figure considering that there’s 10 million to 15 million medical devices in U.S. hospitals today. 

Murphy said that WannaCry, the coordinated ransomware attack in 2017 that encrypted hundreds of thousands of computers in a matter of hours, was a particularly strong “business accelerant” for Ordr. “Companies, specifically in healthcare, realized the threat not just to data privacy and security, but to every aspect of their operations as they were forced to disconnect their devices and revert to manual processes overnight,” he added.

Recognizing the opportunity, investors including Dan Warmenhoven (former CEO of NetApp) and Dominic Orr (former CEO of Aruba Networks) contributed to Ordr’s $40 million Series C funding round, which was announced today. Battery Ventures and Ten Eleven Ventures co-led by with participation from Northgate Capital, Wing Venture Capital, Unusual Ventures, and several health organizations including Kaiser Permanente Ventures and Mayo Clinic, participated.

“The company revenue has been accelerating,” Murphy said somewhat vaguely, adding that Ordr has more than 500 customers including federal, state, and local governments. “Within other segments like manufacturing, security teams are looking for visibility and security of connected devices. Ordr experienced more than 140% year-over-year growth in new customer revenue in its most recent quarter ending on March 31, 2022, is deployed in three of the world’s top six hospitals, and has been adopted across more than 150 manufacturing sites.”

Ordr claims its technology can autonomously identify and protect connected devices by applying traffic flow and access policies. The startup’s system, which deploys on top of existing infrastructure, uses machine learning algorithms to build a baseline understanding of devices’ behavior and flag suspicious events.

Ordr

Ordr’s device monitoring dashboard.

It’s key to note that no software is flawless. A 2021 ESG report found that nearly half of all alerts from cybersecurity tools are false positives, and that 75% of companies spend an equal amount of time — or more — on them than on actual attacks.

But Murphy makes the case that Ordr’s solution is differentiated by the visibility it offers into devices and risks, its “behavioral baselining” of devices, and its automated creation of enforcement policies across networking and security products.

“Because devices are deterministic, with specific behavior based on its function, this ‘baseline’ enables Ordr to detect devices behaving anomalously. These machine learning models also form the basis for zero trust enforcement policies that are dynamically generated by Ordr,” Murphy explained. “Ordr collects 1,000 attributes for every device, including data from close to 70 technology partners. Data models are built based on the use cases and have a built in continuous learning model by incorporating feedback loops from partners and customers.”

Ordr’s rivals include Palo Alto Networks’ Zingbox, Armis, and Claroty’s Medigate as well as Claroty, Sternum, Vdoo, and Karamba Security, which provide cybersecurity tools designed to protect industrial control, IoT, and embedded systems. But despite broader economic headwinds, there’s an abundance of venture capital to go around in cybersecurity. Last year saw a record $21.8 billion poured into cybersecurity companies, with $7.8 billion invested during the fourth quarter alone, according to Crunchbase data.

“[M]ore than ever before, enterprises today understand the need to closely monitor and secure all their connected devices, and to do so in an automated fashion … The Ordr platform enables device utilization insights that can help organizations be more efficient in their operations, as well as optimize maintenance scheduling [and] help inform and support asset management/purchasing decisions for CIOs,” Murphy said. “A broader business slowdown will impact IT operating budgets, and those budgets will naturally be allocated to mission-critical initiatives and basic cyber hygiene essential to business operations …. Given the continued explosion in the number of connected devices that coincides with a dramatic increase in cyber attacks, companies like Ordr are well-positioned to expand even in a challenging macroeconomic environment.”

To date, Ordr has raised more than $90 million in venture capital. With the proceeds from the recent round, Ordr plans to double its roughly-80-person workforce within the next year with an emphasis on the marketing, customer success, and engineering teams and a “focus on investing in partners,” according to Murphy.

“The funds will be used for expansion of our go-to-market capability,” Murphy added. “On the technical side, investments will be used to expand integrations with leading security solutions, and simplify workflows for all classes of users, consistent with Ordr’s goal of becoming a single source of truth for connected devices in the enterprise.”

Posted on

Blumira raises $10.3M Series A to bring cloud-based SIEM to mid-market companies

Blumira today announced it raised a $10.3 million Series A financing round. The Ann Arbor-based cybersecurity company says the capital will be used to expand its product offering, double its headcount to 80 employees, and grow its partnership program with managed service providers.

The company, founded in 2018, seeks to provide enterprise-level security to medium-sized businesses through turn-key, cloud-based solutions. Blumira’s solution upends the traditional security information and event management market with a powerful suite of tools designed specifically for mid-market companies that’s relatively more affordable. According to Blumira, its product deploys quickly and gives these companies the security and threat monitoring ability of tools used by giant corporations.

With the new funding, the firm has raised $12.9 million since its founding in 2018. New investor Mercury led Blumira’s Series A with Managing Director Aziz Gilani joining Blumira’s board as a director. The Series A also included participation from Ten Eleven Ventures, enterprise angles, and existing investors of M25, Array Ventures, and Duo
Security co-founder and angel investor Jon Oberheide.

“Having additional capital behind us accelerates our velocity and ability to execute our vision of democratizing the detection and response market,” said Steve Fuller, co-founder and CEO at Blumira. “We’ve built incredible momentum in just a few short years, and we’re thrilled to have the support of world-class investors as we work to make security operations simple, automated, affordable and accessible to organizations of all sizes.”

Posted on

Vulcan Cyber raises $21M Series B for its vulnerability remediation platform

Tel Aviv-based Vulcan Cyber, a cybersecurity startup that helps businesses prioritize and fix security vulnerabilities, today announced that it has raised a $21 million Series B funding round led by Dawn Capital. Wipro Ventures and existing investors YL Ventures and Ten Eleven Ventures also participated in this round. The company says it will use the new funding to roll out new remediation solutions and launch a free risk-based vulnerability management platform under the Vulcan Free monicker.

With this new round, Vulcan Cyber’s total funding to date is now $35 million. The company says it saw 500% growth in annual recurring revenue and new customer account metrics in 2020, with each user typically having between 10 and 100 users on the platform.

Image Credits: Vulcan Cyber

The company’s emphasis has always been on not just warning its customers about potential vulnerabilities but also helping them prioritize them based on the severity of the risk and the threat to a company’s business assets. Security teams, after all, are often overwhelmed by alerts and not every vulnerability a scanner represents is a high-priority risk for a business. The promise of Vulcan Cyber’s platform is that it helps these teams figure out where to best focus their resources.

While the funding is the headline news today, Vulcan’s new free offering is also worth a closer look.

Israel’s cybersecurity startup scene spawned new entrants in 2019

Cybersecurity pros have used open-source vulnerability scanners like Nessus for almost two decades. More recently, vulnerability management programs have used risk-based vulnerability management tools to prioritize scan results to determine specific risk to the business and focus the remediation effort. The scan and prioritize functions are fundamental, necessary elements of any mature remediation program,” Yaniv Bar-Dayan, Vulcan Cyber’s CEO and co-founder said about the new free offering. “But now the industry has a free vulnerability prioritization engine to complement the scanners. This round of funding allows us to provide the Vulcan Free service to the cybersecurity industry to help businesses achieve cyber hygiene. This move shifts the economics of our market and will push CISOs and CIOs to dedicate more budget and resources not just on simple scan and prioritize paper pushing, but on driving actual remediation outcomes. We hope this will help the industry get fix done more effectively.”

With this new free offering, Vulcan’s freemium portfolio now includes Vulcan Free, which provides some of the company’s core prioritization and vulnerability management features, and its existing free vulnerability intelligence database.

Vulcan Cyber raises $4M for its vulnerability remediation platform

Vulcan Cyber announces $10M Series A to automate security patching efforts

Posted on

Vulcan Cyber raises $21M Series B for its vulnerability remediation platform

Tel Aviv-based Vulcan Cyber, a cybersecurity startup that helps businesses prioritize and fix security vulnerabilities, today announced that it has raised a $21 million Series B funding round led by Dawn Capital. Wipro Ventures and existing investors YL Ventures and Ten Eleven Ventures also participated in this round. The company says it will use the new funding to roll out new remediation solutions and launch a free risk-based vulnerability management platform under the Vulcan Free monicker.

With this new round, Vulcan Cyber’s total funding to date is now $35 million. The company says it saw 500% growth in annual recurring revenue and new customer account metrics in 2020, with each user typically having between 10 and 100 users on the platform.

Image Credits: Vulcan Cyber

The company’s emphasis has always been on not just warning its customers about potential vulnerabilities but also helping them prioritize them based on the severity of the risk and the threat to a company’s business assets. Security teams, after all, are often overwhelmed by alerts and not every vulnerability a scanner represents is a high-priority risk for a business. The promise of Vulcan Cyber’s platform is that it helps these teams figure out where to best focus their resources.

While the funding is the headline news today, Vulcan’s new free offering is also worth a closer look.

Israel’s cybersecurity startup scene spawned new entrants in 2019

Cybersecurity pros have used open-source vulnerability scanners like Nessus for almost two decades. More recently, vulnerability management programs have used risk-based vulnerability management tools to prioritize scan results to determine specific risk to the business and focus the remediation effort. The scan and prioritize functions are fundamental, necessary elements of any mature remediation program,” Yaniv Bar-Dayan, Vulcan Cyber’s CEO and co-founder said about the new free offering. “But now the industry has a free vulnerability prioritization engine to complement the scanners. This round of funding allows us to provide the Vulcan Free service to the cybersecurity industry to help businesses achieve cyber hygiene. This move shifts the economics of our market and will push CISOs and CIOs to dedicate more budget and resources not just on simple scan and prioritize paper pushing, but on driving actual remediation outcomes. We hope this will help the industry get fix done more effectively.”

With this new free offering, Vulcan’s freemium portfolio now includes Vulcan Free, which provides some of the company’s core prioritization and vulnerability management features, and its existing free vulnerability intelligence database.

Vulcan Cyber raises $4M for its vulnerability remediation platform

Vulcan Cyber announces $10M Series A to automate security patching efforts

Posted on

Decrypted: Tesla’s ransomware near miss, Palantir’s S-1 risk factors

Another busy week in cybersecurity.

In case you missed it: A widely used messaging app used by over a million protesters has several major security flaws; a little-known loophole has let the DMV sell driver’s licenses and Social Security records to private investigators; and the U.S. government is suing to reclaim over $2.5 million in cryptocurrency stolen by North Korean hackers from two major exchanges.

But this week we are focusing on how a Tesla employee foiled a ransomware attack, and, ahead of Palantir’s debut on the stock market, how much of a risk factor is the company’s public image?

THE BIG PICTURE

Russian charged with attempted Tesla ransomware attack

$1 million. That’s how much a Tesla employee would have netted if they accepted a bribe from a Russian operative to install malware on Tesla’s Gigafactory network in Nevada. Instead, the employee told the FBI and the Russian was arrested.

The Justice Department charged the 27-year-old Russian, Egor Igorevich, weeks later as he tried to flee the United States. According to the indictment, his plan was to ask the employee to deliberately deploy ransomware on the Gigafactory’s network, grinding the network to a halt for a ransom of several million dollars. The would-be insider threat is likely the first of its kind, one ransomware expert told Wired, as financially driven hackers continue to up their game.

Tesla founder Elon Musk tweeted earlier this week confirming that Tesla was the target of the failed attack.

The attack, if carried out, could have been devastating. The indictment said that the malware was designed to extract data from the network before locking its files. This data-stealing ransomware is an increasing trend. These hacker groups not only encrypt a victim’s files but also exfiltrate the data to their servers. The hackers typically threaten to publish the victim’s files if the ransom isn’t paid.

As ransomware gets craftier, companies must start thinking creatively