Orca Security Ltd., an Israeli-based cloud security startup with U.S. headquarters in Los Angeles, has closed a $210 million Series C round and has plans to expand locally as it takes on competitors.
"This cash infusion makes Orca one of the world's fastest cybersecurity companies to reach unicorn status," said Shua, referring to privately held startups valued at over $1 billion. He said Orca plans to become a publicly traded company at some point. "We are not looking to get acquired."
Orca Security has assembled a who's who list of clients. It includes online stock trader Robinhood, New York-based insurer Lemonade, San Francisco-based data analytics firm Databricks and North Carolina-based digital bank Live Oak Bank.
It provides cloud security through its patent-pending "SideScanning" technology. The technology plugs up potential vulnerabilities from cyber threats and replaces them by combining everything into a single platform.
The round was led by Mountain View-based CapitalG, Google's independent growth fund and Menlo-based Redpoint Ventures, said co-founder and CEO Avi Shua, in an interview.
But their biggest rival is Santa Clara-based Palo Alto Networks Inc., which has been in a public spat with Orca. Shua said his company is not backing down.
Over the next year, Orca Security plans to "rapidly grow its headcount" in L.A. by hiring more marketing personnel and engineers, as well as beef up its research and development operation in Tel Aviv, Shua said. It also plans to form sales offices in the United Kingdom and Australia.
The company has plans to move into a brick-and-mortar spot in L.A. once pandemic restrictions are lifted.
"It is a prime location," Shua said. "The future for us is hybrid."
Other participants in this latest round include previous investors such as San Francisco-based ICONIQ Capital, Menlo Park-based GGV Capital and San Francisco-based SVCI, or Silicon Valley CISO Investments, an angel investing syndicate geared to chief information security officers.
Founded in December 2019, Orca Security raised $55 million in Series B funding three months ago, and $20 million in a Series A round in May – giving the technology company a market valuation of $1.2 billion, said Shua in the interview.
Three North Korean hackers allegedly tied to the infamous 2014 attack on Sony Pictures Entertainment have been indicted for a wide range of cybercrimes, including an attempt to steal and extort over $1.3 billion in fiat and cryptocurrency.
The U.S. Department of Justice filed the indictment to a Los Angeles federal court in December but it wasn't unsealed until Wednesday. It accuses Jon Chang Hyok, 31, Kim Il, 27 and Park Jin Hyok, 36, of being members of a North Korean military agency that engaged in criminal hacking, including the 2014 cyberattack on Sony in retaliation for the studio's depiction of a fictional assassination of the North Korean leader in "The Interview."
The indictment expands on previous charges levied by the DOJ in 2018.
It also pegs the men to several other heists, schemes, extortions, and computer viruses that allegedly occurred between 2015 and 2020.
From 2015 through 2019, the three are accused of attempting to steal more than $1.2 billion from banks in Vietnam, Bangladesh, Taiwan, Mexico, Malta and unspecified locations in Africa by hacking the banks' computer networks.
Left to right: Park Jin Hyok, Kim Il and Jon Chang Hyok were indicted by the FBI for cyber crimes on Wednesday.
From December 2017 through August 2020, the cabal allegedly tried to steal over $100 million in cryptocurrency from companies in Slovenia, Indonesia and New York.
The hackers are also alleged to be behind the WannaCry ransomware, which unleashed a worldwide attack that infected an estimated 200,000 Windows computers in 2017. They demanded a ransom payment made in Bitcoin to restore the computers to working condition.
Jon, Kim and Park are charged with one count of conspiracy to commit computer fraud and abuse, with a maximum sentence of five years in prison; and one count of conspiracy to commit wire fraud and bank fraud, which carries a maximum sentence of 30 years.
The investigation was led by the FBI's L.A. field office.
Los Angeles is home to the nation's busiest port, moving $276 billion worth of goods last year. It's a big target for hackers as shippers increasingly rely on automated systems.
Every month there's about 40 million attempted cyber security breaches, port officials said. That includes everything from spam to malware fishing to more serious incidents that could halt shipments for much of the West Coast.
Back in 2017, a ransomware attack on Danish shipping giant A.P. Moller-Maersk, which has the region's largest terminal at the port, cost the company an estimated $300 million and slowed vessel movements on terminals for about two days in Los Angeles.
It's those kinds of incidents that officials are trying to stop before they happen.
Six years ago the port created a cybersecurity center — the nation's first — and on Monday announced it entered into a three-year, $6.8 million agreement with IBM to install, operate and maintain what it's calling a "Port Cyber Resilience Center" to identify malicious cyber attacks that can interrupt the flow of cargo.
The initiative has become especially pressing as the port pushes toward digitizing information about cargo movements and terminals automate their operations, bringing in waterfront robots to stack shipments.
"Automation and digital transformation is what's driving a lot of this," said Kevin Albano, a partner at IBM Security X-Force, the cybersecurity services arm.
Cybersecurity attacks on the maritime industry are up about 400% since the pandemic began, according to a report from Alianz.
Most of the attacks come through email, Albano said.
"It's pretty tough to defend against. Actors are getting better at knowing their targets" he said, adding that phishing emails can look like they really come from someone within the organization. "There's a lot of information out there about individuals from previous breaches."
About a third of ransomware engagements that IBM Security X-Force has responded to in 2020 came from Asia and North America.
The center was created to function as an alert system to link the port — which leases its land to international shipping companies — to the dozens of companies that rely on it. Those include shipping operators and logistics businesses that ferry truckloads of goods to major retailers from Amazon to Target to Home Depot.
Albano said information about security and intelligence will be shared on a closed network that includes 20 port partners and will eventually extend to about 100 in the coming years.
The Maersk attack, called NotPetya, was eventually traced to a compromised tax-accounting software widely used in Ukraine. NotPetya exploited a vulnerability in unpatched Microsoft Windows operating systems. The damaging attack struck thousands of companies around the world including U.S. pharmaceutical-maker Merck.
A former White House security official told Wired in 2018 the attack cost a total of more than $10 billion and pinned the blame on Russia.