Information Technology

June Wan/ZDNet
When buying a new phone, carriers and retailers often pitch discounts in the form of trade-in offers. That is if you send in an old phone that meets the vendors’ requirements in exchange for tens to hundreds of dollars off your new one. This process has become more aggressive over the past years, with stores like AT&T now willing to sell you the latest

Samsung

 or

Apple

 device for free, as long as you trade in a functioning phone — cracked or not. Still, trading in is not as simple as powering off your device and handing it to your local store associate. A phone that has not been properly factory reset backed up or shipped in the appropriate supplies can delay the evaluation process for your discount and, in the worst case, be deemed as ineligible for any offer. That’s why we’ve curated this guide to help you through all the steps and best practices for a burden-less trade-in experience.Backing up your data (contacts, photos, etc.)The first practice that you should always do when switching to a new phone is backing up the data and files on your old one. You wouldn’t want to lose all those pictures, videos, contacts, and text messages, right? For iOS or Android, the backup process is fairly straightforward, with multiple options to get the job done. Just make sure that your phone is charged up (at least 75%, ideally) so that it doesn’t power off in the middle of the transferring. More: The best places to sell or trade your current smartphoneBacking up an iPhone via iCloud

If you’re switching between

iPhones

, I’d recommend backing up your files through iCloud, Apple’s cloud storage service. Not only will you be able to upload and download data from your Apple devices, but the service will also be available for you to peruse via the web (

iCloud.com

). By default, Apple offers 5GB of free iCloud storage to keep your photos, contacts, notes, and more intact. If more is needed, you can opt into 50GB, 200GB, and 2TB storage plans for $0.99, $2.99, and $9.99 a month, respectively. For getting your files from one iPhone to another, I think paying for one month’s service is definitely worth the convenience. Tip: If you’ve never subscribed to an iCloud plan, Apple will actually offer you a free, one-time trial that lets you use as much iCloud storage as you need to transfer your data onto your new iPhone. To see if you’re eligible, open up the settings app > tap General > Transfer of Reset iPhone > Get Started within the Prepare for New iPhone bubble. Otherwise, here’s how to back up your iPhone data via iCloud:Open up the settings app > tap into your profile tab at the top > iCloud > toggle on or off all the items that you’d like to back up. When you’re set, tap iCloud Backup > Back Up Now. The duration of the process will vary depending on how many files you’re storing in the cloud.
June Wan/ZDNet
Backing up an iPhone via iTunes (computer)You can also backup your iPhone data onto a computer via Apple’s iTunes program (yes, it’s still active). While this method is a little more labor-intensive, it’s free, and you will have most, if not all, of your files stored locally. First, make sure your MacOS or Windows-powered computer has iTunes installed. If not, you can

download it here

. Once installed, here’s how to back up your iPhone:Connect your device to your computer with a

Lightning to USB-C

or

USB-A

cable.Open the iTunes software on the computer and click the Device button at the top left. The icon shows a small iPhone. Now click Summary under your iPhone information > Back Up Now.iTunes allows you to back up text messages, call logs, contacts, photos, videos, and more. You can see what’s been backed up by clicking Edit > Preferences > Devices. Tip: Apple’s

Genius Bar

will help and walk you through the backup process for your iPhone. The service is free and requires a reservation.Backing up an Android device via Google

Like the iPhone and Apple’s iCloud, the most convenient way to backup an Android device is through Google’s cloud service, Google One. It’s built into your Android phone — whether it’s a

Samsung Galaxy

,

Pixel

, or

OnePlus

 — and easily accessible. The catch is that Google only offers every user 15GB of free storage, so if you’re in need of more space, you’ll have to opt into one of its

paid plans

. Pricing goes as follows: 100GB for $2 a month or $20 a year, 200GB for $3 a month or $30 a year, and 2TB for $10 a month or $100 a year. Once you’ve decided on a plan, here’s how to initiate the backup process: Open up your settings > Google > scroll down and tap Backup.For a breakdown of your backup(s), you can download the free Google One app > tap the Storage tab under Device Backup.If it’s your first time doing this and you’re backing up a lot of files, the process can take up to hours. So, make sure that your phone is either charged enough or plugged into a charger.
June Wan/ZDNet
Backing up an Android device via PC (Windows)While Android doesn’t have an iTunes alternative, you can backup your data directly onto a Windows PC or external hard drive for free. To do this:Connect your device to your PC with a

USB-C

(or

MicroUSB

) to USB-A cable. You may have one already that came with your old or new phone. To let your computer know that you’re connecting the phone to transfer files and not just to charge it, slide down the notification panel on your phone > tap the Charging this device via USB notification > make sure File transfer is selected.Open up your PC’s Windows File Explorer and click on your phone’s name on the left panel. Now, you can copy any or all files within your phone’s folders and paste them into your PC or external hard drive. Tip: Not every folder is named in a user-friendly manner. For example, if you’re copying over photos, you’ll want to find a folder labelled DCIM, not Camera.Resetting your phoneNow that all of your information is safely stored, you’ll want to factory reset your phone and give it a thorough cleaning before sending it out. Follow the steps below, and your phone will be as clean of a slate as can be, with no personal data left behind. Factory resetting an iPhoneOpen your settings app > tap General > scroll down to Transfer or Reset iPhone > Erase All Content and Settings > Continue > type in your iPhone passcode to confirm the reset. This procedure will wipe the apps and data of your device, as well as remove your Apple ID, Find My setting, and Apple Wallet from the iPhone.
June Wan/ZDNet
Factory resetting an AndroidAccessing the factory reset settings on Android is a little more complicated as the pathway depends on what brand you’re using. However, one method that works for all manufacturer devices is to open your settings and searching “factory reset” at the top. If you’re on a Samsung device, open the settings > scroll down to General management > Reset > Factory data reset > Reset. You’ll then be prompted to type in your passcode.Once your phone has fully reset itself, power it off, and remove your SIM card and case.Also: Best green phone: Sustainable and eco-friendly phonesShipping and handing offIf you’ve followed through all the instructions above, you’re just one last step away from trade-in bliss. Whether you’re shipping your old phone out to trade in or handing it over at a physical store, you should always, always double-check that it’s in the condition that you and the retailer agreed to. For most trade-ins, retailers require your device to meet the following qualifications: No cracks or heavy wear, powers on and holds a charge, and is fully paid off with no past-due balances. Phone boxes make for excellent packaging when trading in an old phone.
June Wan/ZDNet
When shipping any electronic device, ensure that it’s securely packed with bubble wrap, peanuts, or other layers of cushioning. If you have the original box for your phone, use it! Phone boxes are designed to keep the device snug and protected. However, most trade-in programs do not require you to pack the original charger and accessories. Lastly, it won’t hurt to mark the package with a “Fragile: Handle with Care” signage. Tip: Before sending your old phone out, use a secondary device (or your new phone if you’ve received it) to document its condition. Take clear pictures and videos of the phone’s screen, back, cameras, ports, and it turning on and off. This step is vital because once you ship your phone out, damage during delivery and other mishaps may occur, ultimately weighing into how much money a retailer will value the device for. With proof and documentation of its previous condition, you should have no trouble denying any suspicious evaluations. That’s it. Your phone is backed up, factory reset, and ready to be traded in. Did you find this guide useful? Let us know by commenting down below, as well as any other tips or questions you have regarding the trade-in process.

ZDNet Recommends More

Hackers linked to the Iranian Ministry of Intelligence and Security are exploiting a range of vulnerabilities to conduct cyber espionage and other malicious attacks against organisations around the world, a joint alert by US and UK authorities has warned. The advisory by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Cyber Command Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC) says an Iranian government-sponsored advanced hacking operation known as MuddyWater is going after a wide range of targets. 

ZDNet Recommends

These include telecommunications, defence, local government, and oil and natural gas organisations across Asia, Africa, Europe, and North America. According to CISA, the aim of the attacks is to gain access to networks to steal passwords and sensitive information “to share these with other malicious cyber actors”. SEE: Cybersecurity: Let’s get tactical (ZDNet special report)The group are known to exploit publicly reported vulnerabilities and use open-source tools and strategies to gain access to sensitive data on victims’ systems and deploy ransomware, the agencies said. MuddyWater – also known as Earth Vetala, Mercury, Static Kitten and Seedworm – has been active since at least 2018. Many of the campaigns leverage phishing attacks to coax targets into downloading ZIP files containing Excel files with malicious macros or PDFs that drop malicious payloads. MuddyWater campaigns deploy many different forms of malware to act as loaders and backdoors onto compromised networks. The main loader is a new variant of PowGoop malware, which consists of a DLL loader and a PowerShell-based downloader. The malicious file impersonates a legitimate file that is signed as a Google Update executable file. Another form of malware used in the attacks is Small Sieve, a Python backdoor that disguises malicious executables and uses filenames and registry key names associated with Microsoft’s Windows Defender to avoid detection while it helps to expand a foothold in the compromised network. Other malware used in the Iranian campaigns include Canopy, a malicious Windows script distributed by phishing emails, and Mori, a backdoor that uses Domain Name System tunneling to communicate with the group’s control infrastructure. The agencies have also identified a new PowerShell backdoor described as lightweight in functionality but capable of encrypting communications with command and control servers. The Iranian hackers use a variety of known vulnerabilities, which CISA has detailed in an alert. Therefore, organisations can help protect their networks from being compromised by installing security updates for operating systems, software and firmware as soon as they’re released. Of course, using antivirus and keeping it up to date is also suggested. CISA also recommends the use of multi-factor authentication whenever possible and limiting the use of administrator privileges for most users – both actions create additional barriers for attackers. It’s also recommended that organisations deploy application control software to limit the applications and executable code that can be run by users. Finally, users should be trained to identify and report suspected phishing attacks. MORE ON CYBERSECURITY More

Burnout has become endemic in the tech industry.
Image: Westend61/GETTY
With the number of data breaches in 2021 soaring past that of 2020, there is even more pressure on security teams to keep businesses secure in 2022. But at a time when strength and resilience have never been more important, burnout, low staff morale and high employee turnover could put businesses on the backfoot when attempting to manage the mounting cybersecurity threat.Employers are already face something of a dilemma when it comes to cybersecurity in 2022. Not only is the number of attempted cyberattacks escalating worldwide, but employers face the added pressure of a tightening hiring market and record levels of resignations that are also affecting the tech industry.

This battle for talent could hit cybersecurity particularly hard. According to a survey of more than 500 IT decision makers by threat intelligence company ThreatConnect, 50% of private sector businesses already have gaps in basic, technical IT security skills within their company. What’s more, 32% of IT managers and 25% of IT directors are considering quitting their jobs in the next six months – leaving employers open to a cacophony of issues across hiring, management, and IT security.SEE: Cybersecurity is tough work, so beware of burnoutMany employees are being lured away by the prospect of better pay and more flexible working arrangements, but excessive workloads and performance pressures are also taking their toll. ThreatConnect’s research found that high levels of stress were among the top three contributors to employees leaving their jobs, cited by 27% of survey respondents. Burnout threatens cybersecurity in multiple ways. First, on the employee side. “Human error is one of the biggest causes of data breaches in organisations, and the risk of causing a data breach or falling for a phishing attack is only heightened when employees are stressed and burned out,” says Josh Yavor, chief information security officer (CISO) at enterprise security solutions provider Tessian.A study conducted by Tessian and Stanford University in 2020 found that 88% of data breach incidents were caused by human error. Nearly half (47%) cited distraction as the top reason for falling for a phishing scam, while 44% blamed tiredness or stress.”Why? Because when people are stressed or burned out, their cognitive load is overwhelmed and this makes spotting the signs of a phishing attack so much more difficult,” Yavor tells ZDNet. Threat actors are wise to this fact, too: “Not only are they making spear-phishing campaigns more sophisticated, but they are targeting recipients during the afternoon slump, when people are most likely to be tired or distracted. Our data showed that most phishing attacks are sent between 2pm and 6pm.” Carlos Rivera, principal research advisor at Info-Tech Research Group, says the role exhaustion plays in making a company susceptible to phishing attacks should not be shrugged off or underestimated. It is, therefore, good practice to create a simulated phishing initiative as part of an organization’s security awareness programme, he tells ZDNet.”This program can be optimized by enforcing an hour’s worth of training per year, which can be carved into five-minute training sessions per month, 15 minutes a quarter,” says Rivera. “In order to have the most impact on your training effectiveness, base it on topics stemming from current events that typically manifest as tactics, techniques and procedures used by hackers.”SEE: Cybersecurity training isn’t working. And hacking attacks are only getting worse A report by analyst Gartner recently argued that the role of the cybersecurity leader needs to be “reframed” from one that predominantly deals with risks within the IT department to one that is responsible for making executive-level information risk decisions and ensuring business leaders have comprehensive cybersecurity knowledge.The analyst predicts that 50% of C-level executives will have performance requirements related to cybersecurity risk built into their employment contracts by 2026. This would mean that cybersecurity leaders will have less direct control over many of the IT decisions that would fall within their remit today.”Cybersecurity leaders are burnt out, overworked and in ‘always-on’ mode,” said Sam Olyaei, research director at Gartner. “This is a direct reflection of how elastic the role has become over the past decade due to the growing misalignment of expectations from stakeholders within their organisations.”Yavor also says it is critical to consider how burnout affects security teams and the knock-on effects for the wider organization. According to Tessian research, security leaders work an average of 11 hours extra per week, with one in 10 leaders working up to 24 hours extra a week. Much of this time is spent investigating and remediating threats caused by employee mistakes, and even when they’ve logged off, some 60% of CISOs are struggling to switch off from work because of stress.”If CISOs are experiencing this level of burnout, imagine the impact this has on the wider organisation as well as the people they work with. You’re going to lose good people if teams are constantly burned out.”Glorifying overworkThe culture around cybersecurity also needs to change, which Yavor believes wrongly idolizes overtime and sacrificing personal wellbeing for the sake of the company. “As security leaders, some of our most exciting stories include pulling all-nighters to defend the organisation or investigate a threat. But we often fail to acknowledge that the need for heroics usually indicates a failure condition, and it is not sustainable,” he says.”As leaders, it’s critical that CISOs lead by example and to set their teams up for sustainable operational work. Ensure there is confidence in the boundaries that are set – when you’re off call, you’re off call – and that the whole team feels supported.”Rivera points out that the growing popularity of remote working might be increasing the tendency of staff to put in longer hours, which may “contribute to burnout, unaccounted absences and in some cases, higher than expected turnover.”SEE: Tech workers are frustrated and thinking about quitting. Here’s what might persuade them to staySecurity and tech teams should work with other departments to bring organizational awareness to the issue of burnout and overwork, Rivera says, which can help managers identify single points of failure and instil a culture of resiliency within the company.This approach includes adopting a “left-shift mindset” within the development environment, where burnout and stress can lead to errors slipping through the gaps and making their way into published code. “Organizations will face the least risk when introducing security as early as possible in the development process and leveraging tools to automate and support this goal,” says Rivera.On the technical front, building a continuous improvement/continuous delivery (CI/CD) pipeline – and deploying tools such as an integrated development environment (IDE) – will give organizations the best chance of success. “An IDE will consist of a source code editor, debugger and build automation tools to provide the developer with self-service capabilities and identify errors in near real-time. IDE coupled with static analysis security testing and open-source scanning automated into the build pipeline will provide effective defect mitigation,” Rivera adds.Like any job function, communication is also critical. CISOs need to do a better job of communicating their capacity constraints, which Yavor says will set a precedent within the wider organization in admitting their own limitations.”Be comfortable in saying, ‘it’s not possible for me to do these things, with the resources and the constraints we currently have,'” he says. “There is this unfortunate trend of heroism in the security industry – and that mindset needs to change.”MORE ON CYBERSECURITY More

The government of Ukraine has reportedly sent out a call for volunteers with hacking skills to help protect the country’s critical infrastructure. 

Ukraine Crisis

On February 24, Reuters reported that notices backed by the government have appeared on online forums. Yegor Aushev, the co-founder of Cyber Unit Technologies and a figure known in Ukrainian circles for promoting the development of ethical hacking, told the news agency that he wrote the post following a request from a senior Defense Ministry official. Another individual involved in the scheme confirmed to the publication that the request was issued on Thursday morning as Russia began to invade Ukraine.  The post read, “Ukrainian cybercommunity! It’s time to get involved in the cyber defense of our country.” Aushev told Reuters that after applying to help through a Google document that also requires skills to be listed, volunteers would be divided into “defensive and offensive” teams.  Defensive volunteers would focus on protecting critical assets, including energy and water utilities, whereas offensive groups would be asked to help Ukraine’s military with cyberespionage and monitoring invading forces.  Ukraine experienced a cyberattack against its power grid in 2015, causing hundreds of thousands of Kyiv residents to lose access to electricity for roughly an hour. It is believed that Russian cyberattackers were behind the assault.  Also: Industroyer: An in-depth look at the culprit behind Ukraine’s power grid blackout On February 23, Ukraine’s State Service of Special Communications and Information Protection said that a number of government websites experienced outages due to a wave of distributed denial-of-service (DDoS) attacks. Websites impacted reportedly included the Ukrainian Ministry of Foreign Affairs, Ministry of Defense, and Ministry of Internal Affairs. Wiper malware was also discovered.Microsoft previously warned that multiple organizations in Ukraine had been targeted with destructive malware.  NetBlocks reported on February 24 that Ukraine’s second-largest city, Kharkiv, has experienced “network and telecoms disruptions, leaving many users cut off” from services. When approached by Reuters, the Ukraine Defense Ministry did not respond to requests for comment.See also Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Image: Getty Images
Telstra has warned organisations to not rely purely on technological capabilities when defending against cyber threats, pointing to a need for “the other parts of cybersecurity” such as cyber risk management programs also be prioritised.”An information security management system that is driven by managing cyber risk provides the governance of cybersecurity that’s required to go along with all of the technology components that are regularly found to be in place,” said John Powell, Telstra Purple principal security consultant. In terms of how organisations should undertake the development of cyber risk management programs, Powell said the approach for each organisation would need to be sector-specific rather than focusing on creating “bank-level security”. “[There’s] this misconception that there is ‘bank-level security’. The key to cyber risk management and information security management is the understanding of your contextual risk,” Powell explained. “So we look at the organisation’s threat landscape, we look at the organisation’s assets, and that helps us to determine what the organisation’s risks are. From that point, we then work with the organisation to understand what controls they need to put in to deal with their risks so understanding the risk of the organisation itself is what is the right risk management or cybersecurity posture.” The warning came alongside Telstra Purple launching what it has described as a “bespoke offering” for helping customers comply with the federal government’s recent critical infrastructure reforms. The reforms have so far come in the form of two pieces of legislation, with the first one already being passed in December to give government “last resort” powers to direct a critical infrastructure entity on how to intervene against cyber attacks. The second piece of legislation, currently before Parliament, looks to add requirements for critical infrastructure entities to have risk management programs in place and entities deemed “most important to the nation” to adhere to enhanced cybersecurity obligations. The risk management program under the second set of laws would have to identify hazards, including cyber risks, to critical infrastructure assets and the likelihood of them occurring. Telstra Purple’s new service entails providing advice about the development of a cyber risk management program, cyber detection and response, incident response readiness assessments, vulnerability assessments, and cyber exercises. Powell said the target demographic of this new service would be critical infrastructure entities covered by the reforms as well as the supply chain partners to these entities. “[Telstra Purple’s role] is to actually present to customers and talk about security issues, and help understand some of the security implications associated with either being a critical infrastructure operator or a responsible entity for critical infrastructure asset or being in that supply chain,” Powell explained. Powell’s warning comes shortly after Prime Minister Scott Morrison called for organisations to boost their cyber defence in light of the Australian government joining other Western governments in placing sanctions on Russia for its invasion into Ukraine. Morrison said the government had already privately reached out to some entities and that local organisations should read guidance issued by the Australian Cyber Security Centre (ACSC).  The prime minister added that cyber would be the most obvious vector for Russian retaliation, and that companies could be targeted as well as be cyber collateral damage. “The cyber attacks can sometimes come from miscalculation and misadventure, we have seen that in the past, where cyber attacks have sought to let loose various worms … or viruses and they get out of control of those who put them in the system,” he said. Related Coverage More

An Irish news outlet is reporting that the country’s healthcare system will have to spend more than $48 million recovering from a widespread ransomware attack by the Conti group that took place last year.In a letter obtained by RTÉ, Health Service Executive interim chief information officer Fran Thompson said the costs associated with the ransomware attack include $14.2 million for ICT infrastructure, $6.1 million to pay for outside cybersecurity assistance, $17.1 million for vendor support and $9.4 million for Office 365. 

ZDNet Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read More

The letter was sent to Aontú party leader Peadar Tóibín, and Thompson noted that they are projecting the end cost to be more than $100 million. That $100 million does not include the costs associated with implementing the recommendations passed down in the detailed PWC report on the attack. Conti attacked Ireland’s Health Service Executive in May 2021, causing weeks of disruption at the country’s hospitals. The country refused to pay the $20 million ransom.According to RTÉ and the BBC, dozens of outpatient services were canceled, a vaccine portal for Covid-19 was shut down, and the country spent weeks trying to bring its healthcare IT system back online. The Journal reported that 85,000 computers were turned off once the attack was noticed and that cybersecurity teams went through all 2,000 different IT systems one by one. Irish Foreign Minister Simon Coveney called it a “very serious attack” while Irish Minister of State Ossian Smyth said it was “possibly the most significant cybercrime attack on the Irish State.”  Emergency services still operated, but many radiology appointments were canceled, according to a government statement. There were delays in COVID-19 test result reporting as well as delays with issuing birth, death, or marriage certificates. Pediatric services, maternity services, and outpatient appointments in certain hospitals were all affected by the attack, according to The Journal. 

Dublin’s Rotunda Hospital, The National Maternity Hospital, St Columcille’s Hospital, Children’s Health Ireland (CHI) at Crumlin Hospital, The UL Hospitals Group all reported varying levels of IT outages. Health Minister Stephen Donnelly added that the HSE payment system was downed by the attack. The 146,000 people working in the healthcare industry faced issues with full payment. Ransomware experts said that while the numbers seem large, ransomware recovery is an incredibly complex process. Emsisoft threat analyst Brett Callow said recovery costs can be extraordinarily high, as evidenced by the situation facing Scripps Health.”After a ransomware attack in May 2021, Scripps Health estimated its losses for Q3 of that year to be $112.7 million. It should be noted that some of the costs associated with incidents are effectively catch-up spending as organizations address whatever weaknesses enabled the attack to succeed,” Callow said. “In other words, they pay off their security debt. Additionally, the costs do not necessarily include the remediation of the incident. Lost trust, lost opportunities, and class actions can all have an ongoing impact.”Recorded Future ransomware expert Allan Liska noted that major municipalities in the US have similarly had to spend millions recovering from ransomware attacks. Baltimore, Atlanta, and other cities have had to spend millions on ransomware recovery. 

While the numbers seen in Ireland are high, Liska said it accurately reflects how devastating and thorough the attack was on HSE. It also showed that HSE is serious about not only recovering, but improving their security going forward.”That 100 million number likely reflects not just the recovery but implementing new security protocols adding new capabilities and erasing what is likely years of technical debt that had been accumulating. Most organizations don’t do that during a recovery, they do some of it. You almost have to, but they can’t afford to implement everything they need to fully protect their organizations,” Liska said. “I think people are amazed at how much recovering from a ransomware attack can really cost. When Baltimore was hit with a ransomware attack recovery costs were estimated at $18 million. Atlanta spent $17 million to recover. Ransomware recovery is expensive, we (the public) just don’t see the true costs most of the time.” More

Ping Identity delivered better-than-expected fourth quarter earnings results on Thursday, reporting a Q4 revenue of $75.4 million and total revenue for the full year of $299.4 million. The company, which “delivers intelligent identity solutions for the enterprise,” reported a non-GAAP net loss per share of $0.13 for the quarter and a non-GAAP net earning per share of $0.10 for the full year. 

ZDNet Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read More

Wall Street was expecting a non-GAAP loss of $0.10 a share and a revenue of $71.4 million for the quarter.”We and our customers are building a new security perimeter focused on identity and Zero Trust, one that aims to do away with the data-center perimeter that permeated the past,” said Andre Durand, Ping Identity’s CEO. “In 2022, we are centered on four strategic growth pillars: further driving our cloud transformation, extending our leadership in the customer use case, deepening our channel relationships, and ensuring our solutions drive accelerating demand among our enterprise customers in existing and new markets.”For the fourth quarter, the company reported an ARR of $312.7 million, a 21% increase compared to last year. Subscription revenue was $70.4 million, or 93% of total revenue. SaaS revenue grew 56% to $16.9 million in the fourth quarter, driven by the adoption of Ping Identity’s PingOne solutions. For the full year, SaaS revenue was $57.6 million. The company ended 2021 with 1,468 customers, 71 of which had more than $1.0 million in ARR. Ping Identity is modeling first quarter revenue between $78 million and $82 million, with a total ARR between $320 million and $324 million. For the full year, Ping Identity predicted a total ARR between $378 million and $385 million as well as a revenue between $330 million and $340 million. “We delivered yet another strong quarter including a significant milestone as we surpassed 25% of our ARR coming from SaaS,” said Raj Dani, Ping Identity’s Chief Financial Officer.”With year-over-year ARR growth of 21%, we’ve now seen four quarters of sequential accelerating ARR growth and expect this trend to continue on the glidepath towards our long-term goal of $1 billion in ARR.”

Tech Earnings More

The White House has denied reports that it is considering a range of cyberattacks on Russian infrastructure in response to the invasion of Ukraine. 

Ukraine Crisis

The denials came after NBC News reported US President Joe Biden was offered options that included the use of American cyberweapons “on a scale never before contemplated.”Reporters for NBC News claimed they were told by two US intelligence officials, one Western intelligence official, and another person briefed on the matter that Biden was given options such as shutting off electric power in Russia, disrupting the country’s internet connectivity, and damaging railroad switches.One official claimed the US could “do everything from slow the trains down to have them fall off the tracks.” Within an hour of the story being published, multiple White House officials came out against it, denying its accuracy. White House spokesperson Emily Horne called the story “wildly off base.””This report on cyber options being presented to [the President] is off base and does not reflect what is actually being discussed in any shape or form,” said White House Press Secretary Jen Psaki.

This report on cyber options being presented to @POTUS is off base and does not reflect what is actually being discussed in any shape or form.— Jen Psaki (@PressSec) February 24, 2022

The NBC report noted that some US officials believe if the cyberattacks simply disrupt systems and refrain from the destroying them, they will fall short of being considered “acts of war.” According to the sources that spoke to NBC, the US government would not publicly take credit for the attacks and would most likely make them covertly.  The denials came before Biden spoke to the press and discussed how the US may respond if cyberattacks expand beyond Ukraine and affect US organizations.   “If Russia pursues cyberattacks against our companies, our critical infrastructure, we’re prepared to respond. For months, we’ve been working closely with the private sector to harden our cyber defenses [and] sharpen our response to Russian cyberattacks,” Biden told reporters on Thursday. Ukraine faced a barrage of DDoS incidents and a new form of disk-wiping malware before Russian-backed forces invaded the country on Wednesday. Ukraine has continued to face intermittent DDoS incidents, according to Doug Madory, director of internet analysis at Kentik. He noted that the Ukraine State Cyber Protection Center, Secretariat of the Cabinet of Ministers of Ukraine, and another platform that hosts some Ukrainian government sites are facing the most DDoS attacks. Internet access in Ukraine on Thursday. 
Netblocks
“The internet of Ukraine is under severe stress presently. Following the initiation of hostilities last night, we began seeing sporadic outages across the country. At the same time, the DDoS attacks directed against Ukrainian institutions that began last week are continuing,” Madory said. Netblocks has also confirmed a number of outages throughout Ukraine since the invasion began, including ones in major cities like Kharkiv and Mariupol. Madory added that he is also seeing DDoS attacks against Russian government websites. Some online, including Netblocks, confirmed that some Russian government sites were inaccessible but opinions were split on whether access was being intentionally stopped by Russian officials or if DDoS incidents were causing the issues. 

Russia released its own alert about potential cyberattacks, warning that “in the current tense geopolitical situation, we expect an increase in the intensity of computer attacks on Russian information resources, including critical information infrastructure facilities.”Many experts urged restraint on both sides, warning that cyberattacks on infrastructure have been a red line that few countries have crossed. Coalfire Field CISO John Hellickson said launching a cyberattack would set a dangerous precedent going forward. “Would this cyberattack be considered a direct act of war?” Hellickson asked. “Given the challenges in executing strong cybersecurity across critical infrastructure here at home, a retaliation by Russia and/or their sympathetic allies could have devasting impacts on these services that Americans rely upon. I believe we need to avoid crossing the line of such considerations as it’s difficult to predict the impacts of a likely retaliation.” More