Apollo, a San Francisco-based startup that provides a number of developer and operator tools and services around the GraphQL query language, today announced that it has raised a $22 million growth funding round co-led by Andreessen Horowitz and Matrix Partners. Existing investors Trinity Ventures and Webb Investment Network also participated in this round.
Today, Apollo is probably the biggest player in the GraphQL ecosystem. At its core, the company’s services allow businesses to use the Facebook -incubated GraphQL technology to shield their developers from the patchwork of legacy APIs and databases as they look to modernize their technology stacks. The team argues that while REST APIs that talked directly to other services and databases still made sense a few years ago, it doesn’t anymore now that the number of API endpoints keeps increasing rapidly.
Apollo replaces this with what it calls the Data Graph. “There is basically a missing piece where we think about how people build apps today, which is the piece that connects the billions of devices out there,” Apollo co-founder and CEO Geoff Schmidt told me. “You probably don’t just have one app anymore, you probably have three, for the web, iOS and Android . Or maybe six. And if you’re a two-sided marketplace you’ve got one for buyers, one for sellers and another for your ops team.”
Managing the interfaces between all of these apps quickly becomes complicated and means you have to write a lot of custom code for every new feature. The promise of the Data Graph is that developers can use GraphQL to query the data in the graph and move on, all without having to write the boilerplate code that typically slows them down. At the same time, the ops teams can use the Graph to enforce access policies and implement other security features.
“If you think about it, there’s a lot of analogies to what happened with relational databases in the ’80s,” Schmidt said. “There is a need for a new layer in the stack. Previously, your query planner was a human being, not a piece of software, and a relational database is a piece of software that would just give you a database. And you needed a way to query that database, and that syntax was called SQL.”
Geoff Schmidt, Apollo CEO, and Matt DeBergalis, CTO
GraphQL itself, of course, is open source. Apollo is now building a lot of the proprietary tools around this idea of the Data Graph that make it useful for businesses. There’s a cloud-hosted graph manager, for example, that lets you track your schema, as well as a dashboard to track performance, as well as integrations with continuous integration services. “It’s basically a set of services that keep track of the metadata about your graph and help you manage the configuration of your graph and all the workflows and processes around it,” Schmidt said.
The company also recently launched Apollo Federation, which makes it easier for businesses to work with a distributed graph. Sometimes, after all, your data lives in lots of different places. Federation allows for a distributed architecture that combines all of the different data sources into a single schema that developers can then query.
Schmidt tells me the company started to get some serious traction last year and by December, it was getting calls from VCs that heard from their portfolio companies that they were using Apollo.
The company plans to use the new funding to build out its technology to scale its field team to support the enterprises that bet on its technology, including the open-source technologies that power both the services.
“I see the Data Graph as a core new layer of the stack, just like we as an industry invested in the relational database for decades, making it better and better,” Schmidt said. “We’re still finding new uses for SQL and that relational database model. I think the Data Graph is going to be the same way.”
President Joe Biden has warned that cyberattacks could escalate into a full-blown war as tensions with Russia and China mounted over a series of hacking incidents targeting US government agencies, companies, and infrastructure.
Biden said on Tuesday that cyber threats including ransomware attacks “increasingly are able to cause damage and disruption in the real world.”
“If we end up in a war, a real shooting war with a major power, it’s going to be as a consequence of a cyber breach,” the president said in a speech at the Office for the Director of National Intelligence, which oversees 18 US intelligence agencies.
A number of recent hacks revealed the extent of US cyber vulnerability, ranging from extensive espionage breaches that have struck at the heart of government to ransomware attacks that have brought operations at an important oil pipeline and meat packing plants to a halt.
The Biden administration has accused the governments of Russia and China, or hackers based inside the two countries, of some of the attacks. US officials have warned that the administration would respond with a “mix of tools seen and unseen” actions, but cyber breaches have continued.
Although he did not say who such a war might be fought against, Biden immediately name-checked Russia’s president Vladimir Putin, alleging that Russia was spreading misinformation ahead of the 2022 US midterm elections.
“It’s a pure violation of our sovereignty,” he said.
“Mr. Putin… has a real problem. He is sitting on top of an economy that has nuclear weapons and oil wells and nothing else. Nothing else,” Biden said. “He knows he’s in real trouble, which makes him even more dangerous.”
At a June summit in Geneva, Biden personally warned Putin that the US would “respond with cyber” if the Russian state or Russian-based hackers targeted critical US infrastructure.
The prohibited sectors spanned energy, health care, IT, and commercial facilities, all of which have already allegedly been targeted by Russian hackers since the 2020 US elections. Others included transport, financial services, and chemicals.
Biden also said Chinese President Xi Jinping was “deadly earnest” about China becoming the most powerful military force in the world by the 2040s, as well as the largest and most prominent economy.
“It’s real… This boy’s got a plan,” Biden said, adding: “We better figure out how we’re going to keep pace without exacerbating [the situation].”
Biden stressed that cyberattacks were just one aspect of the growing threats facing the US, saying that there would be more developments in the next 10 years than in the past 50, placing a tremendous burden on the intelligence community.
July has so far ushered in at least two new ransomware groups. Or maybe they’re old ones undergoing a rebranding. Researchers are in the process of running down several different theories.
Both groups say they are aiming for big-game targets, meaning corporations or other large businesses with the pockets to pay ransoms in the millions of dollars. The additions come as recent ransomware intrusions of oil pipeline operator Colonial Pipeline, meat packer JBS SA, and managed network provider Kaseya have caused major disruptions and created pressure in Washington to curb the threats.
Haron: like Avaddon. Or maybe not
The first group is calling itself Haron. A sample of the Haron malware was first submitted to VirusTotal on July 19. Three days later, South Korean security firm S2W Lab discussed the group in a post.
Most of the group’s site on the dark web is password protected by extremely weak credentials. Once past the login page, there’s a list of alleged targets, a chat transcript that’s not fit to be shown in full, and the group’s explanation of its mission.
As S2W Lab pointed out, the layout, organization, and appearance of the site are almost identical to those for Avaddon, the ransomware group that went dark in June after sending a master decryption key to BleepingComputer that victims could use to recover their data.
The similarity on its own isn’t especially meaningful. It could mean that the creator of the Haron site had a hand in administering the Avaddon site. Or it could be the Haron site creator doing a headfake.
A connection between Haron and Avaddon would be more convincing if there were overlaps or similarities in the code used by the two groups. So far there are no such links reported.
The engine driving Haron ransomware, according to S2W Lab, is Thanos, a separate piece of ransomware that has been around since at least 2019. Haron was developed using a recently published Thanos builder for the C# programming language. Avaddon, by contrast, was written in C++.
Jim Walter, a senior threat researcher at security firm SentinelOne, said in a text message that he spotted what appear to be similarities with Avaddon in a couple of samples he recently started analyzing. He said he’d know more soon.
In the shadows of REvil and DarkSide
The second ransomware newcomer is calling itself BlackMatter. It was reported on Tuesday by security firm Recorded Future and its news arm The Record.
Recorded Future, The Record, and security firm Flashpoint, which also covered the emergence of BlackMatter, have questioned if the group has connections to either DarkSide or REvil. Those two ransomware groups suddenly went dark after attacks—against global meat producer JBS and managed network services provider Kaseya in REvil’s case and Colonial Pipeline in the case of DarkSide—generated more attention than the groups wanted. The Justice Department later claimed to have recovered $2.3 million from Colonial’s ransomware payment of $4.4 million.
But once again, the similarities at this point are all cosmetic and include the wording of a pledge, first made by DarkSide, not to target hospitals or critical infrastructure. Given the heat US President Joe Biden is trying to put on his Russian counterpart to crack down on Ransomware groups operating in Eastern Europe, it wouldn’t be surprising to see all groups follow DarkSide’s lead.
None of this is to say that the speculation is wrong, only that at the moment there’s little more than hunches for support.
A UK government agency is worried that OneWeb, SpaceX’s Starlink, and similar low Earth orbit (LEO) satellite-broadband systems could block each others’ signals.
Ofcom, the UK’s communications regulator, proposed new rules today in a report that details its interference concerns. Ofcom also said it intends to amend satellite licenses already issued to SpaceX and OneWeb to require coordination of frequency use. Without new requirements, the risk of interference could prevent competition by shutting new players out of the market, Ofcom said.
Non-geostationary satellite orbit (NGSO) systems are more complex than the traditional geostationary type because they use hundreds or thousands of satellites, Ofcom noted. “Satellite dishes need to track these satellites as they move across the sky, unlike existing satellite networks, where the dishes are fixed pointing at a single satellite which is stationary in the sky,” the Ofcom report said. Because so many low-Earth-orbit satellites are being launched, “there is a risk of satellites from two different operators appearing to be in the same part of the sky,” causing interference known as “in-line events” in which multiple operators’ satellites are lined up in the sky, Ofcom wrote.
This interference can affect uplink and downlink transmissions between satellites and user terminals that serve individual homes, the report said. The interference can also affect links between satellites and the Gateway Earth stations that connect to the Internet backbone.
“Since NGSO satellites are moving relative to each other and relative to the ground, in-line events may individually only be brief, maybe a few seconds,” Ofcom wrote. “However, if an in-line event occurs and causes interference, it may take longer for the terminal to reconnect to the network. The interference could continue to repeat over time, reoccurring in a regular pattern which will depend on the orbits of the respective systems.”
Outages from interference
Users could lose service when there’s interference to either the user terminal or gateway earth stations, but interference to a gateway station would affect many more users. “[T]he impact of interference on gateway links would be much greater than on individual user links as each gateway provides connectivity for many users (perhaps hundreds or thousands of users depending on the design of the system), so a loss of connection due to interference at the gateway will be experienced more widely across the network,” Ofcom wrote.
Gateway Earth stations operated by different companies “are likely to require large minimum separation distances” of tens of kilometers to avoid interference, Ofcom wrote. In contrast, “multiple GSO [geostationary satellite orbit] gateways can be located on a single site” without causing harmful interference to each other.
The Ofcom report listed five NGSO constellations that are planned or already semi-operational. The biggest example is SpaceX, which is offering beta service from 1,500 already-launched satellites and has over 4,400 satellites planned for its initial phase. Amazon’s Kuiper division hasn’t launched a satellite yet, but it has 3,236 satellites planned in its initial phase, the report noted.
OneWeb—which is co-owned by the UK government and Bharti Global—has launched over 200 satellites and has plans for 648 satellites in its initial phase. Telesat and Kepler round out the list, with plans for 298 and 140 satellites, respectively.
Here’s the Ofcom chart listing low-Earth-orbit satellite networks:
The US Federal Communications Commission in 2017 adopted rules, including power limits, to minimize the danger of interference in NGSO systems. The FCC adopted different rules for different slices of spectrum. In the 17.8 to 18.3 GHz band, for example, the FCC said, “while terrestrial use of this band is significant, there are areas, particularly rural areas, where terrestrial deployment is less dense and by using mitigating techniques like siting considerations, off-axis rejection, and shielding, we expect FSS [fixed-satellite service] earth stations will be able to operate successfully without receiving harmful interference… If interference does occur, earth stations can switch to other bands not shared with terrestrial users or use alternative mitigation techniques.”
The FCC also imposed specific conditions to prevent interference and space debris on licenses awarded to SpaceX, OneWeb, Amazon, and others.
Ofcom is worried that the global system for coordinating satellites, overseen by the International Telecommunication Union [ITU], isn’t good enough to prevent NGSO problems. “The potential for harmful interference between different satellite systems is usually managed by operators cooperating with each other under the ITU satellite coordination procedures,” Ofcom wrote.
The agency added:
However, coordination between NGSO systems is proving to be more challenging due to the dynamic nature of these systems, combined with operators having differing rates of deployment (some operators holding older filings will not deploy their systems for a few years) and changing their architecture over time. We are therefore concerned that NGSO satellite services could be deployed before an appropriate level of coordination has been possible with other operators.
Ofcom is also worried about the coexistence of user terminals when two or more companies provide LEO satellite service in the same area:
A lack of agreement over how user terminals of different systems can coexist in the same area and band could restrict competition as a result of earlier deployed systems hindering later ones. Once one operator starts deploying user terminals, other operators wishing to launch services using the same band may expect to experience harmful interference from the existing user terminals. In the worst case, this could mean that the quality of their broadband services would not be sufficiently reliable in order to enter the market. Nonetheless, the established player could have an incentive to cooperate given that the interference is likely to be mutual, i.e. their services could be degraded as well.
New rules, license changes
Ofcom said its goal in issuing new rules is to minimize interference while encouraging competition. The agency proposed, among other things, “an additional explicit license condition requiring NGSO licensees to cooperate so they can co-exist and operate within the UK without causing harmful radio interference to each other.” Ofcom said it also intends to “[i]ntroduce checks when we issue new NGSO licenses so that these are only granted if all systems (existing and new) are able to coexist and provide services to end users” and implement new conditions letting Ofcom “take action to resolve degradation to services if this were to occur at a particular location or location(s) in the UK.”
To preserve competition, Ofcom said it will “introduce a competition check” into its licensing process to account for the “technical constraints that the gateway or user terminals could create on future licensees.” Ofcom said:
In particular, in a market that was concentrated, if there was limited prospect of the licensee system and future systems (applicants) being able to technically coexist, then this could form a barrier to future entry to the market. As a result, we are proposing that a key piece of information that applicants should provide when applying for a network license is credible evidence about the technical ability for their system and future systems to coexist. This would include evidence about the flexibility of their system and/or what reasonable steps new licensees could easily undertake to protect them. This information would also be used when assessing whether it is reasonable for new applications and existing services to coexist, to understand the reasonableness of mitigations being undertaken by existing licensees.
Ofcom said it plans to review all NGSO licenses to determine which companies are using the same frequencies. The agency said it will also amend the existing licenses held by SpaceX Starlink, OneWeb, and Kepler. The changes would require “NGSO licensees to cooperate with the other NGSO licensees operating in the same frequencies so they can coexist,” and allow Ofcom “to require operators to take action in cases of interference between NGSO systems which impacts the provision of services to users in particular location(s) in the UK.”
Ofcom said it will take comments on its proposals until September 20, 2021.
We contacted SpaceX about Ofcom’s report and will update this article if the company provides a response.