UnitedHealth's "unfavorable cyberattack effects"

Today: the bill comes due for the massive ransomware attack on UnitedHealth's financial subsidiary, the Linux Foundation wants to build an open GenAI app development platform, and the latest funding rounds in enterprise tech.

UnitedHealth's "unfavorable cyberattack effects"
Photo by National Cancer Institute / Unsplash

Welcome to Runtime! Today: the bill comes due for the massive ransomware attack on UnitedHealth's financial subsidiary, the Linux Foundation wants to build an open GenAI app development platform, and the latest funding rounds in enterprise tech.

(Was this email forwarded to you? Sign up here to get Runtime each week.)


FSAs not accepted

Cybersecurity is viewed by too many enterprises as a cost center until the day they get a rude awakening. UnitedHealth is having a 2024 to forget after a ransomware attack disrupted the operations of its widely used billing unit for weeks, and while the financial consequences of that breach were painful, the long-term ramifications for big business could be profound.

The enormous health care conglomerate was hit with $872 million in "unfavorable cyberattack effects" during the first quarter, using a nauseating phrase Tuesday to describe the chaos that engulfed the healthcare system as well as hundreds of doctors' offices and clinics after Change Healthcare was breached. That number includes the costs of responding to the attacks as well as lost revenue, and the company expects the final damage total could be as high as $1 billion.

UnitedHealth CEO Andrew Witty tried to frame the company's response as a good thing for the healthcare industry during a conference call with financial analysts Tuesday.

  • The Department of Justice tried to block UnitedHealth's acquisition of Change Healthcare in 2022 over concerns that UnitedHealth would control both a huge health insurance provider and a payments provider that worked with its competitors, but was unsuccessful.
  • Witty said Tuesday that "without UnitedHealth Group owning Change Healthcare, this attack would likely still have happened, and it would’ve left Change Healthcare I think extremely challenged to come back," later declaring it "important for the country that we own Change Healthcare," according to Bloomberg.
  • There is, of course, no way to know if any of that is true, especially after UnitedHealth appeared to disregard almost all expert advice on dealing with ransomware attacks by paying the ransom.

In the future, big mergers like UnitedHealth/Change Healthcare could face additional scrutiny over concerns they present too large an attack surface for attackers to resist, as well as a blast radius that ensnares too many people just trying to go about their lives, according to a Congressional hearing Tuesday.

  • "The cyberattack laid bare the vulnerability of our nation’s health care infrastructure," said Rep. Anna Eshoo, a Democrat from California, as reported by CyberScoop.
  • One of her Republican counterparts, Buddy Carter of Georgia, took it a step further: The Federal Trade Commission "failed the American people by allowing this vertical integration to happen. It needs to be busted up."
  • And Greg Garcia, executive director for cybersecurity with the Healthcare Sector Coordinating Council, suggested that "all future such mergers and acquisitions need to be considered … on whether that consolidation would result in higher cyber risk."

Recent law-enforcement successes aside, ransomware remains a pernicious problem that lots of enterprise security teams will likely have to deal with at some point.

  • The Change Healthcare saga shows that data-protection technology and a disaster-recovery strategy should be as much a priority as fancy authentication and detection tools.
  • And regular cybersecurity audits could become just as important to enterprises that want to grow through acquisitions as investment bankers.

We’re excited to announce a new section coming soon from Runtime: Runtime Roundtable, a group of enterprise tech leaders and thinkers who will share their perspectives on this ever-changing slice of the technology world on a regular basis. We're looking for tech executives, founders, investors, and buyers who are willing to help their peers make decisions about how to acquire and deploy enterprise technology, which gets more and more complicated every quarter.

We'll share a question with our group of experts on a regular basis and publish a select number of responses on Runtime, and we'll reveal the answers to our first question in May. Please sign up here to be considered for inclusion and learn more about participating, and thanks for supporting Runtime.


When I say open, you say stack

Companies that want to build generative AI applications today are most likely to do so using tools developed by their cloud provider or a host of AI startups, but once they pick a vendor it will not be easy to move that investment to a different provider. On Tuesday the Linux Foundation proposed the creation of a new cross-vendor development platform for popular GenAI techniques such as RAG that could allow companies to pick and choose vendors for different parts of the process.

Called the Open Platform for Enterprise AI, the project's mission is to "facilitate and enable the development of flexible, scalable GenAI systems that harness the best open source innovation from across the ecosystem," the Linux Foundation said in a press release. The idea is to get foundation model companies, databases, storage providers, and chip companies like Intel to integrate support for a common, interoperable standard into their products.

But without support from the cloud providers as well as closed-model companies like OpenAI and Anthropic, it's a little hard to see how far this initiative will go. And several companies involved in OPEA are already getting traction for their products, and may not be willing to support a new standard if it is too difficult to incorporate into those products.


Enterprise funding

Cohesity raised $150 million in Series F funding from IBM and Nvidia, which values the security company at $7 billion.

Loft Labs landed $21 million in Series A funding to virtualize Kubernetes clusters, which can reduce operating costs and simplify deployment of applications that run across Kubernetes.

Simbian scored $10 million in seed funding to develop an AI tool for security teams that learns from the steps staff members take to secure their networks.

Knostic launched with $3.3 million in seed funding to bring enterprise-style access controls to internal LLMs.


The Runtime roundup

Microsoft will invest $1.5 billion in G42, a fast-growing AI services company based in the UAE, as part of a deal brokered by the federal government to get G42 to stop using Chinese tech providers.

Cisco disclosed that an attacker made off with multifactor authentication logs stored by its Duo subsidiary after a social-engineering hack.

Anthropic's most powerful foundation model, Claude 3 Opus, is now available on AWS.

Palo Alto Networks released fixes for a severe vulnerability in its firewall software that was being actively exploited without a patch over the weekend.

Los Alamos National Labs unveiled Venado, the first supercomputer built with Nvidia's Grace CPU chips.


Thanks for reading — see you Thursday!

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Runtime.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.