Breaking down France’s new $76M Africa startup fund

Weeks after French President Emmanuel Macron unveiled a $76M African startup fund at VivaTech 2018, TechCrunch paid a visit to the French Development Agency (AFD) — who will administer the new fund — to get more details on how le noveau fonds will work.

The $76M (or €65M) will divvy up into three parts, according to AFD Digital Task Team Leader Christine Ha.

“There are €10M [$11.7M] for technical assistance to support the African ecosystem… €5M will be available as interest free loans to high potential, pre seed startups…and…€50M [$58M] will be for equity-based investments in series A to C startups,” explained Ha during a meeting in Paris.

The technical assistance will distribute in the form of grants to accelerators, hubs, incubators, and coding programs. The pre-seed startup loans will issue in amounts up to $100K “as early, early funding to allow entrepreneurs to prototype, launch, and experiment,” said Ha.

The $58M in VC startup funding will be administered through Proparco, a development finance institution—or DFI—partially owned by the AFD. The money will come “from Proparco’s balance sheet”…and a portion “will be invested in VC funds active on the continent,” said Ha.

Proparco already invests in Africa focused funds such as TLcom Capital and Partech Ventures. “Proparco will take equity stakes, and will be a limited partner when investing in VC funds,” said Ha.

Startups from all African countries can apply for a piece of the $58M by contacting any of Proparco’s Africa offices (including in Casablanca, Abidjan, Douala, Lagos, Nairobi, Johannesburg).

And what will AFD (and Proparco) look for in African startup candidates? “We are targeting young and innovative companies able to solve problems in terms of job creation, access to financial services, energy, health, education and affordable goods and services…[and] able to scale up their venture on the continent,” said Ha.

The $11.7M technical assistance and $5.8M loan portions of France’s new fund will be available starting 2019. On implementation, AFD is still “reviewing several options…such as relying on local actors through [France’s] Digital Africa platform,” said Ha.

Digital Africa­—a broader French government initiative to support the African tech ecosystem—will launch a new online platform in November 2018 with resources for startup entrepreneurs.

So that’s the skinny on France’s new Africa fund. It adds to a load of VC announced for the continent in less than 15 months, including $70 for Partech Ventures, TPG Growth’s $2BN Rise Fund, and $40M at TLcom Capital

Though $75M (and these other amounts) may pale compared to Silicon Valley VC values, it’s a lot for a startup scene that — at rough estimate—attracted only $400M four years ago.  African tech entrepreneurs, you now have a lot more global funding options, including from France.

Flaw in global energy facility software shows critical infrastructure risks

Critical infrastructure worries in the U.S. and abroad are far from over. This week, security firm Tenable published research demonstrating a vulnerability affecting two software programs used by global energy management company Schneider Electric. The company’s systems are in place in facilities across North America, Western Europe and Asia.

Before publishing its research, Tenable notified Schneider Electric, allowing the company to patch its software vulnerabilities in early April while issuing guidance for affected plants to update their systems.

“There’s no doubt the discovery of this severe vulnerability comes at a time when critical infrastructure security is top-of-mind for organizations and government agencies everywhere,” Tenable Chief Product Officer Dave Cole said in a statement. Cole noted that this vulnerability exists at the relatively new intersection of IT and operational technology.

Tenable describes the flaw, present in InduSoft Web Studio and InTouch Machine Edition, as a remote code execution vulnerability possible when an overflow condition is triggered in the software.

As Tenable explains, that loophole could allow malicious code to be executed, granting hackers high-level access in any facility running the affected software:

A threat actor could send a crafted packet to exploit the buffer overflow vulnerability using a tag, alarm, event, read or write action to execute code.

The vulnerability can be remotely exploited without authentication and targets the IWS Runtime Data Server service, by default on TCP port 1234. The software implements a custom protocol that uses various ‘commands.’ This vulnerability is triggered through command 50, and is caused by the incorrect usage of a string conversion function.

The vulnerability, when exploited, could allow an unauthenticated malicious entity to remotely execute code with high privileges.

Critical infrastructure attacks are on the rise, and the results can be devastating. And while compromising a nuclear facility or power grid can result in exceptional consequences, the attacks generally follow the same rulebook that hackers use to compromise other, less high-consequence systems.

“It’s important to keep in mind that attackers are generally after one thing — access. Once they obtain it, their primary goal is typically to make sure long-term access can be maintained,” Ben Johnson, CTO and co-founder of Obsidian Security told TechCrunch.

“… If they compromise devices associated with critical infrastructure, they will find themselves with all kinds of leverage. So any flaw that makes obtaining access easier is a serious concern.”

Judge Orders DraftKings And FanDuel To Cease Operations In New York (UPDATED)

NYC_-_New_York_County_Supreme_Courthouse Update: Well that didn’t last long. After the decision, DraftKings filed notice of appeal and an expediated motion to stay the decision, which was approved by a New York judge. The site won’t have to cease operations in New York today, and Daily Fantasy Sports survives another day in New York. Here’s the full statement from DraftKings:
“We are disappointed with the… Read More

Zuckerberg Says Muslims Will Always Be Welcome On Facebook

Facebook Muslims Mark Zuckerberg urged the world not to “succumb to cynicism” despite bigots like Donald Trump calling for Muslims to be banned from entering the United States. Today, Facebook’s CEO posted on his site that “I want to add my voice in support of Muslims in our community and around the world…As the leader of Facebook I want you to know that you are always welcome here… Read More

Google To EFF On Student Privacy: “Our Tools Comply With Both The Law And Our Promises”

ChromebookinClassroom Yesterday, the EFF announced the launch of a campaign called ‘Spying on Students’ to raise awareness about privacy risks for technology used at schools. The campaign came with a complaint that it filed with the FCC against Google, claiming that the company collects and data mines school children’s personal info, including what they search for. EFF staff attorney Nate Cardozo… Read More

U.K. Spy Agency Does Not Require Individual Warrants To Hack

800px-GCHQ-aerial More details about U.K. intelligence agency GCHQ’s use of hacking — aka: ‘computer network interference’ in euphemistic official parlance — and the oversight regime governing its hacking activities have emerged via an ongoing legal challenge filed by civil liberties group Privacy International and several ISPs, which is continuing to put witness statements into… Read More