The hacker group known as Shadow Brokers publicly released a set of tools on the social network platform Medium in April. Called EternalBlue and EternalRomance, the tools allow hackers backdoor access for remote control of infected computers.
While the market hasn’t reacted to the news of the release, Sean Dillon of cybersecurity firm RiskSense Inc. told Bloomberg that these tools are “10-times worse” than recent viruses like the Heartbleed bug that infected computers at Yahoo and Amazon.
We’re talking about government-quality hacking tools — and they’ve just been spammed out to every hacker with an internet connection.
Dillon says the tools are, “the kind of thing [security analysts] see used very rarely on very special, covert cybermissions.” He’s already found computers infected in dozens of clients from startups, government agencies and Fortune 100 companies.
That means it’s only a matter of time before reports of large-scale and sophisticated cyberattacks start flooding the news. When it happens, expect a pop in the shares of cybersecurity companies.
Cybercrime Headline Risks Move To Red Alert
Corporate America prepared for years against the potential for hacker threats related to the Y2K bug. Headlines screamed warnings in 2014 for dangers related to the Heartbleed vulnerability.
But it seems the years between have created complacency in cybersecurity. And this apathy shows in the media: Few news outlets are reporting on the threat from the Shadow Brokers’ release.
The tools, believed to be stolen NSA hacking tools, work on weaknesses in Microsoft’s Windows operating system. While Microsoft has said that some of the security holes have been patched, those patches have to be updated by users or the computers remain vulnerable.
Swiss security firm BinaryEdge reports finding nearly 429,000 infected computers on its April 27 search, four-times as many found just a week before. Another security firm, Recorded Future, has been tracking message traffic about the hacking tools on Russian and Chinese hacking forums, including a released tutorial on how to use the tools.
The lack of media coverage or warnings about the released tools and their sophistication sets could mean that many companies will remain vulnerable. And with so many vulnerable companies and well-equipped hackers, the stage is set a massive series of cyberattacks.
3 Best-Of-Breed Cybercrime Fighters To Surge On Headlines
Research firm Cybersecurity Ventures expects more than $1 trillion will be spent on cybersecurity over the five years to 2021, with up to 15% annual growth in spending. Conservative measures put annual losses to cybercrime at $375 billion.
With the Internet of Things (IoT) coming to everything from home thermostats to the cars we drive, cybercrime is only going to get more pervasive. JP Morgan Chase & Co. recently doubled its annual cybersecurity budget to $500 million and the U.S. government has increased its annual budget by more than a third to $19 billion to fight cybercrime in 2017.
The growth in corporate and government spending over the last few years has ballooned sales for cybersecurity companies. Balance sheets are busting with cash and could set off a wave of M&A activity that will further drive investor sentiment for the space.
Fortinet (Nasdaq: FTNT ) is a leader in the small- and mid-size business market for cybersecurity, which positions it perfectly to fight these new threats. Larger companies are more likely to have IT departments that regularly install patches to fix known vulnerabilities. That’s not true at smaller companies and leaves them exposed to hackers well after operating system patches have been released.
Fortinet is a low-cost provider, making it popular among small business owners, and helps support sales at all stages in the business cycle. Products account for 47% of revenue while more reliable services revenue accounts for the other 53%. Revenue has grown at a 27% annual rate over the last three years and the company has nearly $1.1 billion in balance sheet cash, 16% of its market cap, with which to make opportunistic acquisitions.
Imperva (Nasdaq: IMPV ) has made its mark in the web application firewall market, protecting companies from internet-borne cyberattacks. The rapid growth in web applications, especially in the IoT space, could continue to drive double-digit sales growth for decades. The company has been adding on services through acquisitions to offer a range of cyber protection services.
Imperva is also a leader in the compliance and database protection market, a market that has grown for both private and public companies over the last decade. Revenue has grown at a 24% annual rate over the last three years. The company has $261 million of balance sheet cash against just $39 million in long-term debt for a net-cash position equal to 14% of its market cap. That kind of balance sheet health gives it a lot of financial flexibility and may even make it a takeover target.
Palo Alto Networks (NYSE: PANW ) has built a reputation as an innovator in cybersecurity since its creation of next-generation firewall technology in 2009. That helps it command premium pricing compared to peers and still retain corporate clients. This competitive advantage has helped the company gain 15% of the enterprise firewall market share in an extremely fragmented market.
Palo Alto has grown sales by an impressive 51% annualized rate over the last three years. It’s used this sales surge to reinvest in R&D to keep its technological advantage, but still has managed to build a cash balance of $1.3 billion, over 12% of its market cap.
Risks To Consider: Headlines of a new hack may not immediately translate into sales for cybersecurity companies and long-term gains will depend more on management’s ability to drive revenue growth.
Action To Take: It’s impossible to tell which cybersecurity company will benefit most from headlines of a new hack, so you should invest proactively in a group of the strongest names in the industry.