Organizations have been grappling with the issue of cybersecurity for a long time. Cyberattacks are responsible for massive losses. In fact, per Absolute Markets Insights data, cyberattacks can cost companies almost $5.2 trillion every year.
In fact, foreign exchange company Travelex revealed that it is the most recent victim of the Sodinokibi ransomware, for which, it might have to pay a ransom of $6 million.
BBC said that the attackers hacked into the company’s computer systems around mid-2019 and downloaded 5GB of sensitive customer data like date of birth, credit card information and national insurance numbers.
Cyberattacks are not only affecting companies but also threatening the national security of some countries. The U.S.-Iran proxy war may now turn into a direct one in the digital arena. U.S. cybersecurity firms working with the Trump administration are reporting multiple evidences of spear-phishing emails from Iranian hackers.
In the past few weeks, representatives from CrowdStrike CRWD and FireEye FEYE, who track hacking activities for the U.S. government, reported that hackers are working for the Iranian government. Iranian government-aided hackers are sending waves of spear-phishing emails, targeting U.S. government agencies and major sectors like oil and gas.
Notably, Iran’s cyber-attack threats have increased in the past month after the Trump administration imposed sanctions on the Iranian petrochemical sector.
Cybercriminals Banking on Ransomware
Notably, ransomware is the most profitable malware. It infects a computer to encrypt files or systems. Typically, the victim has to cough up a ransom amount for data retrieval.
Notably, per Coveware, ransomware is estimated to have caused global damage worth $11.5 billion to organizations in 2019.
In late 2018, a research carried out by Check Point CHKP revealed that the GandCrab ransomware had spread across Japan, Germany, Canada and Australia, among others, in just two months, including an advanced version of the ransomware.
We are also aware of how organizations were affected in 2017 by the two back-to-back ransomware attacks — WannaCry in May and Petya in June. Cybersecurity stocks rallied throughout the year, driven by these attacks.
The Advent of RaaS
The unpopularity and profitability of ransomware have led malicious software developers to come up with an unusual type of software-as-a-service — Ransomware-as-a-service (RaaS).
This is essentially a platform used by cybercriminals to attack IT systems. A malicious vendor offers hackers a platform to store computer files, information or systems seized from victims. A group of individuals maintain the codes and another group, called affiliates, spread the ransomware.
Notably, Sodinokibi is also a RaaS. Per Hard Fork, Sodinokibi has more than 40 active affiliates and its creators get between $700 and $1,500 from every payment, usually in bitcoins.
Why Ransomware Protection is Important
An antivirus alone cannot provide protection from a zero-day ransomware attack. Due to the growing incidences of ransomware attacks, vendors now are offering defense approaches and decryption tools to help ransomware victims.
Firms primarily need to focus on protecting their business from insider threats, phishing scams and exposed databases.
This provides ample growth opportunities for cybersecurity firms. Here, we have shortlisted two companies with strong malware protection capabilities that are worth adding to your portfolio in the current scenario.
Fortinet FTNT provides broad, integrated and automated cybersecurity solutions, globally. The company offers security and networking functions that include firewall, intrusion prevention, anti-malware, a virtual private network and much more. For instance, Fortinet’s Security Fabric elements like FortiMail, FortiGate, FortiClient, FortiSandbox and FortiAnalyzer have capabilities to detect, prevent and mitigate damages caused by the WannaCry ransomware.
Fortinet carries a Zacks Rank #1 (Strong Buy). You can see the complete list of today’s Zacks #1 Rank stocks here.
Moreover, Trend Micro TMICY develops security solutions that protect against a wide range of insidious threats and combined attacks, including viruses, spam, phishing, spyware, botnets, and other Web attacks, like data-stealing malware. For instance, its tools like RansomwareFileDecryptor and TeslacryptDecryptor can decrypt ransomware like Crypt variants, TeslaCrypt, AutoLocky, BadBlock and more. This stock carries a Zacks Rank #2 (Buy).
Apart from the aforementioned stocks, CyberArk CYBR is a cybersecurity stock with a Zacks Rank #3 (Hold) worth considering.
CyberArk offers services, which protect organizational privileged accounts from cyberattacks. Recently, the company tested the prevention tactics on the Sodin ransomware and found that the CyberArk Endpoint Privilege Manager is effective in limiting privilege on endpoints and application greylisting control and preventing Sodin from encrypting files even with the highest privileges.
The demand for cybersecurity solutions is expected to remain healthy owing to the increasing frequency and the technologically advanced nature of cyberattacks.
Looking for Stocks with Skyrocketing Upside?
Zacks has just released a Special Report on the booming investment opportunities of legal marijuana.
Ignited by new referendums and legislation, this industry is expected to blast from an already robust $6.7 billion to $20.2 billion in 2021. Early investors stand to make a killing, but you have to be ready to act and know just where to look.
See the pot trades we’re targeting>>
Click to get this free report
Fortinet, Inc. (FTNT): Free Stock Analysis Report
FireEye, Inc. (FEYE): Free Stock Analysis Report
CyberArk Software Ltd. (CYBR): Free Stock Analysis Report
Trend Micro Inc. (TMICY): Free Stock Analysis Report
Check Point Software Technologies Ltd. (CHKP): Free Stock Analysis Report
CrowdStrike Holdings Inc. (CRWD): Free Stock Analysis Report
To read this article on Zacks.com click here.
Zacks Investment Research
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.