Cybersecurity wars and the companies combating incursions

Everyone grasps, on some level, that cyber-security – or more correctly, the cyber-crime at which cyber-security is aimed – is a big problem. But when you really look into it, the scale of the cyber-crime problem is truly staggering.

According to leading industry research firm Cybersecurity Ventures, cyber-crime is predicted to inflict US$6 trillion ($8.1 trillion) in damage globally in 2021, up from US$3 trillion in 2015: if it were measured as a country, that would make cybercrime the world’s third-largest economy, after the US and China.

Cybersecurity Ventures’ 2020 Official Annual Cybercrime Report says cybercrime is the greatest threat to every company in the world, and one of the biggest problems with mankind: it is bigger than the illegal drug trade. The report quotes Jack Blount, former chief information officer at the United States Department of Agriculture (USDA), and now chief executive officer at enterprise security software company INTRUSION, as saying: “Every American organization — in the public and private sector — has been or will be hacked, is infected with malware, and is a target of hostile nation-state cyber intruders.”

In fact, Blount prefers the term “cyber-warfare” to “cyber-crime.”

Last year, Chinese tech giant Huawei admitted that it endures about one million cyber-attacks on its computers and networks every day.

Cyber-security consultant Tony Barnes, director of Cyber Research Group, told this writer last year, “When you switch servers on, they’re like magnets in the way they attract attacks.” Barnes said that showing organisations the scale of the constant attacks on them is a penny-dropping moment: “When people visualise it, it scares the pants off them,” he said.

The level of threat is reinforced seemingly every week with news of high-profile hackings and data breaches. Last month, Prestige Software, a company that services hotel reservation platforms for Hotels.com, Booking.com, Expedia and more, reportedly left exposed the data of millions of those sites’ customers, including names, credit card details, ID numbers and reservation details. Also in November, US networking equipment vendor Belden admitted to being hacked, and even global cyber security firm Sophos owned up to suffering a data security breach.

Breaking news

This week, cybersecurity firm FireEye was the victim of a state-sponsored cyber-attack.

The $3.5 billion FireEye identifies the culprits of some of the world’s major cyber hacks and counts Sony and Equifax as its clients.

According to FireEye, one of ASX listed WhiteHawk's vendors (see below), the hack was carried out by “a nation with top-tier offensive capabilities.”

Though not named, fingers have been pointed at Russian intelligence agencies.

Hackers accessed FireEye's internal network and stole its red team tools, which could be useful in mounting new attacks around the world.

FireEye CEO, Kevin Mandia said of the attack, "Based on my 25 years in cyber security and responding to incidents, I've concluded we are witnessing an attack by a nation with top-tier offensive capabilities... The attackers tailored their world-class capabilities specifically to target and attack FireEye.They used a novel combination of techniques not witnessed by us or our partners in the past."

The breach is now being investigated by the FBI and Microsoft.

“The hack raises the possibility that Russian intelligence agencies saw an advantage in mounting the attack while American attention — including FireEye’s — was focused on securing the presidential election system,” Mandis said.

This is potentially the biggest known theft of cybersecurity tools since 2016 when ShadowBrokers group targeted the NSA and dumped their hacking tools online.

This list of major hacks – just in 2020 – from IT newsletter/website ZDNet makes sobering reading.

However, the silver lining to the cyber-crime pandemic is that there are very smart people working on cyber-security solutions – and in many cases, these companies are investable stocks. As befits the scale of the problem, cyber-security is emerging as one of the biggest secular investment theme of the 2020s.

The Australian Securities Exchange (ASX) hosts a small but intriguing group of cyber-security companies, including:

WhiteHawk (WHK)

Headquartered in Virginia, USA, WhiteHawk developed and operates the first online cybersecurity exchange, enabling businesses of all sizes to manage cybersecurity threats. This year, WhiteHawk has won a range of contracts (and contract extensions) across four main sectors — the US government sector (a US agency and a department), the manufacturing sector, the financial sector and the Defence Industrial Base (DIB), the term for the worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet US military requirements.

WhiteHawk has built its cyber-risk-focused business model to give it commercial and technical agility, being able to partner with the best open data and AI-enabled platforms, allowing the company to continually evolve to align with customer needs and appetites. It has positioned itself well in the US cyber-risk market, across companies and organisations of all sizes, and is now seeking to increase its business internationally.

Read: Delivering Cybersecurity Solutions

Tesserent (TNT)

Cyber-security and network services company Tesserent provides “Internet security-as-a-service” for a customer’s computer infrastructure, including firewall, authentication, anti-virus, anti-malware/spyware, intrusion detection, and security event management, typically provided on a subscription basis. Its customers – both Australian and international – come from the government, corporate and education fields. The company’s products and services include network perimeter security, secure internet connectivity, data storage services, and internal network security services. The company has made a series of high-value strategic acquisitions recently, and in November, Tesserent announced that it will step into the “real” world, with a new joint venture with New Zealand firm Optic Security Group that will incorporate both cyber and physical security solutions.

Senetas (SEN)

Senetas provides data encryption hardware, engineered for high-speed networks, to major corporations and governments. Senetas’ encryptors now protect network transmitted data in more than 35 countries, and are used by customers ranging from government organisations with highly sensitive information, for example, the US defence forces, to commercial and industrial organisations, banks and global financial transactions systems providers, cloud and data centre service providers and small businesses. Senetas’ services segment offers its customers absolute control over file sharing and data sovereignty through its platform ‘SureDrop’. In 2020, Senetas acquired Israeli cyber-security firm Votiro, a leading provider of Content Disarm and Reconstruction (CDR) technologies, which markets its Disarmer and Secure File Gateway solutions globally for a wide range of applications, including file-transfer, email, removable devices and collaboration platforms.

archTIS (AR9)

Canberra-based archTIS has developed a cloud-based software-as-a-service (SaaS) security and collaboration platform called Kojensi, which arose out of a solution built for the Australian Department of Defence, and further developed in trials involving a number of Australian Federal Government agencies, including the Commonwealth Attorney General’s Department (AGD) and the federal Aged Care Royal Commission. The system has subsequently been deployed in the AGD, the Commonwealth Ombudsman and the Australian Criminal Intelligence Agency, and the first non-government clients, in aerospace giant Northrop Grumman and Western Australia’s Curtin University. archTIS is marketing the Kojensi platform to industries that service the government, and which also need to share sensitive and classified information.

Kojensi is hosted within a protected cloud environment accredited by the Australian Signals Directorate (ASD). The platform is being marketed as a secure content and collaboration cloud service, which offers a combination of enterprise content management capabilities, collaboration tools and workflows. Instead of using passwords, the Kojensi platform creates an electronic “fingerprint” on the data or documents, determining who can access the material, where, and when.

Also, Australian company VeroGuard is targeting a dual listing on the ASX and Singapore’s SGX over the next 12 months, as it seeks to commercialise its VeroCard product, which centres around the creation of a unique digital identity for individual users, based on the interbank communication protocols, applied to the internet. The VeroCard technology – which will be manufactured in Adelaide – removes traditional password and online identity problems, and guarantees a user’s identity online: company founder Daniel Elbaum says it is “impossible to hack,” as there is no known source of encryption. In October, VeroCard received the highest security certification available from the US-based Payment Card Industry Security Standards Council.

For investors who want a broadly diversified exposure to the cyber-security theme and the expected boom in cyber-security spending, the ASX also hosts the BetaShares Global Cybersecurity ETF (exchange-traded fund), under the code HACK. The HACK portfolio is 89.5% invested in US companies, with Israel (3.3%) and the UK (3.1%) the next-largest allocations. Systems software dominates the industry breakdown, at 51.9% of the portfolio, followed by IT Consulting (15.4%), internet services and infrastructure (12%) and communications equipment (11.9%).

HACK is designed to track (before fees and expenses) the Nasdaq Consumer Technology Association Cyber-Security Index, which comprises 43 companies. This is a diversified collection of companies, but most are small and mid-cap companies that are not well-known in Australia. At present the five largest holdings are: Crowdstrike Holdings (6.7% of the portfolio), Okta (6.3%), ZScaler (6%), Accenture (6%) and Cisco Systems (5.9%).

Since inception in August 2016, the HACK ETF has earned its Australian investors 19.2% a year, lagging its index, on 19.8% a year. In the three years to November 30, HACK generated 21.4% a year, versus 22% for the index.

HACK costs 0.67% a year in management fees. It is not currency hedged, so returns can be affected by foreign exchange fluctuations.