The FBI Highlights a Trading Opportunity
Recently, the FBI issued a report recommending that everyone reboot their routers. They found that, “foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide.”
The FBI’s recommendation comes on the heels of a newly discovered malware threat called VPNFilter, which has infected over half a million routers and network devices, according to researchers from Cisco’s Talos Intelligence Group.
Motley Fool’s Top 2019 Stock For The Marijuana BoomSponsored Content
We recommended this stock before the marijuana boom and while it’s grown 490% since, we have a very strong conviction this is just the beginning…
VPNFilter is “able to render small office and home office routers inoperable,” the FBI stated. “The malware can potentially also collect information passing through the router.”
The Justice Department believes that Russian hackers, working under the name Sofacy Group, was using the malware to control infected devices.
What Should Investors Do?
It can be difficult to determine if any individual router has been compromised by VPNFilter. The FBI notes only that “the malware targets routers produced by several manufacturers and network-attached storage devices by at least one manufacturer.”
Those manufacturers include Linksys, Mikrotik, Netgear, QNAP and TP-Link. However, Cisco’s report states that only a small number of models, just over a dozen in total, from those manufacturers are known to have been affected by the malware, and they’re mostly older ones.
Experts note that this means there’s a fairly small chance any individual is operating an infected router. Of course, you can never be too careful, so rebooting, or turning the power to a router off and back on, is a harmless procedure.
In fact, rebooting is often among the first troubleshooting steps when you’re having network or connectivity issues.
However, according this Krebs on Security post, which cites the aforementioned Cisco report, rebooting alone won’t do the trick: “Part of the code used by VPNFilter can still persist until the affected device is reset to its factory-default settings.”
So, one report asks, “is it possible the FBI misinterpreted the “reset” recommendation as “reboot”?”
This Highlights the Risks and the Opportunities
If it’s possible the FBI struggles with cybersecurity, that shows how difficult the field is. That indicates there are many stocks to consider in the field.
Some of the top brands in the group include Palo Alto Networks (Nasdaq: PANW), Fortinet (Nasdaq: FTNT) and Verisign (Nasdaq: VRSN). Proofpoint (Nasdaq: PFPT), Nice (Nasdaq: NICE), FireEye (Nasdaq: FEYE) and CyberArk Software (Nasdaq: CYBR) are also top names.
These stocks are also among the recent market leaders. Shares of Palo Alto Networks are up about 45% since the beginning of the year. Fortinet is up 39% in the same period. Proofpoint has a 35% gain, while CyberArk has surged 45%.
A Surge In Cybersecurity IPOs
The success of these stocks has led to a surge in initial public offerings (IPOs) of other companies in the field. This could be a warning of a potential top and is a factor that investors should consider as they select investment opportunities.
IPOs offer an opportunity for insiders to cash out and a rush to do so could indicate a weakening of fundamentals. That seems unlikely in this case given the increasing number of risks in the sector.
FBI’s Internet Crime Complaint Center says it received 301,580 complaints in 20117, addressing a wide array of hacks and scams. The reported losses exceed $1.4 billion. There have been more than four million complaints since the FBI center was created in 2000, it said.
Carbon Black (Nasdaq: CBLK), for example, raised $152 million with its IPO. The company provides a cybersecurity cloud solution that “continuously captures, records and analyzes rich, unfiltered endpoint data.”
Shares jumped 26% on its first day of trading, May 4. The company has more than 3,700 customers and proclaims a market opportunity of $19 billion. However, shares have been volatile.
SailPoint (NYSE: SAIL) raised $240 million with is November IPO. SailPoint says it’s developed a new category of identity management solutions, offering a platform that provides organizations with a better view into who currently has access to which resources and how that access is being used.
It’s stock has also been volatile. But, it has rewarded investors with significant gains.
Cybersecurity as an Investment
With the number of attacks growing, this could be an ideal investment opportunity.
The number of attacks is likely to increase. This is especially true as the collection of Internet of Things (IoT) devices, mobile devices, laptops, PCs, servers and other cloud-connected units on the network’s perimeter are “endpoints.”
As more endpoints become linked to the Internet of Things, it greatly expands the number of hacker targets. The VPN Filter virus, for examples, targets routers, which are particularly weak, difficult-to-defend links in the networking chain.
The IoT has created highly complicated problems for businesses and organizations to solve.
Previously, organizations established a security perimeter to safeguard the corporate network. This approach assumed that all data and applications resided inside the corporate network. Organizations corralled the data, which had to pass through secure gateways.
But the proliferation of endpoints and cloud computing expanded the attack surface. That’s created a massive shift in the way businesses and organizations protect against cyberattacks, by focusing on the endpoints, which have become the primary targets of cyberattacks.
This can create confusion for investors. A simplified solution could be for investors to buy the First Trust NASDAQ Cybersecurity ETF (NYSE: CIBR). This ETF seeks to track an equity index called the Nasdaq CTA Cybersecurity Index.
The fund will normally invest at least 90% of its net assets (including investment borrowings) in common stocks or in depositary receipts that comprise the index. The index will include securities of companies classified as “cyber security” companies by the CTA.
The fund is not diversified and the top 10 holdings account for about 46% of the funds assets which top $500 million. Not surprisingly, the fund has tracked the stocks in the sector and rallied strongly.
However, its lack of diversification indicates that it could sell off steeply in the event of a market decline. But, if the bull market continues, this ETF, or the individual stocks in the sector are likely to deliver gains.