The veritable tsunami of news engulfing the world since the onset of the COVID 19 Pandemic relegated an important development to minor coverage – global hackers are on the attack in growing numbers.
A 12 May article appearing in the US website cpapracticeadvisor led with the following headline:
- Computer Hacking Up 330% During Coronavirus Pandemic.
In little more than a month — from March 10, 2020 until April 15, 2020 — hackers attacked remote desktop protocols (RDP) 32,299,662 times, according to AtlasVPN, a free VPN (virtual private network) that enables IP address changes and encrypted connections.
The attacks are global in scope, with the increase coinciding almost to the day with the onset of lockdowns and the resultant massive shift to remote workplaces. From the AtlasVPN website.
No facet of contemporary living has been spared – companies were forced to shift from the relative safety of secured inhouse networks to sharing sensitive data with home networks and personal devices severely lacking in cybersecurity measures.
Consumers fell prey to multiple scam sites offering miracle cures and inferior personal protection equipment to the unsuspecting. Healthcare “alerts” from hackers claiming to represent reputable health organisations like the CDC (Center for Disease Control) in the US have gained unparalleled access to private information. Contract tracing apps opened the door to further intrusions into private information.
In mid-July the digital edition of the Sydney Morning Herald reported intelligence agencies here in Australia, the United States, the United Kingdom, and Canada had found evidence of Russian hacking of western corporations and medical research organisations working on COVID 19 vaccines, largely through the use of malware and malicious emails to unsuspecting employees.
Security experts were alarmed to learn one of the largest social media outlets on the planet – US based Twitter – admitted its own employees had been hacked to gain access to accounts of high level users, including former President Barack Obama and Elon Musk.
A cybersecurity expert writing in foreignpolicy.com on 7 October warned the wave of cybercrime may pose a greater long term threat to global economies than the pandemic itself, with swamped governments ignoring the threat and businesses willingly paying ransoms to avoid embarrassment.
Here in Australia, a 16 September article appearing on the afr.com website focused on attacks on the manufacturing sector, stating:
- Manufacturers have experienced a near three-fold increase in cyberattacks in the wake of the coronavirus pandemic, as cyber criminals seek to leverage their importance to extract large ransom payments.
The following chart challenges the view that the majority of cyberattacks are state-sponsored.
There are four companies on the ASX whose primary focus is cybersecurity. The following table lists market cap for the four along with year over year share price information.
Tesserent Limited (TNT) and Whitehawk Limited (WHK) have both maintained positive upward share price movement over the last month — still up triple digits — while Senetas Limited (SEN) and Vortiv Limited (VOR) have reversed course with double digit increases over the last six months. From the Reuters financial website:
All four of these stocks got a lift when on 29 June when the Australian government announced plans to invest nearly one billion dollars on increased cybersecurity measures.
Tesserent Limited (TNT) is the clear favorite of investors over the last year. The company is the largest cybersecurity provider on the ASX, offering a full line of security products collectively referred to as Cyber 360. Tesserent’s service begin at the perimeter of the network, extending to the internal network, internet connectivity, and cloud and data centre based storage.
On 24 September, the company announced the acquisition of iQ3, a provider of secure cloud services, complementing Tesserent’s Cyber 360 strategy of “end to end” security.
Since listing on the ASX in 2015 the company has made key strategic acquisitions — 7 in the last fifteen months — with each providing a piece of the overall Cyber 360. strategy. Tesserent management intends to continue its acquisition of complementary companies in the future.
The business model is Internet Security as a Service with customers both here in Australia and internationally. The Tesserent client base includes government agencies, educational and financial institutions, manufacturing, transport and logistics companies, and insurance and legal organisations. The company gests 60% of its revenues from government agencies. Tesserent also offers security audits and consultations.
The company is targeting expansion opportunities in New Zealand, the UK, the US, and Canada. Full Year Financial Results showed a 291% increase in revenues, with costs of acquisitions and expansion efforts driving profit down 80%.
Senetas Limited (SEN) has been around since the 1990’s and today offers a suite of encrypted security solutions to enterprise and government clients in more than 40 countries around the world.
Although the hacking threat is increasing, cybersecurity attacks are not a new phenomenon, and despite its impressive crypto-agile encryption platform, the Senetas share price has disappointed investors, with the 11.7% average annual rate of total shareholder return over ten years slipping to -17.1% over five years and -13.3% over three years.
Senetas serves customers in business, government, defence industries, and cloud and data service providers. Its high-performance encrypted solutions offer security protection for both infrastructure and hardware networks, through its CN Series of products, and for software, or virtual networks through the CV Series.
The Senetas SureDrop offering protects content through data and file encryption. Another offering, Votiro Disarmer, uses patented Content Disarm & Reconstruction technology to ward off cyber attacks and other malicious intrusions. The Senetas CM7 Network Encryption Manager (CyberManager™) enables intuitive management of all Senetas CN Series network encryptors in use.
Senetas distributes its products globally through the French-based Thales Group. On 15 September, Senetas announced its largest order ever; a $2 million dollar purchase of CN 9000 Series, the company’s ultra-high speed line of encryptors.
One week earlier Senetas announced Verizon Australia had entered into a supplier agreement with Senetas to distribute “certified high assurance” encryptors to Verizon’s enterprise and government customers.
WhiteHawk Limited (WHK) listed on the ASX on 31 January in 2018 with a unique business model offering cybersecurity help for small to medium size businesses.
In 2016 the company launched as a cybersecurity advisory service, lager migrating to its current business model — a “self-service” marketplace where businesses lacking the resources to contract with major providers can come to assess their own security needs and shop for available solutions. WhiteHawk now serves enterprise level customers as well.
The WhiteHawk marketplace consists of four major components.
WhiteHawk Advisory provides potential customers access to a cybersecurity expert analyst who assists customers starting in the marketplace, beginning with the CyberPath Solution Engine Questionnaire. This is a phone consultation with an actual human being!
The CyberPath Solution Engine begins the process of identifying security issues facing the potential client and matches the customers’ needs to three product solution sets – basic, balance, and advanced. Access is free of charge.
The Vendor Exchange is the actual online e-commerce marketplace of products and services. WhiteHawk states the listings are readily understandable, free of confusing technical jargon.
WhiteHawk Insights is an updated reference source for industry trends, data on monetary and data loss impact of cybersecurity attacks, and a host of informative sources for protection ideas. In its US operations WhiteHawk uses the Insights portal to communicate with inquiring companies, creating a vehicle for potential clients.
The company’s first major announcement came in March of 2018 when Tesserent agreed to include its small business protection offerings on the WhiteHawk Exchange.
There followed a steady stream of updates announcing marketplace additions and contracts with financial and government organisations, among others. WhiteHawk has multiple contracts with US Government agencies, with a 28 July announcement the US federal government CISO (Chief Information Security Officer) will implement one of WhiteHawk’s solutions — Cyber Risk Radar as a Software as a Service (SaaS.) The share price went up close to 50% immediately following the news.
WhiteHawk is now in a trading halt, pending resolution of the company’s application to the Supreme Court of Western Australia for “seeking orders in relation to the company’s inadvertent failure to lodge a cleansing notice” as required by the Corporations Act of 2001.
Vortiv Limited (VOR) began its corporate life as Transaction Solutions International, a provider of financial services for billings, payments, and automated teller machines (ATMs). While Vortiv has maintained an 24.89% equity interest in Transaction Solutions International India, the company now operates as a provider of cybersecurity protection, primarily for the government and financial sectors here in Australia. Vortiv derives around 72% of its revenue from those two sectors.
The company entered the cybersecurity space with its first acquisition – Sydney based Decipher Works (DWX) Pty Ltd. DWX began its cybersecurity work in 2007, providing consulting and support and managed services to financial institutions and large corporations.
In January of 2019 Vortiv added Cloudten Industries (Cloudten) Pty, with more acquisitions to come, according to Vortiv management. Cloudten provides security protection for data and cloud services as well as professional and managed services, focusing on large organisations within the financial, telecommunication, transportation, and utilities sectors.
Vortiv has grown revenues in each of the last three fiscal years and posted its first profit of $2.3 million in FY 2020. The company now counts among its clients some of Australia and New Zealand’s largest blue chip organisations.
Some market commentators who wonder why these and other cybersecurity providers have been slow in growing point to the fact many large corporations claim they can handle cybersecurity attacks in-house. The track record of hacking of some of the world’s biggest companies suggests otherwise.