Security-software stocks soared Friday, as investors bet that the fallout from one of the most devastating hacks in U.S. history will lead to increased security spending by companies and government agencies.
The breach was executed through a vulnerability in ubiquitous network-monitoring software from SolarWinds Inc.
which hackers believed to be connected to a notorious Russian group used to potentially infiltrate thousands of companies and government agencies. Security-software company FireEye Inc.
discovered the breach when one of its own tools suffered because of it, and disclosed its hack last week and informed SolarWinds of the issue on Saturday, according to filings with the Securities and Exchange Commission.
FireEye stock initially plunged after disclosing its hack, but soared 33.7% in Friday trading — the stocks’ second-best single-day gain of all time — after analysts consistently noted that the hack will lead to a desperate need for forensic investigations and increase attention on prevention. While it is relatively simple for engineers to discover if the hackers used the vulnerability on a specific network, it takes a lot of work to investigate what they may have done after gaining entry, and companies like FireEye and CrowdStrike
are expected to be busy.
“FireEye stock took the hit when they were first to disclose, but other companies and agencies running layers of cybersecurity and with a lot of security analysts did not find the attack until FireEye found it. We think that will benefit the FireEye incident-response business,” JPMorgan analysts wrote Friday, while adding that SolarWinds said it is deploying Crowdstrike’s Falcon Endpoint Protection Platform in response to the hack, which “likely will benefit CrowdStrike marketing efforts.”
CrowdStrike shares gained 10% to a record closing high of $203.75 Friday.
“To put it bluntly, based on all the initial data and speaking with our Beltway contacts last night/today, we believe this cyber attack will likely rank as one of the worst (very possibly the worst ever) in the last decade given the targeted and cyber-espionage nature of this attack,” Wedbush Securities analyst Dan Ives wrote in a Friday note.
A high-profile attack of that breadth is expected to factor in when companies determine their budgets for 2021.
“The breach comes at a crucial time when IT budgets are being settled
for the upcoming year for many companies,” Truist analysts wrote Friday. “We see the already-high awareness around security, driven by the remote work shift, as being accentuated by recent headlines and the realization that, even with the threat of state-level actors, the onus of securing the digital corporate environment falls on individual corporations themselves rather than the government.”
Truist raised its price targets on three security companies in response: CrowdStrike, which went to $200 from $180; firewall specialist Palo Alto Networks Inc.
which was raised to $365 from $305; and Varonis Systems Inc., which increased to $160 from $145. Palo Alto Networks shares gained 7.3% Friday, while Varonis stock jumped 8.9%.
UBS analysts also said that CrowdStrike and Palo Alto Networks were likely short-term beneficiaries, but added CyberArk Software Ltd.
and ZScaler Inc.
to their list of targets. CyberArk shares gained 16.3% in Friday trading, while ZScaler shares gained 4.3%.
Overall, the ETFMG Prime Cyber Security ETF
increased 4% Friday, led by double-digit percentage gains for FireEye, Qualys Inc.
CyberArk, Zix Corp.
and Allot Ltd.
The basket of security stocks has gained 37.1% so far this year, as the S&P 500 index
has increased 15.2%.