Security-software stocks soared Friday, as investors bet that the fallout from one of the most devastating hacks in U.S. history will lead to increased security spending by companies and government agencies.
The breach was executed through a vulnerability in ubiquitous network-monitoring software from SolarWinds Inc. SWI,
FireEye stock initially plunged after disclosing its hack, but soared 33.7% in Friday trading — the stocks’ second-best single-day gain of all time — after analysts consistently noted that the hack will lead to a desperate need for forensic investigations and increase attention on prevention. While it is relatively simple for engineers to discover if the hackers used the vulnerability on a specific network, it takes a lot of work to investigate what they may have done after gaining entry, and companies like FireEye and CrowdStrike CRWD,
“FireEye stock took the hit when they were first to disclose, but other companies and agencies running layers of cybersecurity and with a lot of security analysts did not find the attack until FireEye found it. We think that will benefit the FireEye incident-response business,” JPMorgan analysts wrote Friday, while adding that SolarWinds said it is deploying Crowdstrike’s Falcon Endpoint Protection Platform in response to the hack, which “likely will benefit CrowdStrike marketing efforts.”
CrowdStrike shares gained 10% to a record closing high of $ 203.75 Friday.
It is believed that about 18,000 businesses and agencies were vulnerable to the attack, with even tech stalwart Microsoft Corp. MSFT,
“To put it bluntly, based on all the initial data and speaking with our Beltway contacts last night/today, we believe this cyber attack will likely rank as one of the worst (very possibly the worst ever) in the last decade given the targeted and cyber-espionage nature of this attack,” Wedbush Securities analyst Dan Ives wrote in a Friday note.
A high-profile attack of that breadth is expected to factor in when companies determine their budgets for 2021.
“The breach comes at a crucial time when IT budgets are being settled
for the upcoming year for many companies,” Truist analysts wrote Friday. “We see the already-high awareness around security, driven by the remote work shift, as being accentuated by recent headlines and the realization that, even with the threat of state-level actors, the onus of securing the digital corporate environment falls on individual corporations themselves rather than the government.”
Truist raised its price targets on three security companies in response: CrowdStrike, which went to $ 200 from $ 180; firewall specialist Palo Alto Networks Inc. PANW,
UBS analysts also said that CrowdStrike and Palo Alto Networks were likely short-term beneficiaries, but added CyberArk Software Ltd. CYBR,
Overall, the ETFMG Prime Cyber Security ETF HACK,