How to Profit From the Fast Evolving Cyber War

By: Casey_Research

Chris Wood, Casey Extraordinary Technology writes: A new war is being waged – a war that is not fought with guns, missiles, or human soldiers, but with code in cyberspace, using computers and the Internet. It’s a war on all fronts – by governments against governments, governments against corporations, organized crime and insiders against both, and even individuals against other individuals (which is more often dubbed cybercrime, but that’s not a necessary distinction for our purposes).

The point is that this war is pervasive, and we are all vulnerable to attack.

About three years ago, Heartland Payment Systems discovered that hackers had penetrated their systems for a period “longer than weeks” in late 2008, and were eavesdropping on the majority of transactions the company processed. In all, more than 100 million credit cards were compromised, resulting in the largest known case of credit card fraud in history. So far (through December 31, 2010), the company has had to pay out about $115 million in settlements of claims with banks and VISA, along with more than $30 million in legal fees.

More recently we’ve had the China/Google fiasco, a situation that culminated in Google all but accusing the Chinese government of at least abetting a coordinated and sophisticated attack aimed at cracking the email accounts of known political dissidents within the country. Google was forced to admit that the attackers were successful to an extent, in that they managed to steal the source code for the company’s password system that protects all accounts. But apparently no accounts were compromised in the attack, according to Google.

The weapons being used to fight this war are becoming more sophisticated and harder to protect against, while at the same time often becoming easier for foes with little technical experience to wield.

In 2005, a Russian hacker group known as UpLevel developed Zeus, a point-and-click program for creating and controlling a network of compromised computer systems, also known as a botnet. By 2010, the most recent version of the basic Zeus software could be downloaded for free and required almost no technical skill to operate. It’s now become one of the most popular botnet platforms for spammers and criminals who deal in stolen personal information.

UpLevel consisted of just four or five developers who started working on Zeus in 2005. The next year they released the first version of the program, a basic Trojan designed to hide on an infected system and steal information. Soon thereafter, the team came out with a more modular version, which allowed other hackers to add functionality by creating plug-ins. Now the Zeus platform allows users to easily build custom malware to infect target systems and manage a vast network of zombie machines, i.e., the botnet. In fact, a whole cottage industry has cropped up around creating add-ons for Zeus, satisfying the needs of the most novice cybercriminal up to the most sophisticated organized-crime users.

(Note: “Botnet” is short for robotic network and the general term used to denote a collection of compromised computers that are running under a common command-and-control (C&C) infrastructure. Thus one person can have a large number of “zombie” computers at his fingertips. How many? Well, the Mariposa botnet, busted by Spanish authorities in March 2010, was found to have nearly 13 million computers under control.)

And just as Trojans, like Zeus, are evolving, so, too, are the botnets themselves.

Conventional botnets are controlled by a few central computers. Take down those machines and you’ll disable the whole network. But a recent article by Kurt Kleiner in Technology Review (published by MIT) warns that this weakness does not exist in botnets that use peer-to-peer communications protocols and pass messages from machine to machine instead of coming from a central command.

Using these peer-to-peer communications protocols, Stephan Eidenbenz and his team at Los Alamos National Laboratory designed and simulated a botnet that would be much harder to kill than the traditional centrally controlled variety.

According to the aforementioned article by Kleiner:

Their hypothetical botnet would randomly configure itself into a hierarchy, with peers accepting commands only from computers higher up in the hierarchy. Any computer taken over by an outsider would thus be less likely to be able to disrupt the network. The botnet would reconfigure its hierarchy every day, so outsiders would have scant time to track down the highest-level computers that could do the most damage.

The technique, together with strong encryption, would make such botnets hard to analyze and attack.

Experts expect that these stronger peer-to-peer botnets are only a matter of time. “Once someone writes ways to strengthen a botnet’s security into easy-to-implement code, this type of botnet will quickly spread,” says Cliff Zou, network security researcher at the University of Central Florida.

Now, the point of all this is not to scare you into throwing your computer out of the window – it’s to highlight the fact that as the weapons in this cyber-war evolve, so, too, must defenses against them. And that’s big business.

As Intel CEO Paul Otellini recently said, “We have concluded that security has now become the third pillar of computing, joining energy-efficient performance and Internet connectivity in importance.”

I have to agree with Mr. Otellini. And investors are already capitalizing on the huge growth that will come in this area over the next few years. Though estimates of its size vary broadly because of differing definitions, even the most conservative valuations peg pure security hardware and software expenditures at well above $15 billion annually. And steady, double-digit growth is projected for years to come.

As just one example of the gains that can be had by investing in this space, Casey Extraordinary Technology subscribers were rewarded with a one-week return of nearly 50% last August when we recommended buying ArcSight Inc. (a company that develops monitoring software to seek out nefarious code or malicious insiders that have breached the firewall). Just seven days after our recommendation, news of a potential buyout of the company by HP at a 50% premium caused the shares to pop and we exited with a huge gain.

Another example: One of our core portfolio holdings that operates in the network security space is up nearly 200% since we bought in just one year ago.

Obviously, not all the computer and network security firms out there are gems, but given all the money that’s necessarily going to be pumped into these industries in the coming years, it might behoove you as an investor to investigate the options.

[There are still myths that cause many investors to shy away from the tech industry – even though it is one of the fastest-growing sectors in the U.S. economy. Don’t make the same mistake; read here about the myth-busting truth of prudent tech investing today… and how it can substantially boost your portfolio.]

© 2011 Copyright Casey Research - All Rights Reserved

Disclaimer: The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. Information and analysis above are derived from sources and utilising methods believed to be reliable, but we cannot accept responsibility for any losses you may incur as a result of this analysis. Individuals should consult with their personal financial advisors.

© 2005-2022 http://www.MarketOracle.co.uk - The Market Oracle is a FREE Daily Financial Markets Analysis & Forecasting online publication.