Imagine you receive a text message that looks off.
You’ve had cybersecurity training at work and know not to click on or download links in texts coming from random numbers or email addresses.
But herein lies the rub: now you don’t have to do anything except receive a text and you could still get infected by some of the latest, ultra-sophisticated spyware known as “zero-click exploits.” They can leave your phone, computer or smartwatch completely compromised by unscrupulous hackers, without you ever knowing.
Such a flaw was recently found on Apple Inc. (AAPL) devices’ iMessage application by investigators at The Citizen Lab, a cybersecurity research center at the University of Toronto, which published a report about the exploit Monday.
The Citizen Lab flagged that the malicious software called Pegasus had been created by the Israeli spyware company, NSO Group. The cybersecurity researchers discovered examples of Pegasus being used to track journalists in Mexico reporting on drug cartels, as well as dissidents from Saudi Arabia. In fact, The Citizen Lab said it uncovered the exploit while it was researching the phone of a Saudi Arabian dissident.
“Ubiquitous chat apps have become a major target for the most sophisticated threat actors, including nation state espionage operations and the mercenary spyware companies that service them,” The Citizen Lab said. “As presently engineered, many chat apps have become an irresistible soft target.”
Apple responded by releasing a security patch for the exploit and advised users to update immediately. But that’s not the only security issue they’ve had to fix.
Apple has patched 15 so-called zero-day vulnerabilities so far this year.
In late August, the company joined other tech giants, including Google parent Alphabet Inc. (GOOGL), Microsoft Corporation (MSFT), and Amazon.com, Inc. (AMZN), at the White House to help President Biden figure out a way to shore up the nation’s cyber defenses.
Massive cyberattacks against the government cybersecurity contractor SolarWinds Corp. (SWI) and the Colonial Pipeline underscored the difficult task ahead.
Apple said it would work with its supply chain partners to beef up cybersecurity. Google announced it would shell out over $10 billion over the next five years to strengthen cybersecurity and train 100,000 Americans in IT and other tech fields under its Career Certificate program. Microsoft promised to put in $20 billion over the next five years to create better cybersecurity tools, and another $150 million to help government agencies improve their cybersecurity training programs.
Interestingly, as the world has undergone a huge shift to taking care of business online amid the pandemic and social distancing, emerging threats to cybersecurity pose greater risks than ever.
A recent study by Opswat found that only 8% of the 302 IT security professionals at global organizations it surveyed with web applications used to upload or transfer files are taking sufficient measures to guard against malicious attacks.
Some 32% of these organizations revealed that they don’t scan all file uploads to detect potential threats. Also, a majority said they don’t use a file sanitizing protocol to help prevent unknown malware and zero-day attacks.
A survey of chief financial officers by Gartner noted that about 82% plan on ramping up their investment in digital capabilities in fiscal 2021 over the prior year, while just under 70% said they planned on growing their IT investments over the same period.
Cybercrime is anticipated to cost $6 trillion in damages this year around the world, and rise to $10.5 trillion by 2025, according to Cybersecurity Ventures.
So it’s little surprise that Statista expects the global cybersecurity market to reach $345.4 billion by 2026, up 58% from the $217.9 billion cybersecurity market this year.
My Top Cybersecurity Play
Now, when it comes to recommending fundamentally superior cybersecurity plays right now, I personally like CrowdStrike Holdings, Inc. (CRWD).
The company is in the lucrative cloud security business—and its business has been booming since the global COVID-19 pandemic. Specifically, CrowdStrike offers real-time endpoint security, threat intelligence and cloud workload protection, helping prevent cyberattacks on and off an enterprise’s network.
The company’s platform, The CrowdStrike Falcon, utilizes its proprietary CrowdStrike Threat Graph to identify security threats and prevent data breaches. CrowdStrike boasts that its platform combines artificial intelligence (AI) and machine learning with behavioral analytics and 24/7 threat hunting all in one solution to protect all workloads on the network—cloud-based, on-premises and virtual environments.
Currently, CrowdStrike offers 16 modules on its Falcon platform, which includes next-generation antivirus protection, firewall management, malware search engine and analysis, threat intelligence and threat hunting. The company also acquired Preempt Security in September to expand its offerings to include identity protection.
Thanks to the addition of a record 1,660 new subscription customers, CrowdStrike achieved “outstanding” second-quarter results, which it released back on August 31. Second-quarter revenue soared 70% year-over-year to $337.7 million, up from $199 million in the same quarter a year ago. Subscription revenue accounted for $315.8 million, or a 71% year-over-year increase. Analysts were expecting total second-quarter revenue of $323.16 million.
Second-quarter earnings surged 227.8% year-over-year to $25.9 million, or $0.11 per share, compared to $7.9 million, or $0.03 per share, in the second quarter of 2020. Analysts were looking for earnings of $0.09 per share, so CrowdStrike posted a 22.2% earnings surprise.
Looking forward to the third quarter in fiscal year 2022, CrowdStrike expects total revenue between $358 million and $365.3 million and earnings per share between $0.08 and $0.10. That’s in line with analysts’ current expectations for earnings of $0.09 per share on $350.92 million in revenue.
For fiscal year 2022, CrowdStrike anticipates revenue between $1.39 billion and $1.41 billion and earnings per share between $0.43 and $0.49. That compares to earnings of $0.27 per share and revenue of $1.36 billion in fiscal year 2021.
So, it should be no surprise that CRWD is highly rated in my Portfolio Grader.
While it struggles slightly in the cash flow and return on equity categories, CrowdStrike’s Quantitative Grade remains B-rated, which means institutional buying pressure under the stock is strong right now. Its Total Grade of a “B” makes it a Buy.
In fact, this company, which operates one of the largest online networks in the world and offers advanced security solutions to protect against cyberattacks, earns an “A” for its Quantitative Grade and a Total Grade of “A.”
Last month, the company recorded its strongest quarter ever as a public enterprise and beat analysts’ earnings and revenue estimates for its second quarter. Looking ahead to the third quarter, the company is already expecting to top earnings and sales forecasts.
P.S. You probably have a similar story to me.
You saved your money and invested wisely. You paid your taxes, even as they went up every year. And you raised your children on the promise of American democracy and capitalism.
Unfortunately, right now, successful Americans like us have a bullseye on our back.
If you have any money in savings, in the stock market, in a 401k or even cash stuffed under the mattress, this should make the hair on your neck stand up.
The disturbing truth is we’re at a major inflection point in American history. A radical shift is taking place.
There’s something serious taken root in America, and it’s not going away.
So to help understand the monumental problem we’re facing and why both our way of life and financial security are under attack, I put together a special presentation. Time is ticking, so if you want to protect yourself and grow your wealth, I encourage you to watch this briefing now.
Note: The Editor hereby discloses that as of the date of this email, the Editor, directly or indirectly, owns the following securities that are the subject of the commentary, analysis, opinions, advice, or recommendations in, or which are otherwise mentioned in, the essay set forth below:
CrowdStrike Holdings, Inc. (CRWD), Microsoft Corporation (MSFT), Amazon.com, Inc. (AMZN)