Cybersecurity stocks have received a shot in the arm after Russian President Vladimir Putin invaded Ukraine and made sinister and vague threats against those who would help the country, but analysts are split on whether it was deserved and will last.
Russia has one of the foremost state-sponsored cyberwarfare capacities, and is often cited as supporting hackers who wreak havoc among Western organizations. When Putin invaded Russia on Feb. 24, cybersecurity stocks rallied and have outperformed the broader market by a noticeable margin, peaking on March 2.
Over those five trading days, the Global X Cybersecurity ETF
surged 16%, and both the ETFMG Prime Cyber Security ETF
and the First Trust Nasdaq Cybersecurity ETF
rallied 14%, while the iShares Expanded Tech-Software Sector ETF
rose 9%, and the S&P 500 index
gained 6%. Despite the IGV software index and S&P 500 handing back those gains as of Monday’s close, all three cybersecurity ETFs are up around 8%.
Truist analyst Joel Fishbein said in a recent note that “it is inevitable, in our opinion, that retaliatory strikes by Russia and nonstate actors against U.S. and Western Allies will include cyberattacks.”
Fishbein said the NotPetya cyberattack on Ukraine in 2017, which was attributed to Russian hackers, was estimated to cost more than $10 billion as it spread across the globe. “In our opinion, the current threat environment will give even additional impetus to cybersecurity spending across the board.”
“Cyberattacks are central to modern warfare and can quickly metastasize across a global economy reliant on tightly connected technology supply chains,” Fishbein said. “The digital blast radius for potential victims is widening as witnessed from the NotPetya cyberattack. In 2022, where the world is even more interconnected, a targeted attack like NotPetya will be incrementally more costly than in 2017.”
Fishbein also brought up the fear factor, quoting British military historian B.H. Liddell Hart: “The real target in war is the mind of the enemy commander, not the bodies of his troops.”
“Cyber threats to U.S. national and economic security do just that, by targeting the mind of the nation’s defense systems, and are increasing in frequency, scale, sophistication and severity,” the Truist analyst said.
On the other hand, UBS analyst Roger Boyd warned in a recent note, “do not expect a broad-based boost to near-term spending and believe the indiscriminate move in cybersecurity stocks could be overdone.”
“While the cumulative effect of a long string of high-profile attacks has helped cybersecurity outperform broader software” following a string of attacks since late December 2020, the short-term gains for cybersecurity stocks have “typically faded in the weeks/months after, as companies report earnings and downplay the direct impacts of these incidents,” Boyd said.
“Still, we see the cumulative outperformance as warranted given the the impact the consistent cadence of high-profile attacks has likely had on the durability of cybersecurity budgets,” Boyd said.
While Boyd used the Global X Cybersecurity ETF versus the iShares Expanded Tech-Software Sector ETF for his compared spread, which was by 31 points by Monday’s close, the spread between the ETFMG Prime Cyber Security ETF and the software ETF was 13 points.
Also, because of the different weightings of the ETFs, the BUG and CIBR ETFs have both gained more than 20% since late December 2020, while the HACK index is up nearly 6%. By comparison, the S&P 500 has grown nearly 14% over that time.
For example, BUG weights Palo Alto Networks Inc.
at 7.6%, while HACK weights it at 2.9%. Similarly, BUG weights CheckPoint Software Technologies Inc.
and Fortinet at 8.3% and 6.6%, respectively. In comparison, the HACK weights CheckPoint and Fortinet Inc.
and 2.8% and 2.5%, respectively.
While CheckPoint shares have only gained 17% since December 2020, Palo Alto Networks have surged 76%, and Fortinet shares have soared 127%. Similarly, shares of Mandiant Inc.
previously know as FireEye, have gained more than 40%, following a report the company was being acquired by Alphabet Inc.’s
On the other hand, not all cybersecurity boats have risen: Shares of CrowdStrike Holdings Inc.
have slipped 2%, SailPoint Technologies Holdings Inc.
have declined 7%, and Okta Inc.
shares have dropped 37%.
In mid-February, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued a “Shields Up” designation to U.S. organizations to be vigilant for the rising risk of cyberattacks that could result from the conflict.
“While there are no specific or credible cyber threats to the U.S. homeland at this time, Russia’s unprovoked attack on Ukraine, which has involved cyberattacks on Ukrainian government and critical infrastructure organizations, may impact organizations both within and beyond the region,” the agency said.
As of Friday, the agency said it had prioritized analysis of computer vulnerabilities that has been used by know Russian hackers, and added another 95 to its ongoing list.