Next Investors logo grey

Recent cyber attacks reveal opportunities for ASX investors


Published 24-JUN-2020 10:11 A.M.


7 minute read

Hey! Looks like you have stumbled on the section of our website where we have archived articles from our old business model.

In 2019 the original founding team returned to run Next Investors, we changed our business model to only write about stocks we carefully research and are invested in for the long term.

The below articles were written under our previous business model. We have kept these articles online here for your reference.

Our new mission is to build a high performing ASX micro cap investment portfolio and share our research, analysis and investment strategy with our readers.

Click Here to View Latest Articles

News of cyber attacks on Australia have hit the headlines since Friday when Prime Minister Scott Morrison revealed that a "sophisticated state-based actor with significant capabilities" was behind a "malicious" wave of attacks.

While he chose not to name the responsible party, Australian security agencies say China is behind the attacks, with Beijing likely triggered by Australia’s outspoken support of a coronavirus inquiry.

Morrison admitted that the attacks have been ongoing for months, but that their frequency had recently escalated. The theft of intellectual property is believed to be the primary motivation, with all levels of government targeted, along critical Australian infrastructure, including state-owned utilities and hospitals.

While the issue is only now gaining widespread media attention, the Australian Financial Review reports that growing tensions with China have contributed to a 330% increase in cyber attacks on Australia since the start of the year. The hardest hit being defence contractors along with venture capital firms.

The AFR’s Andrew Tillett reports that China’s cyber attacks on Australia “began about 18 months ago when Australia rejected Chinese company Huawei's participation in the rollout of the 5G network”.

However, these latest attacks on Australia are just “the first salvo in new Cold War,” said Terry Roberts in an opinion piece for The Australian on Monday.

Roberts is a US national security and cyber intelligence executive with over 25 years’ experience including leading software assurance and architecture bodies of work for Carnegie Mellon SEI, described”.

Roberts, who a former US naval intelligence deputy head and founder and CEO of cybersecurity firm Whitehawk Ltd (ASX:WHK), says that we shouldn’t believe that the “state-base actor” failed in its attack on Australia.

She says, “it would be extremely naive to assume that the cyber attacks on the nation’s businesses and governments failed, and that “the more hue and cry an attack generates, the more review there should be to ensure it is not a diversionary feint to cover for an entry to a longer-term main objective.”

Roberts added, “There are two probabilities that should never be discounted – one is to gain root control of a network, and/or to conduct long-term reconnaissance on their targets’ architectures, operations, communications and data.”

Barclay Pierce Capital reported these possibilities, highlighting Roberts’ comments:

"In the first possibility the bad guys are now effectively equivalent to your IT administrators. You can think of it in terms that instead of being the helpful folks who ask if you’ve tried turning your laptop off and on again, they are now cloaked forces bent on your future disruption, by mapping your networks, potentially waiting for the right future moment to attack.

“And in the case of critical infrastructure, ‘acting’ could mean launching a comprehensive sequence of criminal attacks.

“In the second possibility – long term reconnaissance – the infiltrators’ totally primo and likely target is an organisation’s personnel files.

“It is here that their counterintelligence people can go to work looking for individual personal vulnerabilities – to find the weakest link who can be bribed, flipped, cajoled, frightened, blackmailed or otherwise suborned. As has been the case with the 2015 attack on the U.S. Office of Personnel Management (OPM)."

Former Prime Minister, Malcolm Turnbull — who has joined the board of cyber protection start-up Kasada and invested $1 million in the venture — also expects the continuation of cyber threats from malicious actors.

Turnball told the AFR, “We are seeing unprecedented scale and rate of compromise, as tactics used by malicious actors become more sophisticated.”

He said that the recent attacks justified his decision as PM to prevent Huawei from supplying equipment to build a 5G network in Australia — a statement that Huawei has since hit back against.

As reported by Fairfax, foreign policy experts from the University of Sydney’s United States Studies Centre say that Australia and the US must strengthen their ability to counter disinformation campaigns.

These experts stress this as an urgent priority in light of China's tactics during COVID-19, which Fairfax in March suggested involved Beijing “seeking to use the crisis to its advantage in a global propaganda push”.

The government is expected to release its new four-year cyber security strategy in the coming months but said it will name the countries involved in a cyber attack only “when it is clear and in our national interest to do so.”

While these attacks are no doubt detrimental to Australia, our government and industries, they do present opportunities for investors.

Since Friday, a number of ASX-listed cybersecurity companies have seen huge volumes of shares traded as the market recognising the growth potential in cyber security.

Canberra-based archTIS (ASX:AR9) has attracted attention since Morrison spoke on Friday morning. Reports of the cyber attack coincided with news that archTIS has secured its first commercial Australian Defence Industry contract with Northrop Grumman.

ArchTIS specialises in the design and development of products, solutions and services for secure information sharing and collaboration.

The firm has over 10 years’ experience delivering secure information and identity management services and solutions within the highest security levels of the Australian Government.

WhiteHawk (ASX:WHK), under the leadership of Terry Roberts, has developed an impressive portfolio of proprietary cybersecurity technologies and services.

WhiteHawk shares have gained 63% to $0.083 since Thursday’s market close. Much of that rally followed the company being named the Next Tech Stock’s pick of the year in a report published on Monday.

Based in Virginia, USA, central to the country’s Defense headquarters at the Pentagon, the WhiteHawk has multiple contracts with US federal government departments, along with leading US financial and insurance institutions.

The company’s is rapidly growing its revenues and has further contracts in the works. We expect this to continue considering the rise is cyber attacks, with the US a considerably larger target of China and other malicious actors than the Australian government.

Further, the US Defense Industrial Base in the process of introducing new cyber security requirements for each of its 300,000+ supply change contractors and vendors, and WhiteHawk has access to this huge market via its existing US Department of Defense contracts.

Tesserent (ASX:TNT) is another cybersecurity provider that has benefited from the attention on the sector — its shares have gained 35% since Thursday.

Tesserent provides full service, enterprise-grade cybersecurity and networking solutions targeted at mid-market customers in Australia, and internationally in the UK and Korea. Its integrated solutions cover identification, protection and monitoring against cybersecurity threats.

The Tesserent group of companies includes Pure Security (Hack Labs, Pure Hacking, Certitiude and Securus Global), Rivium, and North Consulting.

Just over a week ago, North was appointment to the Defence Industry Security Program (DISP) — a mandatory accreditation required by firms wishing to gain access to Australian Defence security services.

Perth’s Vortiv Ltd (ASX:VOR) is a technology-based company focused on cybersecurity and cloud infrastructure and security and another strong recent performer in the sector.

The company has 100% ownership of Decipher Works, a Sydney-based cybersecurity specialist that provides consulting and managed services to financial institutions and large corporations.

It also owns 100% of Cloudten Industries, a cloud and cloud security specialist that assists the government, financial institutions and large corporations migrate, secure and manage their infrastructure in the cloud.

Additionally, the company has a 24.89% interest in TSI India, which has created a scalable operation in the field of e-transactions and payments in India. TSI India owns and manages ATMs for over 30 major banks and offers Bill Payment services to utility companies in India.

General Information Only

S3 Consortium Pty Ltd (S3, ‘we’, ‘us’, ‘our’) (CAR No. 433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information and is for informational purposes only. Any advice is general advice only. Any advice contained in this article does not constitute personal advice and S3 has not taken into consideration your personal objectives, financial situation or needs. Please seek your own independent professional advice before making any financial investment decision. Those persons acting upon information contained in this article do so entirely at their own risk.

Conflicts of Interest Notice

S3 and its associated entities may hold investments in companies featured in its articles, including through being paid in the securities of the companies we provide commentary on. We disclose the securities held in relation to a particular company that we provide commentary on. Refer to our Disclosure Policy for information on our self-imposed trading blackouts, hold conditions and de-risking (sell conditions) which seek to mitigate against any potential conflicts of interest.

Publication Notice and Disclaimer

The information contained in this article is current as at the publication date. At the time of publishing, the information contained in this article is based on sources which are available in the public domain that we consider to be reliable, and our own analysis of those sources. The views of the author may not reflect the views of the AFSL holder. Any decision by you to purchase securities in the companies featured in this article should be done so after you have sought your own independent professional advice regarding this information and made your own inquiries as to the validity of any information in this article.

Any forward-looking statements contained in this article are not guarantees or predictions of future performance, and involve known and unknown risks, uncertainties and other factors, many of which are beyond our control, and which may cause actual results or performance of companies featured to differ materially from those expressed in the statements contained in this article. S3 cannot and does not give any assurance that the results or performance expressed or implied by any forward-looking statements contained in this article will actually occur and readers are cautioned not to put undue reliance on forward-looking statements.

This article may include references to our past investing performance. Past performance is not a reliable indicator of our future investing performance.