Personally, I don’t fear a nuclear attack.
Despite all the scripted drama and political rhetoric over a terrorist group getting its hands on a nuclear device, the reality is nukes are cost prohibitive, even for the most well-heeled groups.
Remember, Saddam Hussein tried to develop them and failed.
North Korea has dumped billions into successfully producing a nuclear device... and that’s basically at slave labor costs. But it took decades to build, and the country still can’t fit it on a missile.
Sure, I’ll be entertained by a show or movies about a terrorist organization trying to steal a nuke or buy one... But the immense costs of attaining one make it a less likely reality.
A cyberattack though... that’s much more reasonably priced -- and getting cheaper by the day. In this article, we’ll examine what that means for you and look at some steps you can take to protect yourself... and potentially profit from the threat.
Even Toasters And Teddy Bears Aren’t Safe
One of my top investment trends this year is the “Internet of Things” (IoT) and artificial intelligence.
These disruptive trends are changing the world -- for better or for worse. And they’ll impact every single one of our lives. In fact, they already have.
They’ll also continue to provide investors opportunities to score big gains.
There are already more than 6 billion devices (excluding smartphones, computers or tablets) connected to the internet. These “smart” things include refrigerators, televisions, security cameras, toothbrushes, toys, etc.
By 2020, the number of devices connected to the internet is expected to swell to more than 20 billion, according to the consulting firm Gartner.
These things are designed to make our lives easier - for example, a refrigerator that knows you’re out of milk or eggs and is programmed to order more from an online grocer.
But of course, there’s a problem with all of this.
The more devices connected to the internet, the more opportunities there are for hackers to break in. Not matter how much you trust it, your fridge will give up your Gmail account password -- and possibly more.
That means there is a greater need for cybersecurity.
Just think about how much disruption was caused by the outage at Amazon’s (NASDAQ:AMZN) Web Services unit last week, which shut down the cloud computing platform that powers sites like Netflix (NASDAQ:NFLX), Tinder, Airbnb and Reddit for several hours.
And that incident was the result of a “fat finger” human error, not a cyberattack where the trends are really troubling. According to DMR, a digital marketing resource:
- Last year, 51% of U.S. adults suffered some sort of security incident. And globally, the number of data security breaches rose 40%.
- From 2013 to 2015, the cost of cybercrime quadrupled. And it’s expected to quadruple from 2015 to 2019 and reach $2.1 trillion.
In just one attack last October, 1.5 million connected cameras and DVRs were used to take down the website of a cybersecurity journalist.
That same month, sites like Twitter (NYSE:TWTR), Amazon, Spotify and Airbnb were taken down by a massive “distributed denial of service” (DDoS) attack. This attack was launched using tens of millions of CCTV cameras, webcams, DVRs and other internet-connected devices.
And just this week, WikiLeaks released documents suggesting the CIA wanted to turn smart TVs into remote surveillance devices.
If that isn’t scary enough, even teddy bears aren’t safe.
In February, Spiral Toys said that its internet-connected teddy bears were hacked. More than 800,000 customer credentials and more than 2 million message recordings were exposed.
And there’s a dire prediction from LogRhythm that in 2017, the internet will go dark for an entire 24-hour span because of an attack.
To show how vulnerable everyone is, there was a great experiment in The Atlantic last year by Andrew McGill.
He connected a toaster to the internet and wanted to see how quickly it would be hacked.
Security experts believed the first attack might happen in a week... at the quickest, maybe a day. And possibly never.
The first attack on McGill’s toaster happened 41 minutes after being connected to the internet. The second was 14 minutes later. And then another three minutes after that. That’s three attacks in the first hour.
And from 1:12 p.m. to 11:59 p.m., more than 300 IP addresses tried to attack McGill’s toaster.
Defense Is the Best Offense
I believe cyberdefense spending should be our nation’s top priority.
It won’t be. But as investors, we can make it one of ours.
So far in 2017, the PureFunds ISE Cyber Security ETF (NYSE:HACK) has outperformed the Dow Jones Industrial Average and the S&P 500.
The ETF is made up of companies like Fortinet (NASDAQ:FTNT), Symantec (NASDAQ:SYMC), Check Point Software (NASDAQ:CHKP), Splunk (NASDAQ:SPLK) and Qualys (NASDAQ:QLYS), as well as others.
And there are companies like NetScout’s (NASDAQ:NTCT) Arbor Networks division that specialize in preventing DDoS attacks, which are on the rise.
Part of this is everyone must stop thinking that hackers are loners sitting in rooms furiously plucking away at code. That’s such an outdated view. Hackers now lead botnet armies that are for rent.
Just as everything else has been automated... so has hacking.
There are robot hordes programmed to travel from one end of the internet to the other, tapping on everything along the way, looking for vulnerabilities.
That’s why breaches are increasing at the rates they are.
You’re Part Of The Problem
In one of my favorite movies (and arguably Mel Brooks’ best), Spaceballs, we learn a very important lesson about security.
Planet Druidia’s King Roland finally relents to the evil Dark Helmet’s demands, and he gives up the combination to the air shield... 1, 2, 3, 4, 5.
Dark Helmet famously responds, “So, the combination is 1, 2, 3, 4, 5... That’s the stupidest combination I’ve ever heard in my life! That’s the kind of thing an idiot would have on his luggage!”
The frustrating thing is that most people are just as stupid. The most common password in 2016?
"123456."
Nearly one in five people - or 17% - have set that as their password, according to password-management company Keeper Security.
In fact, there’s a list of the 25 most common passwords, and they account for 50% of all users’ passwords. The third most common is “qwerty” with the actual word “password” ranking No. 8.
In the attack on the security journalist’s website, most of the devices had the passwords “1234” or “password.”
In the attacks on McGill’s toaster, many of the attempts used the password “xc3511.” That’s the factory default password for a webcam. And those were the same webcams used in the DDoS attack in October of last year.
Even worse, Spiral Toys’ CloudPets collected information in a database that wasn’t behind a firewall or password protected.
You can use a password manager to protect yourself, but the easiest thing to remember is this: When it comes to passwords, size does matter. The longer the better. It’s also helpful to mix numbers and special characters into your passwords, like using the number 1 for “i” or $ for “s” for example. And, obviously, if your password is one of the top 25 most common, you want to change it right away.
There’s an old saying... “The internet wasn’t built with security in mind.” And it wasn’t. In the early days, there was a published directory of all the people on the internet. In the beginning, it was a very small community, and no one concerned themselves with security because everyone knew each other.
And violators would be ostracized or excluded.
The internet is now ingrained in everything. It’s an integral part of our lives, our businesses, our government and our world. Cybersecurity must be the No. 1 priority for defense. But each of us must make sure we’re not the weakest link in the chain as well.
Good investing