WannaCry has sent investors in cybersecurity stocks laughing all the way to the bank.
The WannaCry cyberattack – the largest ransomware attack in the world to date – has caused untold misery, but not for investors in cybersecurity firms.
The malware, which has hit more than 200,000 systems in 150 countries according to Europol, caused shares to surge in security technology firms, and it is believed that the attack will lead to more sales of security products.
While the perpetrators behind the WannaCry ransomware may only have succeeded in getting people to cough up $50,000 so far in bitcoin since the attack began Friday (12 May), large technology companies are the real beneficiaries.
The market capitalisations in five of the biggest cybersecurity companies ranked on the PureFunds ISE Cyber Security exchange-traded fund (ETF), known as HACK, rising to $5.9bn yesterday.
Among its companies, Symantec added $750m to its market cap since Friday.
The HACK ETF, which tracks 40 companies in the cybersecurity industry, rose 3.3pc in trading yesterday.
The exchange benefited before from hackers’ exploits, with investors pouring $1.4bn into the fund when it was founded following the highly publicised breach at Sony Pictures Entertainment.
Among the companies in the HACK ETF were Cisco, which rose 2.8pc; Symantec, which rose 4pc; CheckPoint Software, which rose 2.4pc; and Palo Alto Networks, which rose 3.7pc.
The companies that saw their stocks surge the most following the WannaCry cyberattack included Mimecast, up 11pc; Sophos, up 7.8pc; Proofpoint, up 7.3pc; and FireEye, up 7pc.
Impact of WannaCry
The highest-profile victim of the WannaCry malware was the NHS in the UK, which saw 16 hospitals and 40 organisations infected with the virus. In Ireland, the HSE confirmed that three hospitals that had 20 machines infected by a virus have been isolated from networks, and will remain isolated for a further 48 hours to protect itself from the attack.
WannaCry exploited vulnerabilities in systems running older versions of Windows, including XP and Windows 8.
The attackers began by demanding $300 in bitcoin before doubling the amount to $600. Despite the global nature of the cyberattack, it has delivered meagre pickings for the attackers, rising from $26,000 at the weekend to a current amount of $50,000, which the hackers have yet to retrieve.
Two security firms, Symantec and Kaspersky, believe that the ransomware code bears similarities to the code used by the Lazarus Group, a hacker collective with North Korean ties, which was also involved in the attack on Sony Pictures in 2014 and an attack last year on a Bangladesh bank.