This article is an on-site version of The Lex Newsletter. Sign up here to get the complete newsletter sent straight to your inbox every Wednesday and Friday
The Twitch hack that has set the gamer world alight was a deliberate attempt to hurt the Amazon-owned streaming platform. Data on the amounts earned by people who livestream themselves playing video games was leaked after an error in a server configuration change enabled a hacker to gain access. The person who allegedly leaked the data wrote on website 4chan that they wanted to disrupt Twitch, calling its community “a disgusting toxic cesspool”.
Embarrassing for Twitch and its owner, but this is far from the most serious hack of the past few years. An attack on the US Colonial Pipeline earlier this year forced offline the largest fuel pipeline in the US until a ransom was paid. Cyber security company CrowdStrike traced the origins of the hackers to a criminal group dubbed Carbon Spider, which is focusing more on ransomware.
Meat processing in the US was disrupted for three days before JBS, the world’s biggest meat processor, paid a ransom to hackers that had attacked its IT system. Go back a few months to December 2020 and you get the SolarWinds hack, in which the tech company was used as a way to gain access to US government agency clients. The hack has been dubbed the most sophisticated attack the world has ever seen.
Unsurprisingly, the steady stream of hacks and ransomware attacks has led to a jump in cyber security investment. In the last quarter, $5bn was funnelled into US cyber security start-ups, according to Crunchbase. That makes it the second-biggest quarter for funding on record. Recipients included Fireblocks, which offers security for digital assets. Rising prices in cryptocurrencies have made so-called crypto security an increasingly lucrative part of the market.
You can also see the impact of cyber crime in the multiples at which listed cyber security companies trade. Cloud security company CrowdStrike’s stock price almost doubled on its first day of trading in 2019. It now trades at 214 times forecast ebitda, according to S&P Global data. CrowdStrike has benefited from the continuing shift to cloud computing — something that became even more urgent in the pandemic. Revenue is expected to rise 60 per cent this year to $1.4bn. Analysts at Wedbush believe there is a $300bn opportunity in cloud security alone.
SentinelOne, based in Mountain View, California, moved into cloud security in 2018. The company listed in June with a market value of $8.9bn, making it the highest-valued US cyber security initial public offering. Although it is smaller than CrowdStrike, which has an equity value of $56bn, it is growing more quickly. This year, revenues are expected to double to $189m.
In the UK, cyber security company Darktrace has been one of the biggest IPOs of the year. Shares in the lossmaking company rose quickly after it listed in April. But they fell back in the summer amid news that pre-IPO private equity investors KKR, Summit Partners and Balderton Capital were selling their holdings.
Still, demand for cyber security services is on a steady upwards trajectory. Every high-profile hack is another reason for organisations to consider increasing their budget for security. They act as propulsion for share prices in cyber security companies such as CrowdStrike and Cloudflare.
Governments are considering the possibility of more forceful intervention. US president Joe Biden has announced that the White House wants to work with 30 other countries on fighting cyber crime. He signed an executive order in May that raised standards on cyber security for software sold to the government. Hacks have focused lawmakers’ minds on the fact that essential services must be better protected. The cyber security sector is poised to benefit.
Enjoy the rest of your week,
Deputy head of Lex
If you would like to receive regular updates whenever we publish Lex, do add us to your FT Digest, and you will get an instant email alert every time we publish. You can also see every Lex column via the webpage