Software security stocks including Symantec Corp. (SYMC), Sophos Group (SOPH.L) and Palo Alto Networks Inc. (PANW) were gaining in trading Monday as investors bet that a globe-spanning ransomware​ attack this last weekend will prompt governments, companies and institutions to increase their spending on security software. Microsoft Corp. (MSFT) and Cisco Systems Inc. (CSCO) also stand to benefit, although the stocks weren’t trading up.

Late last week, a ransomware attack, in which hackers locked up computers and threaten to delete all the files on their hard drives if the users didn’t pay up, swept throughout the world Friday starting with hospitals in the U.K. Since then, officials from countries and companies around the globe reported being hit by the attack. The virus, which impacted factories, hospitals, schools, stores and host of other businesses, prompted investors to buy security stocks, betting their business will increase in the wake of what is likely a coordinated effort by hackers. At last count, the attack impacted computers in more than 150 countries with more fallout expected as the day goes on. In the U.K. on Friday, hospitals urged people to avoid them if at all possible as they worked to prevent the ransomware from spreading. (See also: Microsoft Word Target of Zero-Day Malware Attack.)


"These attacks help focus the minds of chief technology officers across corporations to make sure security protocols are up to date, and you often see bookings growth at cybersecurity companies as a result," said Neil Campling, head of technology research at Northern Trust, in an interview with Reuters. Campling pointed to Britain's Sophos as one cybersecurity company that stands to benefit from the global attack. Other security companies that may see an uptick in business include FireEye Inc. (FEYE) and Cyberark Software (CYBR), noted Reuters. (See also: Nokia Study: Smartphone Malware Spiked 400% in '16.)

Unpatched and Vulnerable

In a research report issued earlier Monday, Morgan Stanley said it also expects business for security companies to step up given the breaches can negatively impact the reputation of a company and thus the share price. "Reducing the cost of security breaches by only 10 percent can save global enterprises $17 billion annually," Morgan Stanley wrote in the report, which was covered by Reuters.

In a blog post Monday, Brad Smith, president and chief legal officer at Microsoft, railed against the U.S. government, particularly the National Security Agency, since the ransomware, dubbed “WannaCrypt,” used exploits in older versions of Windows that were stolen from the NSA to infect computers. “That theft was publicly reported earlier this year. A month prior, on March 14, Microsoft had released a security update to patch this vulnerability and protect our customers. While this protected newer Windows systems and computers that had enabled Windows Update to apply this latest update, many computers remained unpatched globally. As a result, hospitals, businesses, governments, and computers at homes were affected,” Smith wrote.

He went on to argue that the government bears some responsibility for this latest global attack as do computer users that fail to patch their computers. “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” he wrote.  





Want to learn how to invest?

Get a free 10 week email series that will teach you how to start investing.

Delivered twice a week, straight to your inbox.