Old Problems, New Technology: Cybersecurity Today and the Companies Leading the Way
The term “cybersecurity” often brings to mind images of either a nefarious looking hooded computer nerd superimposed over floating dollar signs or a picture of a shiny lock superimposed over a background of floating binary numbers - imposing and futuristic stuff!
While we are all enamored with the newest and shiniest things, let's not forget that current cybersecurity technology is just another step in the evolution of protecting communications and data storage. Securing information and verifying identity are millennia-old processes that started with trusted couriers and clay seals. Today’s trusted couriers come in the form of digital identity verification, with clay seals in the form of 256 bit (and higher) encryption. In addition to this framework are the secure message pathways in the form of what is known as “end-to-end” encryption, which not only wraps each message in encryption but provides a fortified route in between any and all participants.
At a high level, the basic approach to message security hasn't changed over thousands of years. Long ago, anyone looking to disrupt secure communication could do so by either corrupting the messenger or capturing the message en route and modifying or replacing the message contents altogether. When we look at how this can happen today, the basic approach is the same but the methods have once again evolved.
Let’s take a look at how hackers can compromise your communications and data - the “attack vectors.”
Following the analogy, you are the messenger. Clearly, you are not about to be abducted and interrogated for your personal information. However, you are constantly under attack by hackers trying to trick you into providing login credentials and other sensitive information through broad-based email phishing attacks or increasingly through extremely targeted spearfishing email campaigns. These campaigns will present some urgent message requiring you to log into the website of company "X" to check a balance, check new activity or receive an "important update" using the handy login link provided in the email. The link, of course, leads to a web page that looks exactly like the login screen for your bank or brokerage but once you enter your login credentials the website tells you "Something happened" and they couldn't access your account.
Well, what happened is you just gave someone access to your bank, brokerage, or other account. Besides being vigilant about questioning where emails are coming from and what links users should be clicking, there are a number of companies helping users safely navigate cyberspace. Third-party anti-virus programs by providers like Norton (Norton Lifelock:NLOK), Symantec (Broadcom:AVGO), and McAfee (Intel:INTC), as well as integrated protections like Microsoft’s (MSFT) Windows Defender are helping users identify malicious emails by doing all the things that users either are too “busy” to do or are otherwise unaware they should be doing.
What is interesting about how they all provide this level of protection is essentially how these same programs detect potential virus threats, by searching the text of each message for previously defined URLs, domains, or embedded scripts. What we love about antivirus software is that it’s essentially a huge Ctrl-F(U) search that matches up embedded viruses in files to snippets of existing known virus code and shuts down hackers.
Browsers increasingly are being equipped with resources to protect users as well, restricting access to harmful sites using research powered by companies like CloudFlare (NET) and Splunk (SPLK) who (in addition to doing a bunch of other stuff) identify suspicious domains and flag them as such or independent researchers like Brian Krebs who keeps an eye on what's happening on the "dark web" and helps keep the rest of us noobs aware of what's actually going on out there.
In the next stage of the analogy, let’s look at message security. Again, in ancient times an unbroken clay seal was a sign that contents had not been tampered with. Over time, clay gave way to wax, which in turn has given way to impossibly large prime numbers and 256-bit (and higher) message encryption. Bottom line is that it would take an entirely unreasonable amount of time to brute force crack a 256-bit encryption key. The TL;DR version? This attack would take several million years using a supercomputer. Good luck with that.
The analogy gets a little fuzzy at this point as back in the day, nobody would build a fake road and town to fool someone into thinking they were someplace they weren’t. (Or would they? Looking at you Rock Ridge…) However, in this day and age, visiting your bank or brokerage is a purely virtual experience and in as much as you expect to arrive at your bank’s doorstep (virtually speaking), how do you know you are where you’re supposed to be?
That’s where companies like CloudFlare, Verisign (VRSN), and Akamai (AKAM) come into play. These companies (including ISPs, and divisions of Alphabet (GOOGL) and Microsoft among others) maintain Domain Name Server (DNS) lists. Simply put, DNS is what makes sure that when you type www.nasdaq.com into your browser you are directed to that website and nowhere else. DNS is essentially a huge mapping table that makes sure that the URLs we humans know and understand are tied to the correct IP addresses that computers “know and understand.” The responsibility of maintaining and protecting these lists is immense and companies in this space are arguably among the most important players in internet security. It’s not the flashiest work, but it is essential that it is done and done well.
In as much as there are precautions that make sure we are going to the actual sites we want to visit, there are companies that make sure that when we show up at those sites we are who we say we are. Companies like Sailpoint (SAIL), LogMeIn (LOGM), and Ping Identity (PING) provide security to companies both externally and internally, ensuring that the users accessing their networks should be allowed in.
To recap, security is nothing new. However, how it is implemented is pure science fiction as compared to 30 let alone 3,000 years ago. The good news is that these new approaches not only give us better, safer online environments but amazing investment opportunities as well.
- Sailpoint (SAIL), LogMeIn (LOGM),Ping Identity (PING), CloudFlare (NET), Verisign (VRSN), Akamai (AKAM) and Norton Lifelock (NLOK) are constituents in the Foxberry Tematica Research Cybersecurity & Data Privacy Index.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.