Stolen Master Keys

  • SUNBURST hack: Russia-did-it drumbeat grows louder
  • From WHO… to HOW?
  • James Altucher on “risks [that] create massive opportunities”
  • Fed cyber-spending and the worst offense
  • U.K. gridlock stinks to high heaven
  • Ray Blanco on vaccines’ rocky road
  • A general falls on his ultra-cold sword
  • OJ marketers miss the mark (day drinking 2020)
  • A reader BUGs out!

The present opportunity in cybersecurity stocks “would be like buying vaccine makers in late February before the COVID virus hit the states,” says our James Altucher.

We pick up where we left off last week — with the sophisticated and large-scale hack targeting big swaths of the federal government and more than a few outposts of corporate America too.

Since we went to virtual press on Friday, the Russia-did-it drumbeat is growing only louder. Secretary of State Mike Pompeo is the first executive branch official to go on record blaming Russia. The CEO of the cybersecurity firm FireEye, Inc. (FEYE) — which discovered the hack while investigating a breach of its own systems — also piled on the bandwagon.

But still, no one has presented anything that would constitute evidence.

Over at the Consortium News website, former CIA analyst Ray McGovern says the deep state is highly motivated right now to sabotage any plans Joe Biden might have to revive the arms control treaties with Russia that were junked by Donald Trump. “New Cold Warriors are bent on preventing any such rapprochement with strong support from the intelligence community’s mouthpiece media.”

Today, though, we put less emphasis on the whodunit angle… and more on how the so-called SUNBURST attack was done.

James Altucher is just the guy to help us peel the onion. In addition to his venture capital and hedge-fund experience, he’s a wicked-smart computer geek.

“SUNBURST,” he explains, “takes advantage of a tool called Orion made by SolarWinds (SWI).

“Orion is a network management tool, giving IT professionals the ability to manage and visualize network operations in real-time. In order to do this, Orion requires nearly complete access to a network — the master keys, so to speak. To make matters worse, SolarWinds is used by nearly 80% of the Fortune 500 as well as top defense agencies like all branches of the military and the NSA.

“By hacking Orion, the attackers gained access to the master keys of thousands of companies and government agencies.”

And they did it “by hacking into SolarWinds itself and burying a malicious code into legitimate Orion software updates, which nearly 18,000 SolarWinds customers downloaded.

“In a worst-case scenario, this attack could have far deeper consequences than the market or the media currently understand,” James ventures.

With his help, let’s break down the available information into what we know, what we can reasonably speculate about and what we don’t know.

What we know: “SolarWinds,” says James, “advised clients to disable antivirus software scanning of specific file folders in order for its application to perform optimally. Network management tools require deep system access, which can make their normal operation indistinguishable from malware.”


What we can reasonably speculate about: “Security experts believe a strategically planned attack like SUNBURST would likely target the lowest-hanging fruit first — that is, attacking networks with the highest potential value and the lowest risk of getting caught.

“If this was indeed the case, the attack on FireEye, which had a high probability of being found out, might suggest that the attackers had already infiltrated dozens of easier networks before targeting FireEye.”

What we don’t know: We still don’t have a handle on the scale of the attack — or the potential fallout. “SolarWinds’ super-access allows visibility into the entire network, including all devices, software versions, etc. This information provides a ‘Marauder’s Map’ of all of the vulnerabilities in an enterprise. At any given time, a company could have a list of hundreds of vulnerabilities that need to be prioritized by severity and patched. With a list on hand, sophisticated attackers would be able to exploit these vulnerabilities with targeted precision for months.”

Nor does it end there: “It is not entirely clear whether the attackers have moved to a second stage of an ongoing attack that has not yet been identified. Identification could potentially take years.”

If you get the idea the unknowns are huge, James says you’re right.

“Regulators and companies have been tight-lipped and have been downplaying the severity of the attack. The media don’t seem to understand enough to ask the right questions. To be completely honest, I don’t fully understand enough to ask all the right questions.

“But from the outside, this looks like a far bigger risk than anyone is taking into account.

“These types of risks, unfortunately, create massive opportunities,” says James. Which comes back to his analogy of buying vaccine makers last February.

“For now, I’m looking at investments in cybersecurity ETFs like BUG, HACK and CIBR. However, as I dive deeper into this story and explore the opportunity further, I should have some more specific recommendations to capitalize on this unfortunate crisis.”

Readers of James’ entry-level newsletter Altucher’s Investment Network will be first to know. If you’re not yet a subscriber, you can get a sense of the many opportunities on his radar at this link.

Before we move onto other matters today, some recovered history…

In the spring of 2017, we noted how 90% of federal cyber spending is devoted to offensive efforts — spying on and monkeying around with other countries’ computer systems and communications.

Only 10% is devoted to cyberdefense — protecting systems here at home.

Even worse, when the CIA found vulnerabilities in the hardware and software produced by U.S. tech firms, the agency did not advise those firms about what it found. Instead, it chose to exploit those vulnerabilities — seeking to sabotage systems and communications overseas.

Only when WikiLeaks exposed the CIA’s “Vault 7” files did companies like Cisco find out the scope of the problem on their hands. Which they immediately addressed.

That’s the federal government’s priorities for you. Is it any wonder the Beltway would rather blame foreign boogeymen when something like SUNBURST goes down, rather than look in the damn mirror?

But the feds falling down on the job is what opens up enormous possibilities for the savviest cybersecurity operators in the private sector. And the investors who fund their efforts. We’ll stay on the story…

The major U.S. stock indexes are retreating still further from last Thursday’s record closes.

At last check, the Dow is holding up best — but still down more than 1% and back below 30,000. The Nasdaq is down more than 1.5% to 12,546. The S&P 500 is taking it worst, down more than 1.75% to 3,642.

Hmmm… Rarely does the S&P make the biggest move among the major indexes, but today’s the first day Tesla Inc. is part of the index. Among those 500 companies, TSLA ranks No. 6 in market cap… and it’s down more than 5% on the day. So there.

Also of note: With Tesla now in the index, the S&P 500’s forward price-earnings ratio instantly jumps more than 10% — to 23.6, according to figures from asset manager Philip Jagd.

Establishment financial media are quick to chalk up the selling to the new COVID mutation that’s emerged in Great Britain.

At this early stage, it appears no more deadly — but it is more contagious. Thus, much of continental Europe is closing off travel and commerce with the U.K. Trucks are backed up at the Port of Dover — with all manner of messy unintended consequences, such as…

Scotland Tweet

But that explanation for the sell-off seems a little too pat from where we sit; equally possible is a “sell the news” reaction to the $900 billion stimulus bill that finally appears to be near completion in Washington.

We’ll spare you the details, which you can read about anywhere; we’ll simply note that the bill puts off the eviction moratorium for only a month, until Jan. 31. Just long enough for it to be a problem for a new president and new Congress, heh…

Crude is selling off in sympathy with stocks — down nearly $2 to $47.26.

Gold poked its nose above $1,900 overnight, but got quickly smacked down. As we write, the bid is back where it ended last week at $1,880. But silver has rallied past $26.

“Even with two promising vaccines lined up, we still have a long road ahead,” says our Ray Blanco on the science-and-wealth beat.

That’s an understatement: Over the weekend, the army general in charge of distributing COVID vaccines abjectly apologized for the fact that this week’s shipments will total 4.3 million — rather less than the 7.3 million state governors were expecting.

“I’m the one who approved forecast sheets. I’m the one who approved allocations,” said Gen. Gustave Perna. “There is no problem with the process. There is no problem with the Pfizer vaccine. There is no problem with the Moderna vaccine. I failed. I’m adjusting. I’m fixing and we’ll move forward from there.”

Something doesn’t ring true. Perna says he failed to make the distinction between vaccines that had been manufactured and vaccines that were actually ready for shipment after going through sterility and other tests.

Literally no one else in the food chain among a half-dozen federal agencies spoke up? Why is it left to the general to fall on his sword?

Perhaps — and we can only speculate here for lack of proper disclosure by the feds — the snafu has something to do with the super-low temperatures at which Pfizer’s vaccine must be stored and transported.

As we mentioned three weeks ago, we’re talking about nearly 100 degrees below zero Fahrenheit. And Moderna’s vaccine — which won emergency approval from the FDA late Friday — needs temps of -4 degrees Fahrenheit for long-term storage.

Meanwhile, Ray Blanco has his eye on a company developing a completely different kind of COVID vaccine. “Unlike Pfizer’s and Moderna’s mRNA vaccines, this one is a DNA vaccine. That means it’s stable at room temperature for up to a year, and up to five years if refrigerated.

“They can be stored just like the seasonal flu shot you can get at your corner drugstore, no special cooling equipment required. You can ship them anywhere in the world without special freezers. This without a doubt will curb some of the shipping and storage issues we are facing now to get Pfizer’s vaccine out to the masses.”

The company behind the vaccine won’t be first to market… but Ray is convinced it might prove to be the best at combating the virus. He stated his case in detail to us three weeks ago; if you missed it at the time, it’s worth another look.

Great moments in “brand positioning”…

Tropicana Tweet

Really well-played there, Tropicana orange juice. Encourage pandemic-stressed parents to sneak a mimosa as part of the morning routine.

“In the ad,” reports NBC’s Today show, ”mini fridges are hidden in the closet, the garage and even in the bathroom, filled with the ingredients for brunch’s favorite beverage (that’s one part sparkling wine, one part OJ).”

Yes, Tropicana — a unit of PepsiCo (PEP), if you wonder — paid an ad agency good money for this idea. Two ad agencies, in fact.

More from Today: “The ad campaign, from MullenLowe PR and Cramer-Krasselt, also asked parents to share stories of how they take a break. Celebrities like Molly Sims, Gabrielle Union and Jerry O’Connell were slated to participate on social media.”

And throughout the entire creative process, no one said something like, “Hey, you know, people tee-hee about it, but wineries wouldn’t advertise their goods as ‘mommy juice.’ Is this really a good idea?”

The mind boggles…

To the mailbag: “I agree that cybersecurity stocks & ETFs will do well in 2021. But BUG is the ETF to go to.

“HACK is up 34.4% for the year with a 1.27% dividend. BUG, however, is up 53.34% but its dividend is only 0.55%. I am willing to give up 0.7% in dividend to get an additional 19% in gains.

“Just an observation. Of course there are no guarantees of the same results in 2021 as 2020. I actually own both so I am pretty happy with the results.”

The 5: If you want to play it safe, and you’re talking about a truly niche sector like cybersecurity, a single ETF might not provide enough diversification. Good idea.

Best regards,

David Gonigam

Dave Gonigam
The 5 Min. Forecast

P.S. It’s one of the most lucrative trading strategies our team unveiled all year.

In fact, it defied the COVID-crash in March, booking a string of double- and triple-digit gains.

But we’re shutting down access tonight at midnight. Click here for the last-minute details.

Dave Gonigam

Dave Gonigam

Dave Gonigam has been managing editor of The 5 Min. Forecast since September 2010. Before joining the research and writing team at Agora Financial in 2007, he worked for 20 years as an Emmy award-winning television news producer.

Recent Alerts

Here Comes the AI Cartel

Maybe you saw the news earlier this week: An outfit called the Center for AI Safety issued a 22-word statement — as dire as it is terse. Read More

A Deal in D.C., a Wipeout on Wall Street

Debt ceiling deal, U.S. Treasury auctions, Wall Street liquidity, Fed policy reversal, BlackRock recession call, gross domestic income, GDI, Maryland license plate snafu Read More

Climate, Carbon… and Control

“The climate change agenda is not about climate change,” says Jim Rickards. “It’s about total political and economic control of the population.” Read More

White House’s New Witch Hunt

Go figure: The stock market is at nine-month highs, but the Biden administration is amping up its jihad against short sellers Read More

The Biden Bleed

Presidents have meddled with the SPR for political purposes. But Biden is really leveling up. Read More

Natural Gas Gets Blacklisted

The EPA — with Team Biden’s blessing — proposes an overhaul of U.S. power plants by 2042. Read More

Green Smokescreen

Ray Blanco is on the lookout for presumed do-gooders… blowing “Green Smoke” up our collective rear ends. Read More

“No Blood for Chips!”

Fair warning: This edition of The 5 might be the most controversial issue we’ve ever published. Read More

The Dollar’s Death March

Nine years after The 5 started writing about “de-dollarization,” you can’t get away from headlines about it now. Read More

The “F” Word

No sooner did G7 leaders sit down yesterday than they declared they’re doubling down on sanctions targeting Russia. Read More