At the end of last week, the NHS was forced to delay operations and cancel appointments, as its systems were overwhelmed by a virulent and debilitating infection.
Things are calming down now, but dealing with the fallout and the rescheduling is likely to increase waiting times for appointments across the system.
It shows how disruptive a widespread outbreak can be, and how we need to work out how to prevent these things from happening.
But this wasn’t some strain of bird flu, or a particularly nasty outbreak of norovirus.
This was a computer virus…
Computer viruses really can affect the “real” world
Ransomware is a nasty business. It’s a type of computer virus that gets into your system, locks up your files, and then tells you to send the hacker a certain amount of money (usually in bitcoin), if you want the files to be unlocked again. If you don’t pay up right away, the price goes up.
The NHS, and many other organisations across the globe, saw its systems hijacked by a particularly virulent form of ransomware, at the end of last week.
The WannaCry virus (as it’s called), apparently all spread out from one computer, reports the Financial Times. Someone opened a dodgy email attachment (I’m sure I don’t need to tell you, but you should never do this). The WannaCry virus attacked their computer, locking up the hard drive.
But it did something else first. It used a security loophole in old versions of Windows software that allowed it to spread via methods used to share files with other computers.
So rather than having to get another few hundred thousand naïve users to open dodgy emails and click on the attachments, it could bypass all that. Instead, it could march onto another computer through a shared drive, or a dropbox arrangement. And that’s how it was able to spread so quickly.
The NHS was a particularly high-profile victim. But others included Spanish telecoms group Telefonica, car manufacturer Renault, Russia’s Sberbank, and US parcel group FedEx.
Assuming you haven’t been directly affected by it, the story is fascinating. It’s also troubling. The technique used by the virus was based on a “cyberweapon” that was developed by America’s National Security Agency. This was stolen and leaked online by a group of hackers.
This particular cyberweapon was named “EternalBlue”, by the way. The hackers who stole it are the “Shadow Brokers”. You can see why people struggle to take this stuff seriously when every single piece of terminology they use calls to mind groups of pallid teenage boys sitting in their bedrooms and poking away at their keyboards while living out fantasies of world domination.
The only thing that stopped it was that an anonymous British hacker (one of the “goodies”) found an “off” switch for the virus. It could be reactivated by its creators, but so far that hasn’t happened.
Cybersecurity companies will be the new infrastructure stocks
So why is this relevant to your money? Well, as you’ve probably guessed, this is bound to be good news for spending on cybersecurity.
People who use computers, but don’t have a particularly deep understanding of them (people like me and, I imagine, many of you), find them incredibly useful. But we still find it hard to visualise just how dependent we’re becoming on them.
As a result, we’re willing (knowingly or otherwise) to trade off huge amounts of privacy and commercially valuable data in order to enjoy the benefits of instant access to information and convenient commerce. And when it comes to security measures, we’re sloppy or uninformed.
Yet if a computer virus can have blatant real world consequences – such as stopping you from getting an operation that you’d already been waiting six months for – then that’s a bit of a wake-up call.
What if a virus can have other real-world effects? Like cutting off your energy supply? Or cutting you off from the electronic payments system? Or – once all our cars are networked to one another – shutting the entire transportation system down?
Suddenly, when the government turns around and says it needs to spend an extra “x” billion on the NHS IT system, no one complains. When more of the defence budget goes on addressing ill-defined cyberdefences, we won’t mind. The FT compares this to the millennium bug, “another serious threat that forced an overhaul of many computer systems at the end of the 1990s”.
Of course, a lot of people argued at the time that the money spent on the millennium bug was wasted, and that it was all a fuss over nothing. Others argue that it was only the heroic investment by global IT departments that prevented disaster. We’ll never know.
So this is good news for cybersecurity stocks. Governments are looking to spend money on “infrastructure”. But they always struggle to find “shovel-ready” projects that will deliver benefits on a timeline compatible with the electoral cycle, because while everyone wants lovely shiny new physical infrastructure, they don’t want it in their back gardens, or disrupting their daily commute while it’s installed.
Cybersecurity is ideal. It’s shovel-ready, it involves spending money on stuff and paying wages to people – it’s a stimulus in all but name. And now it’ll be politically popular too. So that’s got to be good news for stocks in the sector.
We’ll be looking at it in more detail in MoneyWeek magazine soon – you can subscribe here), but in the meantime, if you’re interested in the sector, you could take a look at the ISPY exchange-traded fund – the full name is ETFS ISE Cyber Security Go (LSE: ISPY).
We’ve tipped the fund a couple of times in the past (last time was in November, since when it’s up a healthy 10%-plus). I’d treat it with the caution you would any fund with a gimmicky name and a catchy theme. But the sector is undeniably popular right now, and it could be useful for generating stock ideas for further research.
What does this mean for bitcoin?
The implications for bitcoin are also intriguing. Bitcoin has been performing spectacularly well recently. But if people start to associate it too closely with crime networks, there will be calls for “something to be done”.
I’ve already noticed that this morning’s online comments sections have the odd person arguing that anonymous cryptocurrencies encourage ransomware attacks, and the Wall Street Journal has a big piece on it. So, in the short term, this could be the pin to pop the latest cryptocurrency mini-bubble (it’s drawing too many headlines right now, so this would be about the right time, sentiment-wise).
However, in the longer term, could this trigger the next step in bitcoin’s evolution? After all, the best way to undermine the criminal appeal of almost any clandestine substance or network is to bring it into the mainstream. It could be very interesting to see what happens next.