Cybersecurity stocks and sector-related exchange traded funds are rallying as details emerge on a broad attack of U.S. federal systems.
Among the best performing non-leveraged ETFs of Friday, the Global X Cybersecurity ETF (BUG) rose 6.6% and the First Trust NASDAQ CEA Cybersecurity ETF (NasdaqGM: CIBR) rose 3.9%.
Cybersecurity stocks are gaining momentum after suspected Russian hackers broke into systems of a U.S. internet provider as part of a cyber-espionage campaign, Reuters reports.
The security breach, which hijacked network management software made by SolarWinds Corp to access a wide range of U.S. government agencies, is one of the biggest ever uncovered.
The hackers are believed to have gleaned information on the U.S. departments of Defense, State, and Homeland Security, along with less high-profile organizations, such as Cox Communications and the local government in Pima County, Arizona.
According to researchers at Moscow-based cybersecurity firm Kaspersky, a type of web record, known as a CNAME, includes an encoded unique identifier for each victim and revealed which “backdoors” the hackers chose to open.
“Most of the time these backdoors are just sleeping,” Kaspersky researcher Igor Kuznetsov told Reuters. “But this is when the real hack begins.”
It is not yet clear what type of information, if any, was compromised.
The week-long saga began when SolarWinds, which disclosed its unwitting role at the center of the global hack on Monday, warned that up to 18,000 users of its Orion software downloaded a compromised update with malicious code planted by attackers.
As the week progressed, more confirmed the security breach. At the U.S. Energy Department, U.S. officials warned hackers had used other attack methods and urged organizations to take precautions even if they didn’t use recent updates of the SolarWinds software.
“It’s certain that the number and location of victims will keep growing,” Microsoft President Brad Smith said in a blog post. “The installation of this malware created an opportunity for the attackers to follow up and pick and choose from among these customers the organizations they wanted to further attack, which it appears they did in a narrower and more focused fashion.”
For more news, information, and strategy, visit the Innovative ETFs Channel.