General Industry Update
Microsoft Corporation reported that a Russian-linked hacking group, identified as “Nobelium” or “Midnight Blizzard,” targeted its corporate systems, gaining access to a “small number” of email accounts, including those of senior leadership, cybersecurity, and legal personnel. The hacker group, previously linked to Russia, utilized a “password spray” attack, a form of brute force attack, in November to infiltrate Microsoft’s systems. The breach did not extend to customer systems or outward-facing servers and the intrusion was first detected on January 12.
Microsoft is taking immediate action to address vulnerabilities in older systems, anticipating some potential disruptions. The company clarified that there is no evidence hackers accessed source code or artificial intelligence systems.
The same hacking group had previously targeted SolarWinds Corp in 2020 as part of a significant cyber espionage attack against parts of the U.S. government. Microsoft assured that steps are being taken to secure and rectify the situation.¹
CrowdStrike CEO George Kurtz, commenting on the breach, emphasized Nobelium’s persistent and systematic “low and slow” hacking approach as exceptionally patient and challenging to counter. Kurtz contrasted this technique with that of other foreign adversaries, which he characterized as “smash and grabs” compared to the prolonged and covert nature of Nobelium’s operations.
Kurtz said that CrowdStrike has successfully thwarted cyberattacks from this same hacker group in the past, and pointed out that some Microsoft customers seek additional support from his company. Emphasizing the complexity of cybersecurity, Kurtz stated that security is a challenging problem, and no single company can address it entirely.²
Company Specific Updates
CrowdStrike announced in January that its AI-native CrowdStrike Falcon XDR Platform has successfully completed the Australian InfoSec Registered Assessors Program (IRAP) assessment and achieved an AL3 designation in the Trusted Information Security Assessment Exchange (TISAX) registration in Europe.
The completion of IRAP and TISAX assessments expands the reach of CrowdStrike’s industry-leading protection to the Australian government and the European automotive supply chain. CrowdStrike, which already collaborates with entities like the Spanish National Cryptologic Center and the United States Department of Defense, aims to provide global customers with a robust security platform to prevent breaches.
The IRAP assessment, administered by the Australian Cyber Security Centre, affirms CrowdStrike’s commitment to addressing the cybersecurity needs of the Australian public sector. This achievement accelerates CrowdStrike’s capability to offer top-tier security to a broader customer base in the sector.
In Europe, achieving TISAX AL3 registration, the highest assessment level, positions CrowdStrike as a trusted partner for customers across the European automotive supply chain. The certification assures clients that the Falcon platform meets the region’s stringent information security requirements, facilitating its adoption with confidence.³
Fortinet has unveiled the industry’s inaugural integrated Wi-Fi 7 secure networking solution, combining the FortiAP 441K access point and FortiSwitch T1024 10 Gigabit Power over Ethernet switch. These innovations aim to deliver not only enhanced cybersecurity protections but double the speed and capacity of existing solutions, addressing the escalating demands of modern enterprise wireless networks.
The FortiAP 441K leverages Qualcomm’s Wi-Fi 7 technology, offering up to 2x faster wireless connections, faster data transfer with 4096 QAM support, lower latency through 320MHz channels, and improved load balancing. The FortiSwitch T1024, designed to support Wi-Fi 7-enabled access points, features 10 Gigabit Ethernet access and 90W Power over Ethernet technology.
Fortinet’s Chief Marketing Officer, John Maddison, emphasizes the convergence of networking and AI-powered security in their comprehensive solution, providing unmatched security, visibility, and control. The integration ensures enterprise-grade protection, AI-powered security, and AIOps automation capabilities, addressing the cybersecurity challenges posed by the increased data-rich traffic associated with Wi-Fi 7 adoption. The FortiAP 441K and FortiSwitch T1024 collectively enable organizations to fully leverage the benefits of Wi-Fi 7 while maintaining a secure and efficient wireless environment.⁴
CYBR ETF: Diversified Investing in Cybersecurity
A cybersecurity ETF offers a great alternative to gaining exposure to this industry without being locked into any single security and without the hassle of hand-picking individual stocks. ETFs allow you to diversify by investing in multiple companies in multiple markets, ensuring that a single market shock won’t tank your portfolio.
Canada’s first cybersecurity ETF, Evolve Cyber Security Index Fund (TSX Ticker: CYBR), invests in global companies involved in the cybersecurity industry. For more information, visit the fund page here: https://evolveetfs.com/cybr/.
Portfolio Strategy and Activity
For the month, CrowdStrike Holdings made the largest contribution to the Fund, followed by Palo Alto Networks and Booz Allen Hamilton Holding Corporation. The largest detractors to performance for the month were Okta Inc, followed by GDS Holdings and BlackBerry Limited.
- Bass, D. & Manson, K., “Microsoft Says Russia-Linked Group Hacked Employee Emails,” Bloomberg, January 19, 2024; https://www.bloomberg.com/news/articles/2024-01-19/microsoft-says-russia-linked-group-hacked-some-employee-emails
- Coleman, J., “CrowdStrike CEO talks Microsoft’s security breach and explains why Russian hackers are hard to beat,” CNBC, January 22, 2024; https://www.cnbc.com/2024/01/22/crowdstrike-ceo-explains-why-russian-hackers-are-hard-to-beat.html
- “CrowdStrike Falcon Platform Recognized by Global Governments for its Compliance with Leading Information Security Standards,” CrowdStrike, January 17, 2024; https://ir.crowdstrike.com/news-releases/news-release-details/crowdstrike-falcon-platform-recognized-global-governments-its
- “Fortinet Announces the Industry’s First Wi-Fi 7–Enabled Secure Networking Solution,” Fortinet, January 16, 2024; https://investor.fortinet.com/news-releases/news-release-details/fortinet-announces-industrys-first-wi-fi-7-enabled-secure