General Industry Update

Microsoft Corporation reported that a Russian-linked hacking group, identified as “Nobelium” or “Midnight Blizzard,” targeted its corporate systems, gaining access to a “small number” of email accounts, including those of senior leadership, cybersecurity, and legal personnel. The hacker group, previously linked to Russia, utilized a “password spray” attack, a form of brute force attack, in November to infiltrate Microsoft’s systems. The breach did not extend to customer systems or outward-facing servers and the intrusion was first detected on January 12.

Microsoft is taking immediate action to address vulnerabilities in older systems, anticipating some potential disruptions. The company clarified that there is no evidence hackers accessed source code or artificial intelligence systems.

The same hacking group had previously targeted SolarWinds Corp in 2020 as part of a significant cyber espionage attack against parts of the U.S. government. Microsoft assured that steps are being taken to secure and rectify the situation.¹

CrowdStrike CEO George Kurtz, commenting on the breach, emphasized Nobelium’s persistent and systematic “low and slow” hacking approach as exceptionally patient and challenging to counter. Kurtz contrasted this technique with that of other foreign adversaries, which he characterized as “smash and grabs” compared to the prolonged and covert nature of Nobelium’s operations.

Kurtz said that CrowdStrike has successfully thwarted cyberattacks from this same hacker group in the past, and pointed out that some Microsoft customers seek additional support from his company. Emphasizing the complexity of cybersecurity, Kurtz stated that security is a challenging problem, and no single company can address it entirely.²

Company Specific Updates

CrowdStrike Holdings

CrowdStrike announced in January that its AI-native CrowdStrike Falcon XDR Platform has successfully completed the Australian InfoSec Registered Assessors Program (IRAP) assessment and achieved an AL3 designation in the Trusted Information Security Assessment Exchange (TISAX) registration in Europe.

The completion of IRAP and TISAX assessments expands the reach of CrowdStrike’s industry-leading protection to the Australian government and the European automotive supply chain. CrowdStrike, which already collaborates with entities like the Spanish National Cryptologic Center and the United States Department of Defense, aims to provide global customers with a robust security platform to prevent breaches.

Source Image: CrowdStrike

The IRAP assessment, administered by the Australian Cyber Security Centre, affirms CrowdStrike’s commitment to addressing the cybersecurity needs of the Australian public sector. This achievement accelerates CrowdStrike’s capability to offer top-tier security to a broader customer base in the sector.

In Europe, achieving TISAX AL3 registration, the highest assessment level, positions CrowdStrike as a trusted partner for customers across the European automotive supply chain. The certification assures clients that the Falcon platform meets the region’s stringent information security requirements, facilitating its adoption with confidence.³

Fortinet Inc

Fortinet has unveiled the industry’s inaugural integrated Wi-Fi 7 secure networking solution, combining the FortiAP 441K access point and FortiSwitch T1024 10 Gigabit Power over Ethernet switch. These innovations aim to deliver not only enhanced cybersecurity protections but double the speed and capacity of existing solutions, addressing the escalating demands of modern enterprise wireless networks.

Source: Fortinet

The FortiAP 441K leverages Qualcomm’s Wi-Fi 7 technology, offering up to 2x faster wireless connections, faster data transfer with 4096 QAM support, lower latency through 320MHz channels, and improved load balancing. The FortiSwitch T1024, designed to support Wi-Fi 7-enabled access points, features 10 Gigabit Ethernet access and 90W Power over Ethernet technology.

Fortinet’s Chief Marketing Officer, John Maddison, emphasizes the convergence of networking and AI-powered security in their comprehensive solution, providing unmatched security, visibility, and control. The integration ensures enterprise-grade protection, AI-powered security, and AIOps automation capabilities, addressing the cybersecurity challenges posed by the increased data-rich traffic associated with Wi-Fi 7 adoption. The FortiAP 441K and FortiSwitch T1024 collectively enable organizations to fully leverage the benefits of Wi-Fi 7 while maintaining a secure and efficient wireless environment.⁴

CYBR ETF: Diversified Investing in Cybersecurity

A cybersecurity ETF offers a great alternative to gaining exposure to this industry without being locked into any single security and without the hassle of hand-picking individual stocks. ETFs allow you to diversify by investing in multiple companies in multiple markets, ensuring that a single market shock won’t tank your portfolio.

Canada’s first cybersecurity ETF, Evolve Cyber Security Index Fund (TSX Ticker: CYBR), invests in global companies involved in the cybersecurity industry. For more information, visit the fund page here:

Portfolio Strategy and Activity

For the month, CrowdStrike Holdings made the largest contribution to the Fund, followed by Palo Alto Networks and Booz Allen Hamilton Holding Corporation. The largest detractors to performance for the month were Okta Inc, followed by GDS Holdings and BlackBerry Limited.



  1. Bass, D. & Manson, K., “Microsoft Says Russia-Linked Group Hacked Employee Emails,” Bloomberg, January 19, 2024;
  2. Coleman, J., “CrowdStrike CEO talks Microsoft’s security breach and explains why Russian hackers are hard to beat,” CNBC, January 22, 2024;
  3. “CrowdStrike Falcon Platform Recognized by Global Governments for its Compliance with Leading Information Security Standards,” CrowdStrike, January 17, 2024;
  4. “Fortinet Announces the Industry’s First Wi-Fi 7–Enabled Secure Networking Solution,” Fortinet, January 16, 2024;
Header image source: Getty Images Credit: xijian
The contents of this blog are not to be used or construed as investment advice or as an endorsement or recommendation of any entity or security discussed. These contents are not an offer or solicitation of an offer or a recommendation to buy or sell any securities or financial instrument, nor shall it be deemed to provide investment, tax or accounting advice. The information contained herein is intended for informational purposes only.
Commissions, management fees and expenses all may be associated with exchange traded funds (ETFs) and mutual funds (funds). Please read the prospectus before investing. ETFs and mutual funds are not guaranteed, their values change frequently, and past performance may not be repeated. There are risks involved with investing in ETFs and mutual funds. Please read the prospectus for a complete description of risks relevant to ETFs and mutual funds. Investors may incur customary brokerage commissions in buying or selling ETF and mutual fund units.
Certain statements contained in this blog may constitute forward-looking information within the meaning of Canadian securities laws. Forward-looking information may relate to a future outlook and anticipated distributions, events or results and may include statements regarding future financial performance. In some cases, forward-looking information can be identified by terms such as “may”, “will”, “should”, “expect”, “anticipate”, “believe”, “intend” or other similar expressions concerning matters that are not historical facts. Actual results may vary from such forward-looking information. Evolve Funds undertakes no obligation to update publicly or otherwise revise any forward-looking statement whether as a result of new information, future events or other such factors which affect this information, except as required by law.

Tags Crowdstrike  cyberattack  CYBR etf  Fortinet  Hackers  Microsoft  nobelium  Palo Alto Networks