State-sponsored hacking is on the rise...

A line from Shakespeare's Hamlet, "The lady doth protest too much, methinks," came to mind recently with China's denial of recent hacking accusations despite clear evidence of its involvement.

Hackers broke into Microsoft's (MSFT) e-mail platform Exchange earlier this year, gaining access to more than 30,000 customers' e-mail accounts. The hackers stole private e-mails and installed malware to continue surveilling their targets.

All signs indicated these hacks came from China, with most of Europe blaming Beijing for allowing these hackers to operate. 

The U.S. and U.K. took it a step further, blaming the Chinese government directly for sponsoring the cyberattack against Microsoft, along with a myriad of other Western web platforms.

The National Security Agency detailed more than 50 different tactics that Chinese hackers used in attacking Western networks. 

The U.S. Department of Justice unsealed an indictment against three Chinese officials for their roles in Chinese state-sponsored cybercrime. The report pointed to how the Chinese government used front companies to hide its involvement. 

These front companies make these events seem like one-off attacks conducted by smaller crime organizations, failing to capture state-sponsored cyber warfare efforts. 

Despite this overwhelming evidence, Beijing denies all involvement in the Microsoft e-mail hack and other related attacks.

The Chinese government stated that the accusations are false and unwarranted. China claims it's a smear campaign by the U.S. and U.K. while also pointing the blame to the U.S. for an alleged attack on Chinese telecom company Huawei.

These attacks and political rhetoric follow on the heels of the Colonial Pipeline ransomware attack and President Joe Biden's dialogue with Russian President Vladimir Putin. As part of these meetings, Biden urged Putin to get Russia's cybercrime, both government-sponsored and otherwise, under control and threatened U.S. retaliation if nothing is done.

With the rise in cyber warfare, this industry's services are increasingly in demand... 

The constant national spats over cyber warfare make great headlines. But it also creates greater risks for corporations to get caught in the crossfire of cyberattacks, either coming from individuals looking to make a quick buck or larger state-sponsored hacking groups.

Furthermore, this seems to be only the beginning of cyber warfare. Ransomware attacks rose by 158% last year in North America, according to the 2021 SonicWall Cyber Threat Report. 

With cyberattacks increasing in severity, it's no wonder that many cybersecurity companies have had an impressive run. The ETFMG Prime Cyber Security exchange-traded fund (HACK), meant to target the cybersecurity theme, is up nearly 30% year over year.

Interestingly though, as-reported metrics for the bigger players are underwhelming. Companies like CrowdStrike (CRWD), Fortinet (FTNT), Palo Alto Networks (PANW), Check Point Software Technologies (CHKP), and NortonLifeLock (NLOK) all provide commercial and individual protection, and all have an as-reported return on assets ("ROA") of less than 10%.

These are mediocre returns for such an in-demand industry. You might assume providing such an essential service would lead to strong returns.

However, as frequent Altimetry readers know, as-reported accounting metrics are garbage and often misstate a company's financial performance.

The GAAP numbers tend to distort a company's financials significantly. To find the real story, we use Uniform Accounting to clean up the financial statements and determine these companies' real profitability.

Looking at adjusted numbers, we can see that cybersecurity companies across the board are much more profitable than as-reported metrics suggest.

Each of the companies' Uniform ROAs is dramatically higher than their as-reported ROAs. Fortinet and NortonLifeLock have a ROA of more than 50%, and Check Point has a 113% ROA.

Cybersecurity companies are benefiting from the current wave of cyberattacks... 

The massive demand for their products means these companies can charge highly for their products and services, leading to outsized ROAs.

Without Uniform Accounting, you could miss out on the earning potential of the cybersecurity industry. You could have assumed the cybersecurity industry was stuck with low returns and miss the massive winners currently thriving in their field. 

Altimeter subscribers can click here to see how Check Point, and other cybersecurity companies are valued, using Uniform Accounting.

The Altimeter is our veritable "stock truth detector" and allows you to see the full grading for more than 4,400 other U.S.-listed companies.

If you aren't an Altimeter subscriber, find out how to gain instant access to the rest of the Uniform data by clicking here.


Joel Litman
August 4, 2021