Cyber-attacks are good for business – if your business is cyber security

Time to read: Minutes

Key Takeaways

2023 saw a 50% increase in cyber extortion and a 33% jump in attempted ransomware attacks1

There were notable cyber-attacks on major companies and institutions, including casinos, manufacturers and networking giants – even the North Atlantic Treaty Organization (NATO)

Cyber security is spending expected to grow rapidly in 2024, outpacing overall IT spending – good news for cyber security investors

AGI logo

The following content has been prepared by Allianz Global Investors GmbH (AllianzGI), and is reproduced with permission by Voya Investment Management (Voya IM). Certain information may be received from sources Voya IM considers reliable; Voya IM does not represent that such information is accurate or complete. Any opinions expressed herein are subject to change. Nothing contained herein should be construed as (i) an offer to buy any security or (ii) a recommendation as to the advisability of investing in, purchasing or selling any security.

In a world plagued by escalating cyber threats, businesses are forced to prioritize cyber security like never before. Here are some alarming examples of high-profile cyber-attacks in 2023, emphasizing the need for robust security solutions.

2023 by the numbers

In 2023, the business world clamoured for better cyber security solutions, largely triggered by an alarming rise in the frequency and duration of cyber-attacks.

  • There was a nearly 50% increase in cyber extortion in 2023, and an astounding 1 in every 10 organisations worldwide were hit by attempted ransomware attacks – a 33% jump from the previous year2.
  • JPMorgan Chase (the largest US bank by market cap size) said that it faced an astonishing 45 billion hacking attempts a day in 2023, double the level set in 2022, for an average of 521,000 attempts per second per day3.
  • The size of the global cyber security market size reached an estimated USD 172 billion in 2023 – a significant increase from the year before – and some estimates see it reaching USD 425 billion by 20304.

Cyber-attacks are spreading to increasingly high-profile targets

Some of 2023 biggest cyber-attacks involved companies with household names illustrated by the following overview of some of the best-known incidents:

  • Hackers went after two large US casinos using social engineering tactics. Their ransom demands were met with two distinct outcomes. One casino company decided not to pay a ransom and their credit card transactions, digital room keys, corporate emails, booking systems and slot machines were down for a week, translating to a ~$100M impact to earnings. The other casino company remained operational after paying the ransom (estimated to be tens of millions by industry reports), although it later notified hundreds of thousands of customers that their data was compromised.
  • A global manufacturer of consumer and professional products uncovered a cyber-attack when it identified unusual activity on its IT systems. The attack ultimately led to orders being taken by hand, reduced product availability in retail outlets and a material impact on its financial results – including a 20% decrease in net sales5.
  • A networking giant suffered a supply chain attack, with hackers injecting their code into compromised software updates. Given how many corporations and governments worldwide use the company’s products and networks, hackers may have gained access to a huge amount of sensitive data.
  • A well-known ridesharing company was hit by hackers who went after its internal systems, including employee email and cloud storage accounts. While details remain unclear, the attack likely exposed sensitive employee data and operational information.
  • A multinational conglomerate specialising in fire and safety controls had its business operations and financial reporting systems impacted by an attack. This forced the company to delay the reporting of its quarterly results, and created headwinds to revenues.
  • The intergovernmental military alliance known as NATO was hit by hackers who accessed a member state’s network. The cyber criminals ultimately obtained a large amount of sensitive data and leaked classified documents, exposing sensitive information regarding military capabilities and operational plans, and raising concerns about espionage and potential security breaches.
  • Multiple US airport websites suffered a coordinated attack by hackers, resulting in temporary disruptions and defaced webpages. While investigations are ongoing, the motive and potential impact of this attack remain unclear.

Cyber spending is set to increase in 2024

As the following chart shows, a recent survey of Chief Information Officers (CIOs) suggests budgets for cyber security will continue growing at a rapid pace, as the post-Covid trends of hybrid work and work from home continue translating to outsized demand. While the overall IT spending growth is muted as companies seek to consolidate and reduce costs, security growth remains a double-digit driver, thanks to the cyber security-related applications needed to thwart off incessant attacks from bad actors. Another reason why publicly traded companies are taking these threats so seriously is a new rule from the US Securities and Exchange Commission (SEC). As of December 2023, listed firms have been required to report “material” cybersecurity incidents within four business days of the event.

Given the evolving threat landscape, it’s clear that cyber security plays a crucial role in protecting businesses, governments and individuals from cyber-crime. The good news is that the cyber security industry is constantly evolving as well, with new technologies and solutions emerging rapidly. We are confident that as cyberattacks become more frequent and impactful, the demand for cybersecurity solutions will continue to rise – giving investors an important opportunity to make a difference.

chart

Source: AlphaWise, 4Q23 Domain Survey, Morgan Stanley Research. As at January 10, 2024

3365210

1 Source: AlphaWise, 4Q23 Domain Survey, Morgan Stanley Research. As at January 10, 2024
2 Ibid.
3 The Register, “JPMorgan repels '45 billion' cyber attempts a day, says exec”, 1/2024.
4 Fortune Business Insights, “Cyber Security Market Size, Share & Covid-19 Impact Analysis”, 4/2023.
5 Source: Bloomberg, 11/2/2023.

Investing involves risk. The value of an investment and the income from it will fluctuate and investors may not get back the principal invested. Past performance is not indicative of future performance. This is a marketing communication. It is for informational purposes only. This document does not constitute investment advice or a recommendation to buy, sell or hold any security and shall not be deemed an offer to sell or a solicitation of an offer to buy any security. The views and opinions expressed herein, which are subject to change without notice, are those of the issuer or its affiliated companies at the time of publication. Certain data used are derived from various sources believed to be reliable, but the accuracy or completeness of the data is not guaranteed and no liability is assumed for any direct or consequential losses arising from their use. The duplication, publication, extraction or transmission of the contents, irrespective of the form, is not permitted. This material has not been reviewed by any regulatory authorities. In mainland China, it is for Qualified Domestic Institutional Investors scheme pursuant to applicable rules and regulations and is for information purpose only. This document does not constitute a public offer by virtue of Act Number 26.831 of the Argentine Republic and General Resolution No. 622/2013 of the NSC. This communication's sole purpose is to inform and does not under any circumstance constitute promotion or publicity of Allianz Global Investors products and/or services in Colombia or to Colombian residents pursuant to part 4 of Decree 2555 of 2010. This communication does not in any way aim to directly or indirectly initiate the purchase of a product or the provision of a service offered by Allianz Global Investors. Via reception of his document, each resident in Colombia acknowledges and accepts to have contacted Allianz Global Investors via their own initiative and that the communication under no circumstances does not arise from any promotional or marketing activities carried out by Allianz Global Investors. Colombian residents accept that accessing any type of social network page of Allianz Global Investors is done under their own responsibility and initiative and are aware that they may access specific information on the products and services of Allianz Global Investors. This communication is strictly private and confidential and may not be reproduced. This communication does not constitute a public offer of securities in Colombia pursuant to the public offer regulation set forth in Decree 2555 of 2010. This communication and the information provided herein should not be considered a solicitation or an offer by Allianz Global Investors or its affiliates to provide any financial products in Brazil, Panama, Peru, and Uruguay. In Australia, this material is presented by Allianz Global Investors Asia Pacific Limited (“AllianzGI AP”) and is intended for the use of investment consultants and other institutional/professional investors only, and is not directed to the public or individual retail investors. AllianzGI AP is not licensed to provide financial services to retail clients in Australia. AllianzGI AP is exempt from the requirement to hold an Australian Foreign Financial Service License under the Corporations Act 2001 (Cth) pursuant to ASIC Class Order (CO 03/1103) with respect to the provision of financial services to wholesale clients only. AllianzGI AP is licensed and regulated by Hong Kong Securities and Futures Commission under Hong Kong laws, which differ from Australian laws. This document is being distributed by the following Allianz Global Investors companies: Allianz Global Investors GmbH, an investment company in Germany, authorized by the German Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin); Allianz Global Investors (Schweiz) AG; Allianz Global Investors UK Limited, authorised and regulated by the Financial Conduct Authority;in HK, by Allianz Global Investors Asia Pacific Ltd., licensed by the Hong Kong Securities and Futures Commission; in Singapore, by Allianz Global Investors Singapore Ltd., regulated by the Monetary Authority of Singapore [Company Registration No. 199907169Z]; in Japan, by Allianz Global Investors Japan Co., Ltd., registered in Japan as a Financial Instruments Business Operator [Registered No. The Director of Kanto Local Finance Bureau (Financial Instruments Business Operator), No. 424], Member of Japan Investment Advisers Association, the Investment Trust Association, Japan and Type II Financial Instruments Firms Association; in Taiwan, by Allianz Global Investors Taiwan Ltd., licensed by Financial Supervisory Commission in Taiwan; and in Indonesia, by PT. Allianz Global Investors Asset Management Indonesia licensed by Indonesia Financial Services Authority (OJK).

Top