In early April, 2010, researchers at the University of Toronto’s Munk Centre for International Studies, an Ottawa-based security firm SecDev Group, and a U.S. cyber crime fighting organization known as the Shadowserver Foundation announced that they uncovered wide-spread online espionage based in China after a year-long investigation. The team uncovered a cybercrime ring that used simple avenues like e-mail, Twitter, and Facebook accounts to extract data from computers around the world. Stolen documents recovered show the hackers managed to breach servers in dozens of countries, organizations, and corporations and to take things ranging from top-secret missile systems files to visa applications.
In early January, 2010, Google, Inc. (GOOG) announced that it had been a victim of a cyberattack on its corporate infrastructure that coincidentally originated in China. Management further revealed that the investigation showed that at least 20 other companies besides Google were similarly targeted. The company also gave the Internet Security industry a nice boost when it posted “we would advise people to deploy reputable antivirus and antispyware programs on their computers” onto its blog.
The breach of Google’s security and the aforementioned year-long investigation into the dark side of the Internet show just how vulnerable society is to cyberattacks. Every time a computer connects to a network and communicates with other computers, the user is taking a risk. In its simplest form, Internet security is protecting a user's Internet account and any files stored on the computer’s hard drive from an intrusion by an unknown user. Basic security measures include using passwords, changing file permissions, and backing up data. Still, this is not enough to protect computers from programs like adware, spyware, and viruses that contain malicious features.
Unfortunately, most governments around the world already have their hands full addressing other 21st Century challenges. Things like national defense, healthcare, economic stability, and clean energy generally garner much of the focus of lawmakers, while other areas are often overlooked. Internet security should probably go hand in hand with national defense, but all too often it falls into the latter category in many parts of the world.
As a result, the private sector has picked up the baton, creating antivirus and Internet security programs that are useful in protecting computers and other programmable devices from malware. This software can be purchased at brick and mortar retailers or downloaded via the Internet from companies like McAfee (MFE) and Symantec (SYMC). These two are easily the two biggest players in the sector; however, smaller participants like CommTouch Software (CTCH), Check Point’s (CHKP) Zone Labs, and Kaspersky Lab, which makes the engine that powers software sold by Juniper Networks (JNPR) and Blue Coat Systems (BCSI), are gaining some notoriety.
As evidenced by the growing rates of cybercrime, it seems as though it is getting harder and harder to detect viruses, however. The main worry is that the intent of virus authors has changed dramatically in recent years. Only a few short years ago, it was fairly obvious when an infection was present. Viruses exhibited destructive behavior, but were essentially just major nuisances. Modern viruses are often written by professionals instead of amateurs and are typically financed by criminal enterprises or cybercrime rings. The result is very sophisticated malware that can get between you and your bank or stock broker and steal your life savings.
Consequently, corporations and individuals alike have been taking extra precautions. Since the bulk of the browser market is occupied by Microsoft’s (MSFT) Internet Explorer, malware writers often exploit it. As a result, other browsers like Mozilla’s Firefox and Google’s Chrome are quickly gaining popularity. Microsoft’s Windows similarly dominates the operating systems market, so it is the go-to option for hackers and cybercriminals. However, more and more folks are switching to other operating systems like GNU/Linux and Apple’s (AAPL) Mac OS X. Finally, Google plans to launch an operating system sometime in the second half of 2010. Companies’ IT budgets have grown markedly in recent years in order to protect sensitive corporate data. Companies that offer advanced network security solutions, such as Cisco (CSCO) and 3Com (COMS), have been benefiting from this rising trend.
All told, Internet security is a rapidly growing industry. We estimate that sales of antivirus, antispyware, and similar software eclipsed $15 billion in 2009, and that figure is quickly rising as people are becoming aware of the increasing threats attached to surfing the Web. Other things, including which browser to select and which operating system to run, may also lead to big profits or, conversely, lead to market share declines for Microsoft.