NEW YORK (CNNfn) - The wave of Internet service attacks this week may be bad news for Web sites but it's great news for security software and consulting firms.|
While investigators are still trying to determine who is responsible for the series of outages that have plagued leading Web sites this week, including eBay, Amazon.com, E*Trade and CNN.com, one thing is clear - the attacks have generated investor interest in companies that provide software and services to protect commercial Web sites against intrusion and downtime.
The stocks of several of the leading security-related firms posted substantial gains Wednesday, even though the broader market fell sharply. As examples, Check Point Software (CHKP: Research, Estimates) rose 7-5/16 to 148, ISS Group (ISSX: Research, Estimates) jumped 7-7/8 to 81-3/4, RSA Security (RSAS: Research, Estimates) surged 10-23/32 to 63-23/32, and Axent Technologies (AXNT: Research, Estimates) jumped 5 to 28-1/4.
Keynote Systems Inc. (KEYN: Research, Estimates), a company that monitors the speed and performance of commercial Web sites, has benefited from the added media attention the hacker attacks caused, even though it is not in the Web security business. It's stock rose 4 15/16 to 118-1/2 on Wednesday. Keynote's stock now is almost seven times higher than its 52-week low of 17-1/4.
"I hope this will serve as a wake-up call for the product vendors that they have to think strategically about security and not approach it tacitly by tacking it on at the end of the 11th hour," Ted Julian, founder of Internet security firm AtStake, told CNNfn's "In the Money."
Click here for the latest developments in the cyber attacks
The onslaught of Internet attacks began Monday when leading Web portal Yahoo! reported its servers were being bombarded by millions of bogus requests, preventing legitimate users from accessing the site.
The problem, known as "denial-of-service" attacks, also plagued other Web sites in the last two days. The attacks essentially blocked the roads leading to the target web sites, rather than penetrating the sites' databases.
While the target sites don't appear to have suffered any damage to their data, they did lose advertising revenue and e-commerce sales for the period that their sites were down. Experts say it's too soon, however, to tell how much money these sites such as Yahoo!, eBay, Buy.com, Amazon and E*Trade lost. Yahoo! spokeswoman Shanon Stuba said the company expects the revenue loss to be "insignificant."
"There is enough activity on our network and enough headroom to make up commitments to our advertisers," Stuba said. "We get 465 million page views per day, so there is plenty of enough room to make it up to the advertisers."
Yahoo! installed "rate filters" designed to protect the site against the type of mock traffic that caused its site to go down. The cost of installing those filters was minimal, Stuba said.
Click here to take the CNNfn poll on the cyber attacks
In addition, the denial-of-service attacks are covered by e-commerce insurance, according to the Insurance Information Institute, a trade group. The business interruption portion of an insurance policy usually will cover the cost of sending computer consultants to the company to help stop the attack and to determine how to prevent future attacks. It also covers loss of income for the time that an e-commerce site was down and unable to accept business.
In general, companies with revenue of $1 billion or less can expect to pay premiums of about $25,000 to $125,000 for at least $25 million in coverage, the insurance trade group said.
Jim Magdych, of Network Associates' (NETA: Research, Estimates) PGP security unit, said his company has received an increase in call volume since the attacks first started on Monday.
"People are definitely getting a lot more interested in security," Magdych said. "A lot of people are calling, asking what they can do. For a long time people have taken security for granted."
Charles Rutstein, senior business-to-business analyst at Forrester Research, estimated that the Internet security market amounts to several billion dollars each year. The firms are divided by specialties, including firewall protection, security assessment, and intrusion detection. Rutstein said that the rash of attacks against web sites aren't likely to harm web commerce.
"I don't see a long-term consumer impact, or in business-to-business commerce," Rutstein said.
Rutstein also doesn't advise investors to jump on the Internet security bandwagon.
"I'm not yet convinced that this is a real investment opportunity," he said. "This is a highly volatile group. Basically, the attacks are the flavor of the month."
Many of the Internet security stocks are near their 52-week highs and have tripled or quadrupled in price over the past 12 months. As an example, Internet Security Systems' stock is more than four times higher than its 52-week low of 20 per share. These stocks have been Wall Street darlings because of their very rapidly growing revenue. Internet Security Systems' revenue rose 104 percent in 1999 to $116.5 million from $57 million in 1998.
The attacks might not deter shoppers from Web sites, but they are being taken seriously by the FBI and Attorney General Janet Reno. At a press conference Wednesday afternoon, Reno said the attacks seemed "intended to interfere with and to disrupt legitimate electronic commerce."
Jeffrey Johnson, of Orlando, Fla.-based Meta Security Corp., told CNNfn that the attacks were not just limited to consumer-to-consumer sites but business-to-business areas as well.
"This is a discussion that should not be focused just on the dot.coms," Johnson said. "These attacks have been going on in these companies (B2B); they're just not reporting it. We get called into a number of cases."