Are Hackers the Next Threat to Your Portfolio?

It seems as if network security breaches have come in droves. Recently, Honda's Canada operations reported a data breach. Lockheed Martin (NYSE: LMT  ) said it fended off an attack on its systems. In April, Alliance Data's (NYSE: ADS  ) Epsilon faced a similar attack that affected some of its clients such as Citigroup's (NYSE: C  ) Citibank unit and Target. Last week, Citi revealed hackers had obtained information on about 200,000 cardholders.

Attacks such as these are a dime a dozen these days. Recently, Google (Nasdaq: GOOG  ) accused China-based users of hacking into Gmail accounts of government officials from the U.S. and some Asian countries. These hacking attempts, common in the tech trade, have become so prominent and common that they're starting to take a serious toll on companies' bottom lines. Time for Fools to take notice.

The mother lode
The most prominent attack of the lot belongs to Sony (NYSE: SNE  ) . A few weeks ago, the company was the victim of a malicious, large-scale attack. The attack took the PlayStation Network and the company's Qriocity service offline, disabling services to 77 million Sony customers and stealing private data of these customers.

Recently, Sony also faced a third attack from hacker group LulzSec, which broke into the Sony network and allegedly stole private data of several Sony customers. This is the same group that recently posted fake news items on the PBS website.

The estimated financial impact of the last attack was estimated by Sony at $170 million. While that is not really a jaw-dropping amount as far as Sony is concerned, the company might have incurred some additional losses than just the quantifiable ones.

Hack attack balance sheet
Each attack that cripples a network or breaches it to expose sensitive data comes with a range of costs including ones that cannot be directly quantified. In order to examine the true economic impact of malicious network attacks, these costs might play an important role.

Costs can be deduced based on the type of attack. For the one at Sony, the most important cost incurred is the cost of business lost because of denial of service or disabled services. Some of the customers might prefer to take their business to other service providers who they deem safer. So there might be loss of business in that direction. In cases where the system infrastructure has been affected because of an attack, there are costs associated with reduced productivity. Added to these are costs from ensuing legal proceedings, investigation, loss of goodwill, and PR.

Among the intangible costs is the loss of investor confidence resulting from bad press and loss of crucial advantage to competitors. What all these costs add up to for each company is dependant upon the type and degree of the attack and on the size of the company.

When Sony was hit, the initial reaction was that it was a simple snag. But the true financial impact was eventually revealed. The $170 million loss that Sony reported wouldn't have been as much if there wasn't a possibility of stolen user accounts. But with further reports of possible identity thefts on the PSN, the costs escalated.

In February 2000, a Canadian teenager attacked Yahoo!, eBay, Amazon, and E*TRADE Financial. Estimates at the time placed the total cost of the denial of service attack at $1.2 billion for a few hours of outage. In other words, while hard to imagine, these costs are very real.

Number game
The Ponemon Institute, which carries out independent research on network security, conducted a study on the average cost of data breaches in the U.S. in 2010 and reported a figure of $214 per compromised record, taking into account the various factors involved in an attack. Therefore, in order to work out the exact cost that the company faces because of the attack would essentially be a function of how much of the data has been breached or for how long the system stayed down.

Reactions
Market reactions to data breaches are based on how bad the attacks are perceived. The first thing to do in case of a report of a malicious attack is to wait for reports on what the attack is all about. The extent of the injury can only be judged by further information regarding what the company stands to lose. If the data that has been breached will not have any bearing on the revenues of the company, then an initial drop in share prices is perhaps mere market apprehension.

Fool's take
Before you respond to a malicious attack on one of your investments in your portfolios, measure the impact that such an attack can have on the company. Try to think about the various possible costs that I have mentioned to get a rough picture of what could come next.

Arunava De does not own shares of the companies mentioned in this article. The Motley Fool owns shares of Google, Yahoo!, and Lockheed Martin. Motley Fool newsletter services have recommended buying shares of Amazon.com, Yahoo!, eBay, and Google. Try any of our Foolish newsletter services free for 30 days. We Fools may not all hold the same opinions, but we all believe that considering a diverse range of insights makes us better investors. The Motley Fool has a disclosure policy.


Read/Post Comments (0) | Recommend This Article (9)

Comments from our Foolish Readers

Help us keep this a respectfully Foolish area! This is a place for our readers to discuss, debate, and learn more about the Foolish investing topic you read about above. Help us keep it clean and safe. If you believe a comment is abusive or otherwise violates our Fool's Rules, please report it via the Report this Comment Report this Comment icon found on every comment.

Be the first one to comment on this article.

Sponsored Links

Leaked: Apple's Next Smart Device
(Warning, it may shock you)
The secret is out... experts are predicting 458 million of these types of devices will be sold per year. 1 hyper-growth company stands to rake in maximum profit - and it's NOT Apple. Show me Apple's new smart gizmo!

DocumentId: 1506613, ~/Articles/ArticleHandler.aspx, 11/28/2014 10:42:13 PM

Report This Comment

Use this area to report a comment that you believe is in violation of the community guidelines. Our team will review the entry and take any appropriate action.

Sending report...


Advertisement