Attack of the Cyber-Grifters 

Posted On Aug 27, 2018 By Dave Gonigam

  • Be a cybersecurity contractor: You’ll never have to say you’re sorry
  • Contractors “find” foreign boogeymen and rake in taxpayer cash
  • The king of cybersecurity grift — “cleaning up” social media!
  • Tesla, Uber and the Saudi Crown Prince, oh my
  • A classic Ferrari or Microsoft stock: Which is the better investment?
  • Trade-deal hoopla (but what about the wall?)… a disappointing economic number… reader asks for a “Halo-Fi” update… and more!

Welcome to the world of government contracting — where no act of incompetence goes unrewarded.

Last week, the feds awarded a $1 billion contract to Booz Allen Hamilton (BAH) for cybersecurity services at six federal agencies.

“This is not Booz Allen’s first go at boosting government agencies’ cybersecurity,” reports the Axios website — “the consultancy has been working with the government-wide project under which this award falls for over five years.”

Not mentioned in the Axios story is the fact that five years ago, Booz’s most famous employee fled the country after revealing how the NSA is surveilling you and me and everyone else without a warrant — Edward Snowden.

Yes, Booz allows an epic cybersecurity breach to take place under its nose — and the firm rakes in still more of your hard-earned taxpayer dollars for cybersecurity.

Around here, we’re not surprised: A mere eight months after the Snowden revelations, we pointed out how Booz was put in charge of an effort to detect potential leakers within the federal government — that is, future Snowdens.

You can’t make this stuff up. Is it any wonder BAH shares have crushed the broad stock market since Snowden’s name became public?

chart

Meanwhile, you might have encountered an alarmist headline last week like this one…

times-article

“This week’s attempt was aggressive, two officials briefed on it said,” reported The New York Times. “The Federal Bureau of Investigation is looking into the incident.”

That was on Tuesday. The Times had to “update” its story on Thursday…

times-article-update

The alleged hack was first spotted by a privately held cybersecurity firm called Lookout. A vice president with the company justified crying wolf by saying, “The thing about ‘false alarms’ is that you don’t know that they’re false until you’ve showed up to investigate. All the folks who pulled together on this were amazing, and had this been a real attack, would have stopped something terrible.”

Whatever you say, dude…

We tee up these two tales to underscore the following point: Cybersecurity has opened up huge new avenues for graft artists and grifters — at your expense.

Going back to early 2013, pre-Snowden, we’ve been watching the rise of this industry in The 5 — warily.

That’s because every time there was a new headline about a breach, there was some cybersecurity firm claiming it to be the work of a foreign government.

During the Obama years, the usual boogeyman was China. Of course, ever since the 2016 breach of the Democratic National Committee, the focus has shifted toward Russia.

Throughout, our stance about these claims has been skeptical. The incentives are all screwed up: Of course a cybersecurity firm is going to blame a big attack on a “state-based actor” overseas. That’s how you gin up fear and loathing in Washington, ensuring a steady flow of new contracts to fend off the foreign threat.

In comparison, there’s little money to be made in thwarting “somebody sitting on their bed that weighs 400 pounds” — to borrow a Trump line from the 2016 debates.

Here’s the problem: For laymen like you and me, it’s tempting to think that “attribution” of a cyberattack is an easy thing to track down using the right tools and the scientific method.

The reality is far more squishy. “Claims of attribution aren’t testable or repeatable because the hypothesis is never proven right or wrong,” according to Jeffrey Carr, author of the book Inside Cyber Warfare.

“There’s no way to prove whether the assignment of attribution is true or false unless 1) there is a criminal conviction, 2) the hacker is caught in the act or 3) a government employee leaked the evidence.”

Thus, Carr says blaming the Russians for the 2016 DNC breach because the Russian alphabet turned up in some of the computer code makes as much sense as saying the perps in a bank robbery must be Japanese because the getaway car was a Toyota.

But that didn’t stop a cybersecurity firm called CrowdStrike from fingering the Russkies. It was privately held CrowdStrike, under contract to the DNC, that inspected the breached servers. Despite the blatant conflict of interest — remember, the servers were never independently inspected by the FBI — it’s become conventional wisdom that it was a Russian job.

[We anticipate an objection: Yes, special counsel Robert Mueller indicted some Russians for the attack earlier this year. But until proven in a court of law, it’s only an assertion, not evidence. Conveniently for him, the DNC and CrowdStrike, the likelihood of a Russian actually going on trial in the United States — and these assertions being tested in court — is nil…]

But the premier graft artists are found at an outfit called FireEye (FEYE).

FireEye CEO Kevin Mandia burst into the headlines in early 2013 when he claimed that officers of the Chinese military, working from a 12-story office tower on the outskirts of Shanghai, were responsible for “an overwhelming percentage of the attacks on American corporations, organizations and government agencies,” as The New York Times put it.

The aforementioned Jeffrey Carr wasn’t so sure — again, because of the incentives. “It’s good business today to blame China,” he said at the time. “I know from experience that many corporations, government and DOD organizations are more eager to buy cyberthreat data that claims to focus on the [People’s Republic of China] than any other nation state.”

Fast-forward to late 2014 and FireEye jumped on an opportunity to pin the “Sony hack” on North Korea. Hackers released five yet-to-be-released movies online, along with corporate emails dishing on Angelina Jolie and other goodies.

As we recounted at the time, FireEye was out front blaming North Korea — revenge, the company said, for a mediocre Seth Rogen comedy called The Interview, whose plotline involved a CIA assassination attempt on Kim Jong Un.

Several experts not hired by Sony said the evidence was at least as strong for an inside job — a disgruntled employee, perhaps. (And a few wags suspected Sony engineered the whole scheme to publicize a “crapbasket buddy film,” as one critic called it.)

But FireEye successfully “controlled the narrative.” Sure enough, FEYE’s share price zoomed from $30 past $50 during the next six months.

And now, never one to miss a bandwagon opportunity, FEYE is joining the “patriotic” crusade to clean up social media.

Word emerged last week that FireEye had tipped off Google, Facebook and Twitter to the existence of hundreds of “fake” accounts — some linked to Russians but most linked to Iranians. That included 39 YouTube channels that accumulated a not-so-whopping 13,466 views in the United States.

(Brilliant! Dems hate Russians while Pubs hate Iranians — FEYE has its bipartisan bases covered!)

FEYE shares popped 6% Thursday — and another 3% Friday when the Associated Press gave the company a wet, sloppy kiss in the form of an article with quotes like these from a marketing consultant: “They’ve really become the Navy SEALs of cybersecurity, especially for next-generation cybersecurity threats.”

The AP story acknowledged FEYE’s profits leave something to be desired because it “has spent heavily on research, development, sales and marketing” — as opposed to, you know, technology that could fortify computer systems from intrusion.

FEYE’s share price has spent 2½ years going nowhere, bouncing between $10–20. We wouldn’t be surprised if it gets a nice bump over the next few months — maybe even on the scale of the 70% bounce in early 2015 off the Sony publicity.

Wall Street is rallying hard on news from Washington of a U.S.-Mexico trade deal — essentially a replacement for NAFTA, assuming Canadian leaders sign on.

The Dow is up more than 250 points — back above 26,000 for the first time since the market’s big spill in early February. And the Nasdaq is above 8,000 for the first time ever.

Gold is firming a bit at $1,210. Crude is holding steady at $68.72.

Aside from the trade deal — wait a minute, what about the border wall? — traders are chattering about Tesla CEO Elon Musk’s decision not to take TSLA private after all. Yes, that news came nearly as abruptly as Musk’s claim three weeks ago that he’d secured the funding to take TSLA private. (Would TSLA’s 18% collapse in that three-week span have something to do with it?)

And then there’s Uber, which is not public yet but which just announced it will shift its focus from automobile ride-hailing to bicycles and electric scooters. Hmmm — is the company conceding that the whole “ride-sharing” thing is a ginormous money suck?

Heh — Uber and Tesla are supposed to be key to the plan by Saudi Arabia’s Crown Prince Mohammed bin Salman to “modernize” the kingdom and move “beyond oil.” The Saudi sovereign wealth fund has sizeable stakes in both companies.

The “strong U.S. economy” looks only fair to middling, judging by one reliable economic barometer.

The Chicago Fed National Activity Index crunches 85 indicators to get one overall reading. The index is notable because it’s called all but one recession going back to 1970.

No recessionary signs yet, but this morning’s number came in way below expectations. Heck, the three-month average is more or less at the zero line — indicating an economy on par with the average over the last five decades. The big drag? Consumer spending and housing.

Hmmm… a 908% return in 18 years.

ferrari

This 1962 Ferrari 250 GTO sold at auction in Pebble Beach, California, over the weekend for $48.4 million.

No word on the buyer’s identity, but the seller is one Greg Whitten — who joined Microsoft as its 15th employee in 1979. Whitten bought the ride in 2000 for only $4.8 million. So he made about 10 times his money.

Asked which is a better investment — the Ferrari or Microsoft shares — Whitten wisely said it depends on your time frame. Given that Microsoft topped out in 2000 along with other tech stocks at the peak of the dot-com bubble, the car was a far better performer the last 18 years.

Of course, Whitten likely started accumulating ownership in MSFT even before it went public in 1986. After it went public, shares multiplied 1,000-fold.

Looked at that way, “Microsoft was a much better investment,” he says. “But the GTO is much more fun.”

To the mailbag, and an inquiry: “Because of the housing boom in our midsized town, I had so many calls to do concrete work [that] I postponed my retirement and am now investing my earnings, because I have no payments of any kind — and a more secure retirement ahead.

“Therefore, I read a week’s worth of emails on Sunday. Reading about 5G in Monday’s 5 Min. Forecast, I wonder about the fate of $7-a-month internet that was to start working last May.

“Which will be better? You guys (and gals) are great!!

“P.S. I am still ticked that you didn’t come to my eclipse party a year ago.”

The 5: To be clear, the “Halo-Fi” technology Ray Blanco’s so keen on won’t be up and running for a while yet — maybe even 2020.

But by then the mini-satellites will have launched and the story will be old news. It’s not quite a ground-floor opportunity anymore, but Ray says it’s still viable —and your best revenge against the lumbering cable giants.

Best regards,

David Gonigam

Dave Gonigam
The 5 Min. Forecast

P.S. As for the eclipse… well, maybe next time. Get back to us when 2024 approaches!


Other Articles In 5 Min. Forecast