Darktrace/cyber war: state-backed hackers pose growing risks

Cyber warfare follows on the heels of conventional weaponry, a fact not lost on Ukraine’s neighbouring governments and corporates. Globally, more is being spent on cyber security, according to an update from Darktrace on Wednesday. Yet investors marked its shares down 10 per cent.

This is at odds with the way Moscow’s invasion of Kyiv is unspooling. A tilt toward more destructive cyber attacks suggests it is already under way, as with the thwarted attempt to shut down Ukraine’s electricity grid.

Darktrace should benefit. The UK cyber security group increased its guidance for recurring revenue growth this year to as much as 41.5 per cent. Ebitda margins are also expected to be as much as 17 per cent this year, the highest yet.

Investors fret about the group’s unconventional technology, its heavy spending on marketing versus R&D, and its links to shareholder Mike Lynch. He is fighting extradition to the US on fraud charges related to the 2011 sale of Autonomy to Hewlett-Packard. Darktrace shares have halved since October and trades at revenue multiples 70 per cent below US peers. Lynch has tried to distance himself, stepping down as a company adviser in February.

That resolves one issue. Market growth should act as further stimulus. The increasing sophistication and destructiveness of cyber attacks presents an opportunity for Darktrace to deploy its skills for corporate clients. Recent survey data from the UK government paints a worrying picture. Industrial and utility businesses are more likely to run older operating systems, probably without two-factor authentication, and generally have senior managers less clued up on the latest cyber security.

Hackers, by contrast, are becoming more clued up by the minute. Attacks where hackers interfere with physical apparatus were first unleashed on Iran’s nuclear programme using the Stuxnet virus in 2010. The Industroyer 2.0 virus used to attack Ukraine’s grid is only the fourth such malware known to be able target industrial control systems.

As hackers shift from targeting financial gain to maximum damage that could mean the most important infrastructure is at risk. That should bring more business Darktrace’s way. But for the share price to revisit last year’s highs the company needs to sort out its own credibility issues first.