Majedie’s Morris and Record delve into the murky yet highly organised and crypto-levered world of cybercrime. 

Tom Record and Tom Morris, co-managers of the Global Equity Fund at Majedie report on why they believe that most companies and governments are still not doing enough to strengthen their defence efforts against the growing threat of cybercrime

The creation of the internet has removed borders. It has globalised businesses and relationships, moved experiences and assets from the physical to the virtual world and underwritten massive growth in productivity. But it has also brought the unwelcome rise of cybercrime, a multi-billion-dollar industry that impacts individuals, companies and institutions.

Cyberattacks come in many forms, from thefts to ransomware to pure destruction. A nightmare for victims at the time, incidents can also be wake-up calls for companies to really get on top of their IT, as was the case of Danish shipping company Maersk.

In 2017 Maersk saw most of its IT systems completely shut down at the hands of NotPetya, a piece of malware named after a satellite in the James Bond film Goldeneye. Employees were locked out of 49,000 laptops, 1,200 of the company’s global applications were inaccessible, and more than half of its servers were inoperable. The cyberattack also hit communications: fixed phone lines stopped working and, because they had been synched with Outlook, all contact lists were lost from company mobiles, severely hampering any kind of coordinated response. Maersk’s head of technology summed it up as ‘100% destruction of anything based on Microsoft that was attached to the network’.

The incident forced Maersk to rethink its whole approach to IT and prompted it to invest in more efficient and secure systems. The company made an astonishing recovery from the assault and shared everything it learned as it went along with all the other companies who had been affected, like WPP, Reckitt Benckiser and Mondelez.

Nordic Choice Hotels similarly managed to seize a positive outcome from the disaster of a cyberattack last year when it fell victim to ransomware. In response the hotel group decided to move a pilot project to full rollout, switching its operating system from Windows to Chrome OS. Within 24 hours the first hotel was back up and running, and over the next two days more than 200 hotels, spread across five countries, were back in operation. By shifting operating systems rather than scrapping its infected PCs, Nordic Choice avoided four tonnes of electrical waste and extended the life of its equipment by sixty per cent.

The profit motives of these cybercrime groups are closely linked to the value of cryptocurrency. Some of the trailblazers in using cryptocurrency in the early 2010s were cyber criminals. The value of bitcoin has increased by 7000x since 2012—a boon for cybercriminals who had used it to store their spoils. To put that in perspective, if a cybercriminal managed to extract a $5000 ransom in 2012, that would be $35 million of bitcoin today!

Modern warfare is fought in the digital sphere as well as the physical one. Analysis of NotPetya suggests that it likely targeted Ukraine, using a piece of tax preparation software as the initial vector for infecting businesses operating there. Since 2017, threats have become even more complex, and companies and governments have had to significantly step up their defence efforts. In our view most are still not doing enough, with human nature partly to blame—people tend to overvalue the physical world and undervalue the virtual one, even though the distinction between the two is getting blurrier by the day.