The Massive 'Air Gap' in Our Cyber Defenses
A near-catastrophic cyberattack spoiled... The massive 'air gap' in our cyber defenses... A human problem first, a practical problem second... Another milestone for the cannabis industry... A great call on bitcoin...
A few cybersecurity experts called it almost comical. We say it's scary...
The hack was blatantly obvious...
On Friday, a supervisor at a water-treatment plant in Oldsmar, Florida – on the northern edge of Tampa Bay – was looking at a computer console. All of a sudden, the cursor started moving independently across the screen even though he wasn't doing anything...
It wasn't a brief hiccup.
Somebody gained remote access to the plant's computer system and started changing settings for the chemicals applied to the water. Specifically, these miscreants began upping the amount of sodium hydroxide – also known as lye, which helps manage acidity – to insanely dangerous levels of 11,000 parts per million.
At that rate, the water would burn someone if they touched it.
Thankfully, the supervisor watched this all unfold... He quickly reversed the settings back to normal. Pinellas County Sheriff Bob Gualtieri said the intruder was in and out of the system in five minutes... Authorities don't know who he, she, or they are.
The hacker seemingly gained access through the county's TeamViewer software – a remote screen-sharing platform that is reportedly known for being unsecure. And it's worth noting that this attempted attack happened two days before the Super Bowl, which was played 25 minutes away at Tampa Bay's Raymond James Stadium.
Whether disrupting one of America's big traditions was the intention, we don't know... but it's not hard to imagine the catastrophe that could have been.
Officials say redundancies are built into water-treatment systems that would likely have prevented such dangerous levels of lye from getting very far. We can't know for sure.
We bring this up today to make a point...
This is not a new problem...
That's true both on the offensive and the defensive side of the story.
Some cybersecurity observers have likened this intrusion in Florida to Russia's attack on a Ukrainian power grid in 2015 and another attack on at least two Israeli water-treatment plants last year.
In the meantime, this hack also shows just how susceptible public facilities such as water-treatment systems really are. And the U.S. has no shortage of targets... The country has roughly 151,000 water-treatment facilities. As news service Reuters reported yesterday...
A 2020 paper in the Journal of Environmental Engineering found that water utilities have been hacked by a variety of actors, including amateurs just poking around, disgruntled former employees, cybercriminals looking to profit, and state-sponsored hackers. Although such incidents have been relatively few, that does not mean the risk is low and that most water systems are secure. This is because so-called "air gaps" between Internet-connected networks and the systems that directly manage pumps and other plant components are becoming less common.
"The reality is that many cybersecurity incidents either go undetected, and consequently unreported or are not disclosed because doing so may jeopardize the victims' reputation, customers' trust, and, consequently, revenues," the paper says.
And...
So far this year, the Department of Homeland Security has issued 25 advisories listing various industrial control systems that could be vulnerable to hacking. Affected products range from 3D rendering software to security cameras to insulin pumps.
The problem goes back years and years... And just last month in the Digest, I (Corey McLaughlin) highlighted the obvious need to strengthen cybersecurity defenses in the U.S. in the wake of the SolarWinds (SWI) attack.
The reports about that widespread attack keep getting worse and worse, by the way, starting with the presumed source – Russia – and the scope now expanding to include Chinese actors. As Stansberry NewsWire analyst Daniel Smoot reported last week...
Sources familiar with the matter on Wednesday told Reuters that the Federal Bureau of Investigation ("FBI") discovered that Chinese hackers may have accessed government computers in 2020. The sources added that the U.S. National Finance Center had been breached, indicating thousands of government employees may have had their information compromised.
This isn't meant to scare anyone. We simply want you to be aware...
Add the breach of the Florida water facility to the list of reasons why the U.S. needs stronger cybersecurity...
Patrick Miller, the U.S. coordinator at the Industrial Cybersecurity Center, says the TeamViewer software that was compromised in this incident in Florida is known to be prone to attacks. As he wrote in an online chat with Vice's Motherboard website...
This is an education or attitude problem. Allowing weak controls on remote access to critical systems is the issue. Someone either chose to do this for convenience with knowledge of the risks or they were ignorant of the risk and thought it wouldn't be found (or that it was secure enough in this configuration).
It's interesting... both of those "problems" aren't technical.
At the root, they're largely human problems that could happen in any industry... which tells us that beefing up our cybersecurity is an ideological problem first (as in, not taking this threat serious enough) and a practical matter second (how to protect the country).
Said another way, I don't think that anybody really wants a water system to be attacked... But how much can one county government outside of Tampa really do by itself?
We've said before that in most cases, municipalities and private companies are literally left to their own devices to protect their systems from digital attacks... as if they could protect themselves from physical missiles shot across the ocean. That's a tall task.
Cyber defenses in the U.S. are a largely disorganized patchwork. And if the country is going to actually protect itself from an endless stream of foreign invaders moving forward, public-private partnerships will be crucial... This is the only logical way for the U.S. to get up to speed and then stay ahead of the constant threat of cyberattacks.
So we'll reiterate what we said last month...
It's beyond time to get real about cybersecurity.
We need to act before any disasters happen. And once we get real about this problem, like with anything in life, a handful of companies will be better-positioned to profit than most.
Fortunately, our editors have their eyes on the leaders in this trend...
For one, Stansberry Venture Value editor Bryan Beach has identified one company at the forefront of cybersecurity. It's a relatively unknown tiny innovator with key government connections that is reimagining the way to think about protecting our digital assets.
It's also not a coincidence that the company's share price is up 240% since Bryan first recommended it in July. And of course, there is likely much more upside ahead... This frightening story reminds us why.
We'll be sure to keep tracking U.S. cybersecurity threats and trends in the months ahead.
Switching gears to another sign of the 'green wave'...
We wrote to you last week about why the cannabis industry is worth a look, especially if you haven't been paying attention to it recently... We also discussed the triple-digit gains that our colleague Thomas Carroll has racked up in his Cannabis Capitalist newsletter recently.
As we wrote, with Democrats in control of Congress, there are big legislative tailwinds at work for the cannabis industry right now... and it's a rapidly maturing sector in general.
Mergers like the one we detailed between Jazz Pharmaceuticals (JAZZ), a predominately neuroscience-focused company, and cannabis leader GW Pharmaceuticals (GWPH) show us this.
And this week, another piece of "green wave" evidence arrived in our inbox...
Yesterday, cannabis company Green Thumb Industries (GTBIF) announced that it had successfully received approval from the U.S. Securities and Exchange Commission ("SEC") to register and sell up to 10 million voting shares in the U.S.
Green Thumb also said that shortly after getting that approval, an unnamed institutional firm purchased 3.1 million of the newly registered shares in the U.S., priced around $32 per share... adding $100 billion to Green Thumb's balance sheet. The deal closed yesterday.
In a lot of cases, stock offerings cause a company's share price to fall instead of rise, since the value of the existing shares is diluted by making more available. But in this case, after the news, Green Thumb's shares – which currently trade "over the counter" in the U.S. under the ticker symbol "GTBIF" and in Canada under the ticker symbol "GTII" – popped about 10% over two days.
Why? This is a big deal...
As Thomas, a longtime health care sector analyst, told us in a private e-mail...
This is a massive cannabis capital markets milestone. Green Thumb is the first U.S. cannabis company getting its shares registered in the U.S. by the SEC, and then selling them to a U.S. investor.
Let's say that again... A U.S. cannabis company filed with the SEC (a U.S. federal agency) to register 10 million shares IN THE U.S... AND IT WAS APPROVED.
This is precisely the type of catalyst for industry growth that Thomas has been expecting today and in the years ahead. And it's a theme that Green Thumb CEO Ben Kovler also pointed out in a press release announcing the development...
Institutional investors are waking up to the great American cannabis growth story. This investment reflects the very real interest, understanding, and momentum behind the potential $100 billion U.S. cannabis opportunity that is happening now.
The holdup for the real explosive growth of the cannabis industry, of course, is that the drug is still classified by the federal government as a "Schedule 1" drug – alongside others such as heroin, LSD, and ecstasy.
As a result, U.S. companies still aren't listed publicly on American exchanges and don't have access to the federal banking system.
That's still the case today. But as Thomas noted, it's a very positive sign for the future of the cannabis industry as a whole for a federal agency like the SEC to green-light a business deal... and show a willingness to work with the parties involved.
Be sure to check out Thomas' work in Cannabis Capitalist for much more insight and actionable ways to allocate some of your portfolio to this growing industry...
At last check, the 13 positions in his model portfolio are up an average of 156% today. But as we've said in the past, the U.S. cannabis story is just starting to be written. There's likely still plenty of upside ahead for investors who are just getting involved today.
Finally, before we wrap up, we must talk about bitcoin...
In their January 28 issue, DailyWealth Trader editors Ben Morris and Drew McConnell alerted their subscribers about a great buying opportunity... in bitcoin.
Now, they didn't know that media darling Tesla (TSLA) was going to come out this past Monday morning and say that it had bought $1.5 billion in bitcoin, after which the cryptocurrency's price skyrocketed to new all-time highs... but they didn't need to.
That's the point...
At the time, bitcoin was trading around $33,000 – down from an early January peak close to $40,000. But based on their technical indicators, Ben and Drew noted that the price was trending upward overall... and said it was a good time to buy. As they told subscribers...
Bitcoin has been on a tear lately. But now that it has pulled back from its highs, you should think about adding some bitcoin.
It's in a strong uptrend... And it's trading right near its rising 50-[day moving average]. Even though it could continue lower, it may not drop much below $30,000 in the near term. And if it turns higher instead, it could jump to new all-time highs soon.
If you've been watching bitcoin and waiting for a safer time to buy, this is your chance.
They also offered guidance for both short-term traders and those folks interested in holding bitcoin over the long term in their portfolios... similar to the way you might hold gold or silver as "financial-disaster insurance." As Ben and Drew continued...
If you don't own any bitcoin, this could be a good time to start buying. We recommend that you keep your purchases small, though. Bitcoin is extremely volatile. So you should be prepared for it to fall and to buy more at lower levels.
Let's say you wanted to buy $5,000 worth of bitcoin over time. You could put in $1,000 today and then buy another $1,000 every two weeks or each month until you've invested the full $5,000. This way, you'll have a better average price if bitcoin pulls back more.
If you already own bitcoin or other cryptocurrencies, you can consider adding some of your exposure back. But only add if you want to allocate more of your portfolio to bitcoin for the long term.
Again, we suggest doing this slowly. You don't need to go all in today. Bitcoin is known for its big price swings. So if you buy today, be prepared to add at lower prices as well.
This is good advice for any buying opportunity that might come up in bitcoin. It's one way to stomach the volatility of an asset that's only about 10 years old... a detail that a lot of people forget.
Since that issue, bitcoin's price has swung big to the upside... It hit a new all-time high above $47,000 yesterday. The price of bitcoin is up roughly 40% since January 28.
Big kudos to Ben and Drew on identifying this buying window. And it's not the first time, either...
Subscribers who also bought bitcoin on their May 5, 2020 recommendation are up 430% today... and banked 241% profits in January on a later position recommended last June.
And as Ben and Drew have written recently, they also see the potential of bitcoin's long-term place in a well-balanced portfolio as people become more skeptical of paper currencies holding their value in the long run.
Overall, the trend in bitcoin remains up, but the window to make the most upside might be closing fast. That's what our colleague and Crypto Capital editor Eric Wade is saying today. Be sure to catch Eric's latest message right here.
New 52-week highs (as of 2/9/21): American Homes 4 Rent (AMH), ARK Fintech Innovation Fund (ARKF), Bunge (BG), BlackLine (BL), Siren Nasdaq NexGen Economy Fund (BLCN), Berkshire Hathaway (BRK-B), Baozun (BZUN), Cognex (CGNX), Comcast (CMCSA), Cresco Labs (CRLBF), Curaleaf (CURLF), Commvault Systems (CVLT), ProShares Ultra MSCI Emerging Markets Fund (EET), Comfort Systems USA (FIX), Fidelity Select Medical Technology and Devices Portfolio (FSMEX), Futu Holdings (FUTU), GrowGeneration (GRWG), Green Thumb Industries (GTBIF), Harvest Health & Recreation (HRVSF), ICICI Bank (IBN), Renaissance IPO Fund (IPO), Jushi (JUSHF), KraneShares Bosera MSCI China A Fund (KBA), KraneShares CICC China Leaders 100 Index Fund (KFYP), SPDR S&P Regional Banking Fund (KRE), KraneShares MSCI All China Health Care Index Fund (KURE), KraneShares CSI China Internet Fund (KWEB), ETFMG Alternative Harvest Fund (MJ), MSA Safety (MSA), Microsoft (MSFT), Cloudflare (NET), NetEase (NTES), Nuveen Municipal Value Fund (NUV), OrganiGram (OGI), OptimizeRx (OPRX), Palo Alto Networks (PANW), ProShares Ultra Technology Fund (ROM), Sea Limited (SE), Silvergate Capital (SI), First Trust Cloud Computing Fund (SKYY), Simulations Plus (SLP), Scotts Miracle-Gro (SMG), Seagate Technology (STX), Constellation Brands (STZ), Trulieve Cannabis (TCNNF), TFI International (TFII), TerrAscend (TRSSF), Ulta Beauty (ULTA), United States Commodity Index Fund (USCI), and Zebra Technologies (ZBRA).
In today's mailbag, we answer a question from a Stansberry Alliance member. As always, send your comments and questions to feedback@stansberryresearch.com. As a reminder, we cannot provide individual investment advice, but we do read every note.
"I am a lifetime Alliance Member and really enjoy your publications. I have run a Private Equity firm for 31 years but (until recently) have never invested in public markets. With the help of your publications, I am learning how to do it properly.
"I enjoy all of your publications and think the publishers and analysts at Stansberry's Credit Opportunities and Extreme Value are excellent (among others). However, I have not seen any of your publishers or analysts cover Preferred Stock. Who is your expert on Preferred Stock? These securities are structured differently and trade differently than bonds and I would like to understand them better. If you could point me in the right direction, I would appreciate it.
"My lifetime subscription has already paid for itself (just the way you intended). Keep up the good work." – Stansberry Alliance member Tom B.
Corey McLaughlin comment: Tom, thanks for your note and the kind words. We're especially happy to hear that your Alliance membership has already paid for itself...
As far as preferred stock recommendations, we will point you in the direction of our colleague Dr. David "Doc" Eifrig and his Income Intelligence newsletter. Doc and his research team touch on the sector – and the entire world of income-generating investments from all angles – in their "around the markets" section in each of their monthly issues.
As you alluded to, preferreds are not quite bonds... but not quite common stock either. Doc and his team dedicated an entire issue to preferred stocks several years ago that might help you understand them better. From their issue back in March 2016...
Preferred shares are a blend of stock and bond...
Like a common stockholder, you are a partial owner of the business. But rather than hoping for increasing dividends, preferred shares have an agreed-upon dividend rate that can be two or three times as high as a typical stock dividend.
A company will issue preferred stock to raise money and agree to pay a certain dividend rate. Usually, shares are issued at $25 each. After a specific date a few years into the future, the company can "call" shares and buy them back for $25.
So preferreds don't see rising dividends. The dividend is consistent. And prices of preferreds generally tend to hover around $25 because they can eventually be called. So there's not as much price appreciation as there may be in a stock.
But in return for giving up that appreciation, you can earn a 5% to 6% yield with a preferred... compared to 2% to 3% for regular shares.
The pair of preferred stocks Doc recommended in that issue are up 27% and 19% (again, almost all coming in dividends) today, but are currently "holds" in the Income Intelligence model portfolio. And frankly, there is not a ton of new actionable ideas to report in the sector...
We checked with Doc's team to be sure. Senior analyst Matt Weinschenk told us they're looking to updated their research on preferred stocks... but with yields so low recently, it has been tough to find worthy recommendations.
We hope this little bit of information helps.
As an Alliance member, you already have access to all of Doc's research. For anyone else interested in learning more about Doc's terrific Income Intelligence newsletter, click here.
All the best,
Corey McLaughlin
Naples, Florida
February 10, 2021