Here’s A $19 Profit Play On The Colonial Pipeline Hack

man siting facing laptop

A shadowy criminal gang from overseas pulled off a brazen cyber-hijacking of half the East Coast's gasoline supply. Nope, this isn't that James Bond movie that keeps getting pushed; it's the latest ransomware hack.

Around 100 million gallons of gasoline flow from Houston to New York via the Colonial every day. That's around 45% of the East Coast's fuel intake, and since the "DarkSide" attack hit May 7, inleaded gas prices are hitting $2.99 a gallon, on average, nationwide, which is a level we haven't seen here since late 2014.

So, what's the profit play here? Energy? Oil and gas? There is a supply crunch, not to mention the recovery underway. But… you'd have to be way fast on the trigger.

No, the serious profit potential the Colonial hack is generating is right here, where not very many people are looking right now.

The Hack Impact Will Linger Long After the Gas Starts Flowing

A huge chunk of the media bandwidth spent on the Colonial hack is going toward the supply crunch, and for now – as in, this week – it's a big deal.

The long-term impact is on cybersecurity, and the way I see it, that's where the real profit potential is.

A criminal gang we know pretty much zero about just pulled a cyber-Pearl Harbor, and it's impacting lives and bottom lines. Senator Rob Portman (R-OH) told a Senate hearing Tuesday that the Colonial attack "is potentially the most substantial and damaging attack on U.S. critical infrastructure ever," and in this case, he's not being dramatic.

The Colonial hack is just one of hundreds of thousands of cyber-attacks that we know of; we're still dealing with the fallout from the SolarWinds hack of dozens of private- and government-sector organizations.

Entire cities – San Francisco, Baltimore, New Orleans – have had operations disrupted through ransomware attacks of one kind or another. Hospital systems, school systems, police departments – you name it, criminal hackers have probably hit it. Acer Inc., a big Taiwanese electronics company, was recently hit with a ransomware demand for $50 million – a world record, unfortunately.

I can't list all the hacks, so I won't.

For a few years now, governments have at least taken the cyber-threat seriously. But I do get the sense that governments are going to view the DarkSide attack as a kind of wakeup call to really ratchet up spending and national efforts on cybersecurity. This hack is certainly having a huge economic and social impact right now.

And as it happens, cybersecurity is "hot" right now, despite the drop in the ETFMG Prime Cybersecurity ETF (NYSEArca: HACK). In fact, you could argue it's so hot that it's become saturated; it continually attracts founders, investors, all kinds of capital.

That's a double-edged sword: The sector is flush with cash and deals for takeovers, but that saturation makes the job of picking stocks to own and trade that much harder.

But the S.C.A.N. algorithm is our ace in the hole – you can learn more about it right here. Saturation doesn't bug it a bit; it follows the cold, hard cash institutions move around.

Here's the Best Cybersecurity Play Right Now

That's why I like FireEye Inc. (Nasdaq: FEYE). The California-based cybersecurity firm, which specializes in threat detection, software, and hardware security solutions is actually helping out in the Colonial Pipeline incident.

This isn't its first rodeo; it's assisted in mitigating hacks against Target, JPMorgan Chase, Anthem Healthcare, and Sony Pictures – quite a few high-profile attacks, even if the stakes haven't been as high. A lot of that experience is down to its acquisition of Mandiant – a world-class "incident response" operation that famously directly accused China of cyber-spying.

One thing we don't know about FireEye, by design, I'd say, is exactly how many incidents it's prevented over the years.

This company has put up good numbers over recent quarters – business is booming, after all. Fourth-quarter 2020 revenue was up a modest but sustainable 5%, while annualized recurring revenue was up 8%. Gross margin – the generally accepted accounting principles (GAAP) gross margin – was 65%.

And it hasn't really let up on the acquisitions; they've been frequent and smart. In late 2020, it bought Respond Software, for instance.

Now, FireEye popped around 5% after its involvement with the Colonial hack response went public. But I think that upside is just a taste of what could be coming around the corner.

Cybersecurity is a hotbed of deal-making, and there were persistent rumors that Cisco Systems Inc. (Nasdaq: CSCO) was preparing to buy FireEye. That hasn't happened yet, and it may not, but FireEye makes an extremely attractive takeover target for some of the big-cap cybersecurity firms out there. I think the performance of the company, at face value, is worth buying, but the better-than-average likelihood that FireEye will find itself a buyer shouldn't be ignored, either.

Disclaimer: Any performance results described herein are not based on actual trading of securities but are instead based on a hypothetical trading account which entered and exited the suggested ...

How did you like this article? Let us know so we can better customize your reading experience.


Leave a comment to automatically be entered into our contest to win a free Echo Show.
William K. 3 years ago Member's comment

Certainly this is a valid point, that system security is in need of better protection. And the valid security organizations that produce products that actually work well will do well. And everything from microsoft is still shipped long before it is ready to ship, as evidenced by the weekly patches and fixes. But that appear to be their business plan.