These Cybersecurity Stocks Are Beating the WannaCry Ransomware Hackers

May 15, 2017

Despite the global scale of the ransomware attack dubbed "WannaCry," its creators have reportedly collected just $50,000 in bitcoin from the hack as of early Monday.

Meanwhile, the cybersecurity industry's valuation rose billions over the weekend, as investors bet on an increase in cyber attacks driving business to those who know how to defend against it.

In total, the market capitalizations of the five biggest cyber security-related companies in the industry, as ranked on the PureFunds ISE Cyber Security exchanged-traded fund, rose $5.9 billion in early trading Monday. Shares of Symantec alone has added $750 million to its market cap since Friday.

The WannaCry attacks, which first surfaced Friday, became a sign to investors that the cybersecurity industry would grow even further as cyber attacks become more sophisticated in future years. Microsoft's Chief Legal Officer for instance wrote Sunday that the U.S. government should work with tech companies to approach cyberattacks with the same gravitas it applies to military attacks. And the U.S. certainly takes its military and defense very seriously. About 17% of the country's near $4 trillion budget currently goes toward defense spending, according to the Congressional Budget Office.

By early Monday, the cyber security ETF, which tracks 40 companies in the industry, rose 3.3% in trading, beating the S&P 500's 0.5% pop in the same day. Its five biggest constituents are Cisco(which rose 2.8%), Symantec (4%), Check Point Software(2.4%), Juniper Networks(0%), and Palo Alto Networks(3.7%).

Cisco in particular received a slight boost after Morgan Stanley analysts upgraded the company to the equivalent of "Buy" Monday, with Morgan Stanley saying companies would increasingly focus on cybersecurity from now on.

Companies that saw their stocks jump the most following the hacks though were Mimecast(11%), Sophos Group (7.8%), Proofpoint(7.3%), and Fireeye (7%). Curiously, Sophos once boasted that it protected the U.K.'s National Health Services — one of the organizations most heavily affected by the attacks. Sophos later removed that tidbit from its website.

All products and services featured are based solely on editorial selection. FORTUNE may receive compensation for some links to products and services on this website.

Quotes delayed at least 15 minutes. Market data provided by Interactive Data. ETF and Mutual Fund data provided by Morningstar, Inc. Dow Jones Terms & Conditions: http://www.djindexes.com/mdsidx/html/tandc/indexestandcs.html. S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions