Daily Comment (May 15, 2017)
by Bill O’Grady, Kaisa Stucke, and Thomas Wash
[Posted: 9:30 AM EDT] Financial markets are quiet, although we are seeing a strong rally in crude oil (see below). Here are the themes we are following this morning.
BREAKING: Edouard Philippe has been named PM of France. He is a member of the Republican Party, suggesting the newly inaugurated President Macron is leaning right. Philippe could be replaced after legislative elections next month.
Hack attack: On Friday, reports of a ransomware attack in the U.K. emerged. They rapidly mushroomed, with some 200k computers compromised worldwide. The U.K. health service was severely affected, car plants in France were forced to close and numerous areas of the Russian economy were struck. Reports suggest that whoever is behind the attacks isn’t making a mint—the NYT reports that, so far, they have made about $33k. Fortunately, the attack does appear to be a bit amateurish. For example, a researcher in Britain noted that a “kill switch” was imbedded in the code. He activated it and slowed the spread of the virus. Nevertheless, there are some bigger issues that have been revealed by this attack. First, we have allowed the software industry to be held faultless for its bugs. This was a legal decision made to allow the firms, when in their infancy, to grow rapidly. If they were liable for the damages wrought from software that had security flaws, the growth of the internet and microcomputers would not have occurred as quickly as it did. We saw similar legal decisions in other industries. In the early days of railroads, the burden of safety was on the parties crossing tracks, not on the railroads. This fostered faster growth of railroads at the cost of public safety. Over time, as the railroads became established, the laws changed and rail crossings became clearly marked with gates to reduce the odds of crashes at rail crossings. We may be reaching that point now. If a software firm could be sued for putting out bad software, it would be more careful. Second, a system that has multiple entry points is vulnerable. Phishing attacks work because the hacker is betting on one mistake. In a large entity, the odds that one inadvertent opening of an attached file is worth taking. Third, software companies have to take steps to encourage users to update systems. The concern about updating systems is that often the company decides to make “improvements” in the underlying software that the user may not want. New isn’t always improved. And so, there is always a fear that if one updates their software, they may get an unwelcome change in the “look and feel” of the software. Hence, there is a reluctance to update which means critical security patches are not downloaded. Fourth, the idea that software companies can orphan software, at least for security purposes, has to be abandoned. The money the company made by selling the software didn’t expire—neither should the obligation to maintain its security. The bottom line in all of this is that the tech industry is sitting on mountains of cash—being allowed to sell a defective product without ramifications, perhaps appropriate in the early days of technology, is becoming difficult to defend and thus a change in the legal landscape is probably coming.
North Korea launches missile: Over the weekend, North Korea launched a new “medium long-range” ballistic missile which it claims can carry a heavy nuclear warhead. Analysts monitoring the launch say this test represents a major improvement in North Korean missile technology. The Hwasong-12 is an improvement; on the other hand, it doesn’t appear to be capable of intercontinental flight. This missile is probably a threat to Japan and Southeast Asia but not to the U.S. mainland. Sadly, the technology does show progress toward an ICBM.
The Silk Road meeting: China held a large meeting for its “one belt, one road” investment program designed to recreate the Silk Road, which was a transit for goods to move from China to Europe. The original road was on land; this one is designed for both land and sea. As part of this program, China is building port facilities across Southeast Asia. Not all nations are welcoming; India is not participating in the meetings and Russia is concerned about China’s growing influence in the overland part of the program which runs through the ‘stans, a region Russia views as part of its near abroad. We view China’s program as a form of imperialism. Unlike the U.S., which exercises its hegemony through the dollar as reserve currency and by acting as importer of last resort, it appears that China is trying to utilize its growing excess capacity by funding infrastructure in foreign lands. This is a form of what the European powers did in the 18th and 19th centuries when they too found themselves with excess capacity. They acquired colonies which became targets of exports; in other words, the colonies were forced to accept imports from the mother country which maintained employment in the colonizer. It also offered a venue for mother country saving which would be protected from expropriation. We note that China is furiously building a “blue water” navy to protect these investments. Although the U.S. press is framing the Silk Road initiative as filling the void caused by the U.S. abandonment of free trade and the TPP, an outgrowth of “America First,” it is only partly that. China would have needed to do this regardless of the existence of TPP. However, the absence of TPP greatly enhances the likelihood of success.
OPEC + Russia extend deal: Although the rest of the cartel needs to agree, that is mostly a formality. The fact that the Saudis and Russians have agreed to extend cuts into Q1 2018 is bullish for oil. Oil prices are stronger this morning. We continue to maintain that oil prices are in a range between $45 and $55. We expect oil prices to move toward the top end of that range in the coming weeks. This is good news for U.S. oil producers; effectively, OPEC + Russia is creating a price umbrella that offers price protection to expanded output.
 https://www.nytimes.com/2017/05/13/world/asia/cyberattacks-online-security-.html (paywall)