SolarWinds (NYSE: SWI) is an American IT management software company. It’s a lucrative business in a promising sector. But in December, the company was the target of a crushing hacker attack, the consequences of which could be devastating.
What they make money on
According to a succinct definition in SolarWinds’ annual report, “the company helps professional technicians manage all things IT. In fact, that’s pretty much all the company says about its business – otherwise customers would start to understand the issue and wonder why SolarWinds has an insane gross margin of 73.25% of revenue. The company’s software allows you to monitor application performance, optimize cloud infrastructure, protect data, and, well, yes, do “all sorts of ity stuff.”
I wish I could tell you more about this business, but with the scarce information that is presented in the report, it is impossible to do so. The only thing we can add is that some of the company’s revenue comes from ready-made software, and some comes from solutions made specifically for the needs of specific clients – but we do not know the details. The company’s revenue is divided into three segments.
Subscription. Well, there is not much room for interpretation: in this segment, customers pay the company for access to its software.
Maintenance. This is technical support and software updates.
In the first two segments, revenue comes from the same customers on a renewable basis – except that in the case of maintenance, the money is not received by subscription, but on the basis of a previously signed renewable contract.
License Sales. These are one-time sales of SolarWinds software to customers who then use it without term limits. The license sale includes a year of free service, but the company reports that 92% of customers renew their maintenance contracts in this case, so the subscription model essentially applies here as well.
Company revenue in thousands of dollars
|Subscribe||320 747||265 591|
|Maintenance||446 450||402 938|
|Total renewable revenue||767 197||668 529|
|Selling licenses||165 328||164 560|
|Total revenue||932 525||833 089|
Source: Company Annual Report, pp. 39 (40)
Company revenue by segment as a percentage of total revenue
|Total renewable revenue||82,3%||80,2%|
Company revenue by region in thousands of dollars
|USA||573 290||505 304||459 701|
|Other countries||359 235||327 785||268 316|
|Total revenue||932 525||833 089||728 017|
Source: Annual report, p. F-42 (106)
Revenue and profit for the last 12 months in billions of dollars, bottom line margin as a percentage of revenue. Source: Macrotrends
Until recently, the company was doing fine. It was profitable – which is actually a rarity in this field. SWI has been the beneficiary of a pandemic: the dramatically increased burden on Internet connectivity has increased its revenue and profits in 2020.
The pandemic has opened up tremendous potential for digitalization of the workplace, so in the natural course of things, SolarWinds could benefit from a further increase in network load caused by the mass shift of workers to remote work.
The company also has very good client metrics: the retention rate for subscription revenues is 105%, and the renewal rate for maintenance contracts is 92%. This means that it is possible to squeeze so much money out of the existing client base by imposing new services on them that it more than compensates for losses from unsubscribing clients.
But in December, events occurred that could undo all of SolarWinds’ achievements. It turned out that the company had fallen victim to a hacker attack, which resulted in hackers taking over the data of about 18,000 users of its software – the company has about 300,000 customers in all. And maybe even more: the hacking activity had been going on for months before any trace of it was discovered.
And this is a problem because SolarWinds services most of the Fortune 500 companies, as well as very serious American agencies: the State Department, the Federal Reserve, the Defense Department, and many others. In other words, the reputational damage is very high, since it is unknown how much data and whose data the hackers took out. For SolarWinds, this will probably mean a wave of customer backlash and, as a result, a severe deterioration of the financial situation. And that would be very bad timing.
The company has huge debts. According to a recent report, it has debts of $2.667 billion, of which $445.397 million must be paid within a year. And it has about $543.97 million on hand. It is doubtful that it will be easy for the company to find the finances to close its debts: SolarWinds’ credit rating is likely to be lowered, and this will make it much more difficult for the company to get a loan.
Perhaps SolarWinds will start issuing additional shares, but there are big doubts that there will be a big demand for these shares. The company screwed up considerably and now lacks that halo of promise that is necessary for the shares to be bought up in droves. Paradoxically, even the loss-making Proofpoint has a better chance of successfully selling a new batch of shares. Therefore, there is an immeasurable risk that SolarWinds shares will fall as a result of an additional issue: there may be no demand for this offer.
Even after SolarWinds shares fell 40% due to the news about the attack, it still has a huge P/E of 115. The damage from the hack has not yet been calculated and reflexed, and investors can expect the next unpleasant news that will bring down the quotations even more. After all, it can be reasoned that if the company is so expensive, then with such inputs it can fall in price by about four times compared to the current level of quotations.
Another important point is the problem of small and medium businesses in the United States. The company’s report is silent on the size of its customers, but by implication, we can understand that small businesses make up a very, very significant percentage of SolarWinds’ total number of software users. This could be a problem in the medium term, as small businesses were hit the hardest by the coronary crisis and could start cutting back on spending in IT departments, which would not reflect well on the company’s reporting, either. But this is a potential threat in the future, not a problem right here and now.
The hacker attack ruined the company’s shiny prospects. Don’t take that stock now, though of course there is the temptation to pick it up in anticipation of a rebound. But the problem here is that the rebound may not happen: there may be news of a mass rejection of the company’s software by its customers. Or some aggravating circumstances may turn up – for example, that the scale of the hack was much larger than originally thought. All in all, there is still room to fall.