535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

April 21, 2016

Law Firms: Let the Mossack Fonseca Case Be a Harsh Lesson in Cybersecurity

By now you have undoubtedly heard about the Panama Papers data leak at law firm Mossack Fonseca, recently referred to by WIRED as “the biggest leak in whistleblower history.”

It’s bigger than the 2010 WikiLeaks Cablegate leak, which exposed 1.73 gigabytes of information about the secret dealings of classified information within the U.S. government.

In contrast, the Panama Papers contained 2.6 terabytes of information, or about 11 million files—a large portion of which sheds critical light on the state of global tax avoidance. The U.S. Department of Justice is now launching a formal investigation around “matters to which the Panama Papers are relevant.”

“This is pretty much every document from this firm over a 40-year period,” International Consortium of Investigative Journalists (ICIJ) director Gerard Ryle told WIRED.

Let’s shift our focus away from the contents of the papers, though, and onto the part that should send shivers down the collective spine of the legal industry:

Thanks to the Mossack Fonseca data leak, all law firms now are now effectively in the crosshairs for cybercriminals.  

In other words, this case brought into the public consciousness not only the large volume of the data that law firms harbor about individuals and corporations, but also the vulnerability of their cybersecurity measures.

Here’s what happened:

Back in 2014, an anonymous whistleblower at Mossack Fonesca—whose identity has not yet been revealed—contacted reporter Bastian Obermayer of the German newspaper Suddeutsche Zeitung and alerted him about information related to criminal activities in Mossack Fonseca’s possession. The two began corresponding regularly over encrypted channels, exchanging large volumes of information.

As of right now, the database has not been released in its entirety and there are currently no plans to release all of the information for reasons related to integrity. Moving forward, information will be released selectively.

“We’re not WikiLeaks,” Ryle said in the WIRED article. “We’re trying to show that journalism can be done responsibly.”  

The fact remains, though, that clients trusted Mossack Fonseca to keep their information safe, and the law firm failed to do so. Considering the clientele who were mentioned in the report (like Russian President Vladimir Putin), it’s safe to say that this is no ordinary data leak—and the implications could be enormous.

So if you are a cybersecurity professional at a law firm, stop and think about the files that your organization is protecting—and the potential consequences that could happen if that information was made public.

With this in mind, it’s time to start thinking about how you can protect your data.

To learn more about how Apex Technology Services, premier computer consultants for greater New York City and Fairfield County, can help improve your cybersecurity strategy, click here.

 



Related Articles