Do The #PanamaPapers Make All Law Firms A Target?

The massive haul of data from the Mossack Fonseca Panama Papers breach includes over 2.6 terabytes of data, the largest known breach in hacking history.

Information is coming to light on how a global collection of journalists and technologists managed and extracted knowledge from this collection of data, including information on the tools the journalists used to exploit and manage the data.

Additionally, it is pretty clear that Mossack Fonseca did not exercise good security practices.  Their emails were not encrypted, its websites had many vulnerabilities, which could have contributed to exploitation, and, perhaps more importantly, Mossack Fonseca did not have a means to detect the movement of all this data out of their enterprise. But still, the actual method of attack and data extraction is not yet known, and we might never know.

But still there is information we can assess relevant to the threat to organizations, especially law firms. At this point we believe it is prudent for all law firms to ask themselves a few questions:

Will hacking groups think all global law firms are as bad as Mossack Fonseca and therefore target them in new, more persistent ways?

  • Are your defenses optimized?
  • Do you have an insider threat program?
  • Are incident response plans tested?
  • Are strategic communications plans in place?
  • What can be put in place to provide warning of attack?
  • Is it time for an external verification of security?

We will continue to track this situation and report on any insights relevant to the threat.

TheBrief: http://bit.ly/20T6ZJh

« DARPA Has Invented The Ultimate Cyber Security
The First Ghost Ship In The US Robotic Navy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BruCON

BruCON

Brucon is Belgiums premium security and hacking conference.

Itaccel

Itaccel

IT Accel began a decade ago as a band of technical recruiters who wanted to bring our experience and depth of knowledge to solving complex human resou

Code42

Code42

Code42 CrashPlan, is an enterprise SaaS solution that backs up all distributed end-user data on a single, secure platform.

Beachhead Solutions

Beachhead Solutions

Beachhead's SimplySecure is a configurable, web-based management tool allowing you to remotely secure vulnerable mobile devices in your organization.

Eustema

Eustema

Eustema designs and manages ICT solutions for medium and large organizations.

Mantix4

Mantix4

Mantix4’s M4 Cyber Threat Hunting Platform actively defends against cyber threats.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

Government CSIRT - Chile

Government CSIRT - Chile

Government CSIRT is the Computer Security Incident Response Team for State networks and government cyberspace in Chile.

National Cybersecurity Society (NCSS)

National Cybersecurity Society (NCSS)

The National Cybersecurity Society is a non-profit organization focused on providing cybersecurity education, awareness and advocacy to small businesses.

SEEK

SEEK

SEEK create world-class technology solutions to address the needs of job seekers and hirers across multiple sectors including cybersecurity.

TES

TES

TES is a provider of IT Lifecycle Services, offering bespoke solutions that help customers manage the commissioning, deployment and retirement of Information Technology assets.

Hut Six Security

Hut Six Security

Train, test and track your Information Security culture through information security awareness training and customised phishing simulation campaigns.

BigPanda

BigPanda

BigPanda is the first provider of Autonomous Operations solutions that empower IT Operations at large, complex enterprises.

FortKnoxster

FortKnoxster

FortKnoxster is a cybersecurity company within the Crypto & FinTech space. Our encryption technologies are blockchain integrated.

XpertDPO

XpertDPO

XpertDPO provides data security, governance, risk and compliance, GDPR and ISO consultancy to public and private sector organisations.

ELK Analytics

ELK Analytics

ELK Analytics is a specialized Managed Security Services Provider (MSSP) that focuses on endpoint security and monitoring & alerting for any type of structured or unstructured data.