Do The #PanamaPapers Make All Law Firms A Target?

Uploaded on 2016-04-20 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

The massive haul of data from the Mossack Fonseca Panama Papers breach includes over 2.6 terabytes of data, the largest known breach in hacking history.

Information is coming to light on how a global collection of journalists and technologists managed and extracted knowledge from this collection of data, including information on the tools the journalists used to exploit and manage the data.

Additionally, it is pretty clear that Mossack Fonseca did not exercise good security practices.  Their emails were not encrypted, its websites had many vulnerabilities, which could have contributed to exploitation, and, perhaps more importantly, Mossack Fonseca did not have a means to detect the movement of all this data out of their enterprise. But still, the actual method of attack and data extraction is not yet known, and we might never know.

But still there is information we can assess relevant to the threat to organizations, especially law firms. At this point we believe it is prudent for all law firms to ask themselves a few questions:

Will hacking groups think all global law firms are as bad as Mossack Fonseca and therefore target them in new, more persistent ways?

  • Are your defenses optimized?
  • Do you have an insider threat program?
  • Are incident response plans tested?
  • Are strategic communications plans in place?
  • What can be put in place to provide warning of attack?
  • Is it time for an external verification of security?

We will continue to track this situation and report on any insights relevant to the threat.

TheBrief: http://bit.ly/20T6ZJh

« DARPA Has Invented The Ultimate Cyber Security
The First Ghost Ship In The US Robotic Navy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Juniper Networks

Juniper Networks

Juniper Networks is the industry leader in network innovation. We provide network infrastructure and network security solutions.

Softtek

Softtek

Softtek helps its clients to gain a competitive edge by implementing digital solutions that propel their business strategies.

Cyber Security Experts Association of Nigeria (CSEAN)

Cyber Security Experts Association of Nigeria (CSEAN)

Cyber Security Experts Association of Nigeria (CSEAN) is a not for profit group of professionals in the field of Information Security in Nigeria and Diaspora.

aeCERT

aeCERT

aeCERT is the national Computer Emergency Response Team for the United Arab Emirates.

Plurilock Security Solutions

Plurilock Security Solutions

Plurilock is a real-time cybersecurity solution that uses artificial intelligence to identify, prevent, and eliminate insider threats.

Cryptika

Cryptika

Cryptika is a fully integrated IT security and managed services provider, specialized in Next-Generation Cyber Security Technologies.

Cybil

Cybil

Cybil is a publicly-available portal where members of the international cyber capacity building community can find and share information to support the design and delivery of programs and projects.

Satori Cyber

Satori Cyber

The Satori Cyber Secure Data Access Cloud is the first solution on the market to offer continuous visibility and granular control for data flows across all cloud and hybrid data stores.

Kinnami Software

Kinnami Software

Kinnami is a data security company that equips organizations with the tools they need to secure and protect highly confidential documents and data.

Sylint

Sylint

Sylint is an internationally recognized cyber security and digital data forensics firm with extensive experience discretely addressing some of today’s biggest cyber breaches.

Armexa

Armexa

Armexa is a leading provider of advanced industrial cybersecurity solutions that protect your critical OT and ICS infrastructure against ever-changing threats.

Ibento Global

Ibento Global

Ibento organises the CyberX series of cybersecurity conferences.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

TrustCloud

TrustCloud

TrustCloud is a global company specializing in the orchestration and custody of secure digital transactions including identification, signature, payments, and electronic custody.

TachTech

TachTech

TachTech is passionate about trust, security and privacy in the digital world. We create tailored security and compliance solutions to improve your business.

Tanzania Industrial Research and Development Organization (TIRDO)

Tanzania Industrial Research and Development Organization (TIRDO)

TIRDO is a multi-disciplinary research and development organization.