Story image

Experts discuss implications of massive Paradise Papers leak

10 Nov 17

The recent news about the huge leak of financial documents has caused waves around the world.

Deemed the Paradise Papers, 13.4 million documents were pilfered and hence revealing how the powerful and extremely wealthy (including some of interests related to President Trump, and the Queen’s private estate) secretly invest monumental amounts of cash in offshore tax havens.

The stories that have emerged from the leak have only just scratched the surface, with many centred on how politicians, multinationals, celebrities and high-net-worth individuals use complex structures of trusts, foundations and shell companies to protect their cash from tax officials or hide their dealings behind a veil of secrecy.

CEO of web security company High-Tech Bridge, Ilia Kolochenko says this seems to be another major hacking case where intruders won’t be found and prosecuted.

“Notwithstanding the allegations of wrong-doing offshore, a crime cannot be justified by investigation of unlawful activities. Victims should explore various legal avenues to claim damages, which may be quite significant,” says Kolochenko.

Global Security Advocate at Digital Guardian, Thomas Fischer says the implications from this leak are going to be severe and wide-reaching.

"Putting aside the fact that the leaked financial details appear to include information about the murky world of offshore finance, for the victims, this leak could have life altering or, at the very least, hugely distressing effects,” says Fischer.

“Ultimately, the breach could trigger serious legal repercussions against Appleby. Data protection should be of the utmost importance in these businesses and yet we have seen a growing number of data breaches in law firms in recent times.”

Kolochenko says law firms in particular have become a very attractive target for cybercriminals.

“Hacking of their clients is quite costly, will likely be detected and investigated, and almost certainly will cause very serious counter-actions. Many law firms still carelessly rely on the law for data protection, but this is in vain,” says Kolochenko.

“Paucity of financial resources and lack of qualified personnel preclude law enforcement agencies from investigating and prosecuting the vast majority of crimes committed in digital space. This creates a very dangerous atmosphere of unlawfulness and impunity in the Internet, undermining trust in the government and its ability to protect our society.”

Both experts say this leak is indication for companies to reconsider their security strategies.

“This latest case reinforces the need for “data aware” security technologies in the legal sector. If Appleby had such technologies in place, it could have prevented its most sensitive data from being copied, moved or deleted without approval or permission,” says Fischer.

“Companies must learn from incidents like this and apply the right methods of protection to their IT environment, with the ability to apply security at the data-level being at the core.”

Kolochenko says this reinforces the need for “data aware” security technologies in the legal sector.

“It may be a good moment to think about imposing obligatory data security standards on law firms and practicing attorneys,” Kolochenko says.

“Their data deserves at least the same level of protection as data of companies under PCI DSS or HIPAA compliance. Otherwise, visiting attorneys will become a very risky practice."

Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Chch crypto-exchange Cryptopia suffers breach
Cryptopia has reportedly experienced a security breach that has taken the entire platform offline – and resulted in ‘significant losses’.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.
Carbon Black: What does cybersecurity have in store for 2019?
Tom Kellerman has shared five insights for the year ahead, including a particularly bold one.
Hands-on review: The Ekster Wallet protects your cards against RFID attacks
For some time now, I’ve been protecting my credit cards with tinfoil. The tinfoil hat does attract a lot of comments, but thanks to Ekster, those days are now happily behind me.
Report on SingHealth breach condemns poor security practices
The 2018 Singapore SingHealth data breach was poorly managed and riddled with vulnerabilities from the start.
Tesla wants people to hack its Model 3
Tesla is offering white hat hackers what could be the chance of a lifetime – the opportunity to hack one of its Model 3 vehicles.