Data leaks of the rich and famous: Panama Papers show no one’s secrets safe
Papers leaked from a Panamanian law firm are teaching us all about how elites hide their money around the world.
The documents, published over the weekend, have exposed the tax shelters of Icelandic government officials and shined a light on the financial practices of the already beleaguered soccer organization FIFA. And that’s just a start.
The leaks have prompted outrage, with Icelanders filling the streets of Reykjavik to protest, and caused people to shake their heads at the fact that many of the corporate shenanigans detailed in the documents are legal.
But the documents’ exposure and publication in multiple news sources shows something more: embarrassing internal documents are now a sitting target on company servers. It’s unclear how the Panama Papers, as they’re being called, made it out of the Mossack Fonseca law firm’s grasp. But the company, known for creating offshore bank accounts for its wealthy clients, is far from alone. It joins the ranks of several others that have seen the dirt dished on their clients, customers or employees.
Cybersecurity experts say we should expect to keep seeing shocking — shocking! — data leaked, hacked and otherwise stolen, because the problem of keeping it safe is far from being solved. It’s great for investigative journalists, but not great for the general security of all our personal information on the Internet.
Right now, it’s a cakewalk to take documents from an organization, cybersecurity experts say. If an outside attacker hacks into a company’s networks, often documents like the ones from Mossack Fonseca are easy to find and steal copies of, said Bill Anderson, an executive at cybersecurity company OptioLabs.
Even if a company has strong defenses of its network, employees might take data home to work on outside the office, or they might unwittingly bring a laptop to work that’s infected with malicious hacker software.
Encryption, or a method for scrambling up information for anyone who doesn’t have the right key, is one way that data can be protected. But that might not be enough if too many people have access to the key. After all, there’s always the threat of an insider who will intentionally steal and leak documents.
“I think we need to change the fundamental design of the way each and every document is created and managed,” Anderson said