The Accidental Panama Papers
Panama broker accidentally exposed 52,000 financial and legal documents of wealthy individuals
The so-called Panama Papers exposed 2.6 TB of information that threatened the reputations and privacy of many of the world’s richest and most powerful figures. If you thought this kind of incident would teach people to be more careful with their sensitive data, you’d be wrong. Very wrong.
You may recall that back in 2015, an anonymous source hacked an email server, exfiltrated data from Mossack Fonseca and passed it to the International Consortium of Investigative Journalists. The 11.5 Million documents showed the rampant use of offshore businesses by many wealthy individuals. Journalists from over 107 organizations from 80 countries analyzed the documents for more than a year and covered the breach in excruciating (and often humiliating) detail.
This information exposed by the Panama Papers was the handiwork of hackers. Although cyber criminals continue to steal, sell and dump data every day, incredibly, an increasing amount of personal and corporate information is left exposed simply by accident.
Accidents All Too Common
With more of our activities moving online, the growing use of mobile devices, cloud applications and complexity of enterprise IT infrastructure, accidental data exposure is all too common. While large, sophisticated multi-nationals invest millions in cyber security, many third parties with sensitive information often do not have the teams or technology to stay ahead of fast evolving threats.
Unlike the original Panama Papers where data was hacked and exfiltrated, we detected a server that was accidentally exposing 52,000 documents including Know Your Customer applications, bank statements, wire transfers, company formation documents and scans of passports. None of this information is part of the original Panama Papers leak.
Unlike the Panama Papers which were provided to journalists, these documents could already be in the hands of criminals who could use them to blackmail, hold ransom or initiate other crimes.
Here are some examples of what we found:
· Dozens of “Know Your Customer” applications that describe financial assets and references for BHI Swiss Private Banking, UBS and Arifa.
- Hundreds of banks statements and account transactions for UBS, Societe Generale, BHI Swiss Bank and Arifa.
- Thousands of bank transfer details for UBS, Societe Generale, HSBC, JP Morgan, Wells Fargo, Scotia Bank and others.
- Legal /company formation documents.
- Stock certificates.
- Trusts and corporation structures.
- Identification documents such as passports.
Risk & Responsibility
Today’s attackers are focused, better armed and more organized. An underground economy exists to outsource attacks, reduce costs and allow more people with lower technical skills to launch more powerful attacks. In addition, with more of our data scattered across more servers, applications and companies, all it takes is one open window or one weak link.
Any device left open, using known TCP or UDP sharing ports, will be scanned by different threat actors several times a week. The number of hours that information is left exposed will magnify the amount of times data gets captured and disseminated — then used, sold and traded in the underground markets.
Individuals and organizations must take more responsibility for managing this risk and preventing theft. Data breaches covered by stiffer compliance regulations and breach notification laws are not just cutting short CEO careers, they are costing companies millions.
Companies must monitor for exposure — not only the network perimeter, but also the cloud, IT shadow and third parties, across the deep and dark web — so when it does happen, they can be alerted and respond faster, before more damage is done.
Previous generations recognized Panama as the place where man overcame great obstacles to trade and transport. What will today’s and future generations learn from what happened in Panama last year? Sadly, so far, apparently not much.
To learn how you can leverage an outside in approach to cyber security, visit 4iq.com.
