Panama Papers Reveals Law Firms are Easy Pickings for Hackers
The recent revelation that Mossack Fonseca, a very prominent Panamanian law firm, lost 11.5 million documents has forever damaged the reputation of the country and many of the investors who use the Central American nation as a safe haven.
The Panama Papers hack we now know yielded 2.6 terabytes of data from the world’s fourth biggest offshore law firm. From the information that Mossak Fonseca has shared publically we understand that this was an external hack that exploited a vulnerability in its’ corporate email server. Whatever the technique used, “the large amounts of data alone heading out from a company’s networks should have raised alarms — and yet it didn’t,” said Erka Koivunen, cyber security advisor for F-Secure.
The repercussions of a hack this large in scale and publically visible is yet unknown however if an international law firm dealing exclusively in very sensitive data is this easily hacked, how vulnerable is the average law firm? It certainly stands to reason that other law firms would become the focus of hackers looking for financial gain or fame.
According to the American bar Association’s (ABA) Legal Technology Survey results, 58% of lawyers surveyed cited “security” as the top reason that prevented them from using cloud services. But an article in the Business Insider concluded that “law firms are easy picking for hackers” and with Bloomberg finding that 80% of larger U.S. law firms were hacked in 2015, it seems abundantly clear that the legal industry should take a closer look at their internal processes and start outsourcing more IT services to the cloud. If Mossack Fonseca had been using a Cloud backup service all data would have been encrypted in flight and at rest while preserving data integrity and delivering critical visibility – certainly seems like an upgrade to their current environment.