June 14, 2016 at 12:18Leak of the Panama Papers: a new reality?
- Transfer
- Recovery mode
Cybercrime has become such an expected and normal occurrence that media coverage of the Panama Papers leak barely mentions the failure of the law firm Mossack Fonseca, which did not protect the most valuable and sensitive assets: files and emails that identify clients and their operations. New week, new failure.
A new PwC report says cybercrime is about to become No. 1 economic crime among companies in the US, surpassing "century-old asset misappropriation" or stealing money. A PwC study also found that only 40 percent of systems request status information more than once a year, suggesting management failures.
Regardless of the size and nature of your organization, a leak like in Panama Papers is relevant and possible. Files and emails are a digital record of everything we do. This is unstructured data, as it is called in IT, it is usually what companies have the most and at the same time what they least know. Not so long ago, our company conducted a risk assessment, in which it was found that more than 25 percent of the shared folders in the average company are not blocked, and are in the public domain for everyone in the company. Almost all data leaks are the result of insider access, regardless of whether the offender is an offender, an employee with bad intentions, or just an innocent click in an email with a malicious attachment.
Servers containing e-mail, as a rule, are one of the largest treasures with valuable information. If you spy on a company, the CEO’s mailbox will be the best place to see how things are going on at the company. One of the main problems in the field of email security is that the most valuable mailboxes are usually the most vulnerable. This is because executives (and law-abiding partners of law firms) often have assistants and other people who have access to mailboxes, some even have admin access for a long period of time. Another email security issue is that their activity is rarely recorded or analyzed, which makes theft almost invisible. The ubiquitous Microsoft Exchange has “public folders”, in which a large amount of confidential information can accumulate, companies often do not pay enough attention to protecting these folders. If the assistant’s account is compromised by stolen passwords, or if the assistant acts intentionally, the mailbox with all its contents can be easily hacked without any traces.
When the Panama Papers were made public, Mossack Fonseca claimed an “unauthorized diversion”. This was widely accepted as a fact of an external attack, despite the ambiguity of the situation, because it is hardly possible to pick up 2.6 terabytes over the Internet without being noticed. Downloading such a large amount of data from an e-mail server via the Internet is like rafting down a river on a straw. It is more likely that there was insider access, and the possibilities to track it were negligible ..
To compile the 2016 United States Global Economic Crime Survey, PwC interviewed more than 6,000 people in 328 different organizations, most of whom were senior executives of publicly traded companies in all industries. Fifty-four percent said they suffered from cybercrime over the past two years, that is, more than half of the respondents experienced the misappropriation of assets.
Financial influence is often overlooked when considering cybercrime. Since PwC polls many business leaders, reliable data were more accessible than in other studies. PwC said: “Some of the respondents (about 50 organizations) said they suffered losses in excess of $ 5 million; almost a third of them reported losses related to cybercrime worth more than $ 100 million. ” A study conducted by IBM and the Ponemon Institute in 2015 showed that the average cost of data leakage is currently around $ 6.5 million.
These kinds of values are associated with data, which can lead to the commercial use of personal identification data (PII) or intellectual property, which can lead to a corporate crisis, if the data is stolen, why do not we protect them better? We underestimate their value and vulnerability. We forget about them, and rarely delete them. A recent surge in ransomware activity shows us how vulnerable unstructured data can be - ransomware advertises its presence to end users after they encrypt files, asking for several bitcoins - organizations are struggling to detect it before a huge number of files get corrupted. Other threats often appear much later (if at all) and freeing them will be a much more expensive process.
Of course, modern companies can monitor networks due to unusual activity or scan known viruses, however, they are usually not equipped to identify a new generation of hidden malware. Simply put: most companies have a huge and expensive blind spot when it comes to protecting repositories with unstructured information. Better risk assessments, improved data protection, and more serious file system monitoring are currently key to real security.
Since we will never be able to prevent hackers from gaining access to insider information, we can only detect such interference as quickly as possible, limit the damage, and ultimately reduce the costs incurred due to data leakage. Then, perhaps, we will no longer be so shocked by the news about data theft in broad daylight, we will be ready to prevent this.
A new PwC report says cybercrime is about to become No. 1 economic crime among companies in the US, surpassing "century-old asset misappropriation" or stealing money. A PwC study also found that only 40 percent of systems request status information more than once a year, suggesting management failures.
Regardless of the size and nature of your organization, a leak like in Panama Papers is relevant and possible. Files and emails are a digital record of everything we do. This is unstructured data, as it is called in IT, it is usually what companies have the most and at the same time what they least know. Not so long ago, our company conducted a risk assessment, in which it was found that more than 25 percent of the shared folders in the average company are not blocked, and are in the public domain for everyone in the company. Almost all data leaks are the result of insider access, regardless of whether the offender is an offender, an employee with bad intentions, or just an innocent click in an email with a malicious attachment.
Servers containing e-mail, as a rule, are one of the largest treasures with valuable information. If you spy on a company, the CEO’s mailbox will be the best place to see how things are going on at the company. One of the main problems in the field of email security is that the most valuable mailboxes are usually the most vulnerable. This is because executives (and law-abiding partners of law firms) often have assistants and other people who have access to mailboxes, some even have admin access for a long period of time. Another email security issue is that their activity is rarely recorded or analyzed, which makes theft almost invisible. The ubiquitous Microsoft Exchange has “public folders”, in which a large amount of confidential information can accumulate, companies often do not pay enough attention to protecting these folders. If the assistant’s account is compromised by stolen passwords, or if the assistant acts intentionally, the mailbox with all its contents can be easily hacked without any traces.
When the Panama Papers were made public, Mossack Fonseca claimed an “unauthorized diversion”. This was widely accepted as a fact of an external attack, despite the ambiguity of the situation, because it is hardly possible to pick up 2.6 terabytes over the Internet without being noticed. Downloading such a large amount of data from an e-mail server via the Internet is like rafting down a river on a straw. It is more likely that there was insider access, and the possibilities to track it were negligible ..
To compile the 2016 United States Global Economic Crime Survey, PwC interviewed more than 6,000 people in 328 different organizations, most of whom were senior executives of publicly traded companies in all industries. Fifty-four percent said they suffered from cybercrime over the past two years, that is, more than half of the respondents experienced the misappropriation of assets.
Financial influence is often overlooked when considering cybercrime. Since PwC polls many business leaders, reliable data were more accessible than in other studies. PwC said: “Some of the respondents (about 50 organizations) said they suffered losses in excess of $ 5 million; almost a third of them reported losses related to cybercrime worth more than $ 100 million. ” A study conducted by IBM and the Ponemon Institute in 2015 showed that the average cost of data leakage is currently around $ 6.5 million.
These kinds of values are associated with data, which can lead to the commercial use of personal identification data (PII) or intellectual property, which can lead to a corporate crisis, if the data is stolen, why do not we protect them better? We underestimate their value and vulnerability. We forget about them, and rarely delete them. A recent surge in ransomware activity shows us how vulnerable unstructured data can be - ransomware advertises its presence to end users after they encrypt files, asking for several bitcoins - organizations are struggling to detect it before a huge number of files get corrupted. Other threats often appear much later (if at all) and freeing them will be a much more expensive process.
Of course, modern companies can monitor networks due to unusual activity or scan known viruses, however, they are usually not equipped to identify a new generation of hidden malware. Simply put: most companies have a huge and expensive blind spot when it comes to protecting repositories with unstructured information. Better risk assessments, improved data protection, and more serious file system monitoring are currently key to real security.
Since we will never be able to prevent hackers from gaining access to insider information, we can only detect such interference as quickly as possible, limit the damage, and ultimately reduce the costs incurred due to data leakage. Then, perhaps, we will no longer be so shocked by the news about data theft in broad daylight, we will be ready to prevent this.