Unless you’ve been living on Mars, you’ll have seen the news this week that 11.5 million documents from Panamanian law firm Mossack Fonseca have been stolen and leaked to the press. As far as data breaches go, they don’t come much bigger or more damaging than this. The whole wide world seemed to be involved. In Belgium alone, about 732 persons can be linked to 1144 financial constructions in eleven different tax havens, via the Panamese law firm Mossack Fonseca. Many of these Belgians are CEOs, financial managers, and/or public figures.
Without wanting to comment on the content of those documents, there’s a clear security lesson to be learned.
Whether they deal in highly sensitive data like this or not, modern businesses must accept the truth that they’re all now a target. And one of the key ways to mitigate the risk of attack is by shoring up server security as part of a multi-layered approach, starting with patching.
A cautionary tale
Mossack Fonseca is claiming that the breach was the result of “an unauthorised breach of our email server”. The result in this case appears to have been catastrophic, with newspapers exposing the alleged shadowy offshore tax dealings of over a dozen current and former world leaders.
We don’t know exactly how hackers managed to breach Mossack Fonseca’s systems, but very often it’s by exploiting a simple vulnerability. Organisations must take patching more seriously to remove this “lowest hanging fruit” which black hats are always on the lookout for. To combat more sophisticated, targeted attacks, there are technologies such as advanced sandboxing which can spot and block zero day threats. And integrity monitoring and log inspection can alert IT to a potential incursion.
But today’s IT environments are more often than not a mixture of physical, virtual and hybrid cloud systems. This is when cloud and virtual-ready security is so important – protecting dynamic VMs and cloud instances wherever they go. Virtual patching here is essential to shield systems against zero days. And all of this needs to be monitored from a single pain of glass for maximum effectiveness.