John McAfee is running for US president as a member of the
Libertarian Party. This is an op-ed he wrote and gave us permission to run.
The hack of Mossack Fonseca, in terms of the certain fallout that will affect many of the wealthiest and most prominent people on the planet, is by far the largest and most damaging cyberattack on record.
I am just one of more than 200,000 people to
have downloaded the Panama Papers, a record for hacked documents. It was a gold
mine.
The release contained 11.5 million documents
chronicling the formation and actions of 214,000 offshore companies along with
the names and manipulations of more than 14,000 clients. Among the clients are:
·
12 heads of state
·
More than 150
politicians
·
29 billionaires on the
Forbes list
·
Multiple financiers of
terrorism
·
Nuclear-weapons
proliferators
·
Prominent sports and
entertainment figures
·
Numerous CIA-linked
companies
Implicated as well are dozens of major banks
that worked with Mossack Fonseca in establishing these offshore entities. Among
them are the banking giants Credit Suisse, UBS, Landesbank, and Rothschild.
Mossack Fonseca is the fourth-largest
"asset protection" law firm in the world, and its cybersecurity
measures were obviously lacking. But they are not alone. Studies indicate that
law firms are easy pickings for hackers, and Bloomberg reported last year that more than 80% of US law firms had already been hacked.
Yet these law firms guard the gravest of our secrets, whether corporate secrets
or those of an individual, and the damage done from a data breach could, as we
might see, even bring down a head of state, as Iceland's prime minister is discovering.
Why are law firms so vulnerable?
The practice of law is a venerable profession
in which change comes slow.
The magazine Law Practice Today noted that the
law profession had only within the past four years woken up to the reality of
cyberthreats: "The need for better cybersecurity has
been the focus of considerable discussion by law firms for the past four years.
While some law firms have recently awakened to this key issue, significant
further work needs to be undertaken."
In America, over half a million attorneys are
working in more than 4,500 law firms. This givesan average just over 100 lawyers per firm.
Cybersecurity budgets at any firm employing
100 people, if they exist at all, are minimal. For most businesses of that
size, the risks, in terms of potential damage from a hack, are small. But the
damage of a data breach in law firms is monumental.
All law firms will have the following
information in their possession:
·
Case or litigation
strategy information, including settlement parameters and argument weak points
·
Confidential client business
information
·
Attorney-client
privileged communications and other legally privileged information
·
Client intellectual
property, such as patent, copyright, and trade-secret information
·
A range of personally
identifiable information of all kinds for employees, clients, and third
parties, such as personal health information and various account and
account-access information that include customers' name and address information
·
Payment card information,
including card numbers and PINs
In addition, some files may contain
information of such sensitivity that an entire corporation's or agency's
survival rests on the security of that information.
In September I keynoted the Lawtech conference in Australia's Gold
Coast and gave a live demonstration of how easy hacking can be.
The room, packed to the brim with lawyers, was stunned into silence. After the
demonstration and talk I was mobbed by frightened lawyers. The common comment
was, "I had no idea."
After Mossack Fonseca, we should all now have
an idea. Mossack is the fourth-largest "offshore" legal firm in the
world. Where do you think the hackers are headed next?
ConversionConversion EmoticonEmoticon