
Panama Scandal Raises Serious Security Concerns
It is the biggest scandal to hit the headlines in recent times and has caused political problems both here in the UK and abroad. The Panama papers finally confirmed that many of our richest citizens are hiding their money in offshore tax havens and the world’s media has had a field day.
Files leaked from law company Mossack Fonseca led to Prime Minster David Cameron having to defend himself after a barrage of questions from opposition MPs and media outlets about the Blairemore fund created by his late father. The Prime Minister of Iceland was actually forced to resign after crowds gathered outside his residence calling for him to go.
Failure to Update
While all this has caught the attention of our news outlets, one question that is yet to be fully answered is how a firm like Mossack Fonseca managed to let so much data be stolen in the first place. It wasn’t an insider but a problem with the computer security system that led to the leak – the company’s systems were out of date and contained some serious issues, all of which quickly became apparent when experts looked into it.
Part of the problem was that some key operating systems were being put at risk because of a failure to update. This included the Outlook Web Access login that had not received an update in the last 7 years and a WordPress website that had not been updated in 3 months. There were also issues with its Drupal client portal that had not been updated for 3 years.
Viral Attack Just a Matter of Time
These security issues left the company systems open to attack from the DROWN virus that works on servers that don’t have updated SSL v2 protocols. In short, the leak from Mossack Fonseca was more likely than not going to happen once it failed to update its systems properly.
Lack of encryption because they didn’t use a TLS security protocol when it came to sending emails was another problem that the law firm failed to understand. Talking to wired.co.uk recently, Professor Angela Sasse from University College London said: “Given the business they’re in, I find it quite surprising that they haven’t thought about securing their emails better.”
Why Network Security is So Important
If you think your business is nothing like Mossack Fonseca, then you are missing the point. Businesses at all levels need to make sure their systems are updated regularly and that they have the best security in place, something the law firm failed to do which left their systems vulnerable.
Computer security expert Alan Woodward from Surrey University, explained to wired.co.uk: “Take something like Outlook Web Access – if you keep your Exchange Server up to date this just comes along naturally. They seem to have been caught in a time warp. If I were a client of theirs I’d be very concerned that they were communicating using such outdated technology.”
Speak to the Experts
Whether you are a small business or a large corporation, having the right IT processes and policies in place is extremely important. If you haven’t reviewed your security risk in recent times, perhaps now is the moment to contact the experts. “Having a dedicated IT Support partner like Ratcliff IT on board, means you don’t have to worry about being up to date with the latest security upgrades. You can count on the team at Ratcliff IT to ensure that your IT systems are fully updated behind the scenes on a regular basis.” comments James Ratcliff, Managing Director, Ratcliff IT.