How WatchDox Could Have Limited the Damage From the Panama Papers Hack


Documents in the Wind

It’s been referred to as the largest data leak in history. Earlier this month, more than 11.5 million documents were published by the International Consortium of Investigative Journalism. Collectively, they’ve been dubbed The Panama Papers, after their connection to Panama law firm Mossack Fonseca, an agency specialized in helping clients establish offshore financial holdings.

While it’s been fun for the press and public to indulge in a little collective schadenfreude at the expense of celebrities, politicians and sports figures, keep in mind that 11.5 million documents were leaked – the vast majority from legitimate businesses and innocent individuals.  Can you imagine how many secrets and how much intellectual property has been compromised?

It’s important to understand just how vulnerable this sensitive data actually was. For an organization that supposedly prides itself on secrecy, the measures taken by the company to protect its records were abysmal. Had security professionals at Mossack Fonseca acted with even slightly more competence, the Panama Papers might never have been exposed in the first place.

Why File-Level Security is Important

Digital Documents

As has been pointed out in the media, Mossack Fonseca lacked basic network security such as server-side document encryption and user access controls.  This left them vulnerable to a relatively run-of-the-mill spear-phishing attack (you have to believe that the hacker was thinking, “It actually worked?!?!). That lapse in security is unforgivable – the the fact is that people make mistakes and even well-managed networks can be compromised. That’s why file-level security is so important.  It adds another layer of security and protects your core IP if (or when) your network is compromised.

Consider how things might have played out, for example, if the firm was using WatchDox.

First of all, WatchDox enables files to be dynamically watermarked, which is a significant deterrent to leaks (as opposed to hacks). If a user has their name splashed across every document that they access, they are much less likely to “share” it with an unauthorized user since this creates an indelible electronic trail right to the original source.

WatchDox also encrypts and segments all sensitive information, both at-rest and in-transit, while  WatchDox’s advanced authentication ensures that only authorized users have access to the files independent of whether they reside on the server, a desktop or a mobile device(WatchDox has clients for web browsers, PC, Mac, iOS, Android and BlackBerry 10). An employee might still make a mistake and provide a doorway for a bad actor, true, but the security team would be able to easily slam that door shut. Even if the attackers managed to pull some documents off Mossack Fonseca’s servers, for example, the system administrator could remotely revoke access to the files the moment they noticed suspicious activity; with a few clicks, unauthorized files would be turned into worthless 256-bit-encypted data blobs.

Finally, WatchDox’s powerful logging and reporting features can help to identify and locate the bad guys. The enterprise security team would immediately know which account accessed files, which files they accessed, what device they accessed them on, what they did after gaining access, and even where the files were accessed from. All of this information could have then been shared with law enforcement to help identify and capture the bad actor.

Worst Case Scenario

Shot of an internet file download in progress

Assuming even the worst case scenario where a hacker has someone’s credentials to access the stolen files, WatchDox’s powerful digital rights management (DRM) file protection severely restricts what the attackers can do with the data. In the case of Mossack Fonzeca, WatchDox could have prevented the attackers from editing, sharing, or downloading the files in the first place; WatchDox can even restrict the ability to copy text or images from files. This limits the bad guys to, at best, taking screenshots of stolen documents, page by page.

These features derail the entire business model of electronic criminals which rely on the easy and frictionless transfer of structured data. Let’s say the hackers somehow managed to screenshot every single one of the 11.5 million documents. We’ll be generous, and assume it takes ten seconds per file to open, screenshot, and print.

You’re looking at a time commitment of more than thirty thousand hours, or almost four years just to make copies of all the documents. This also turns structured data into image files and removes the ability to index and search the data to find and redistribute the juicy (i.e. marketable) bits.

Through granular controls, powerful DRM, full encryption, and advanced logging, the platform protects critical files, no matter where they are (or who’s accessing them).

Network security breaches happen, even to well-protected systems, because people you trust make mistakes, get fooled and in some cases deliberately betray your trust. WatchDox provides an additional level of security that would have helped to protect even a poorly-protected network such as Mossack Fonseca’s. If you are concerned about protecting your intellectual property, you should be looking for a complete solution that includes not just network security, but file-level security and DRM controls as well.

To learn more about what WatchDox can do for your organization, check out the webinar Industry Use Cases for EFSS. You can also view a live product demo of WatchDox, or visit the official WatchDox page

About Dan Auker

Head of Enterprise Product Marketing Dan is an industry veteran with 18+ years experience building and monetizing enterprise software and solutions. He is the head of enterprise product marketing and lead generation at BlackBerry.

Join the conversation

Show comments Hide comments
+ -
blog comments powered by Disqus