What Is The ‘Paradise Papers’ Hack And What Does It Mean?

Enterprise security has never been tougher. With integrated viral threats, hardware leaks and DDoS attacks, monitoring the entire security spectrum is an endless task.

A recent data leak comparable to the groundbreaking Panama Papers shows just how information security is of paramount importance. The latest incident: the Paradise Papers, an outsider leak of 13.4 million legal documents from offshore firm Appleby.

While thus far there seems to be no legal transgressions, the documents support a longstanding theory about the secrecy of registering for, and funneling money through, offshore accounts. Better yet, it shows that hacks can strike any societal tier.

While these Panama Papers appear to have been released from a cavalier leaker looking to pull back the curtain on a vast and complicated financial world, it underscores the utmost importance of threat defense, incident response and network/device security in general.

Appleby reportedly held this slew of information about high-end clients. Likewise, even in an industry less frowned upon than offshore financial centers (OFC), sensitive data lies padded behind firewalls and encryption. While it might seem protected, hackers are shrewd in today’s day and age. This is especially true within financial services, global e-commerce and federal agencies – a buffet for persistent hackers.

CISOs and those charged with oversight of an enterprise’s security efforts must be aware of these breaches, if only to mobilize their own efforts and protect from attacks at all angles.

What Are The Paradise Papers?

According to the BBC, the leaked papers – again, numbering 13.4 million – contain tax affairs of some of the world’s high earners. The affected law firm said that the leaks came from a network attack – instigated by an outsider.

Just like the Panama Papers – revealed and subsequently published in 2015 and 2016, respectively – the heisted information was given to the German publication Süddeutsche Zeitung. Absorbing this huge cache of information, the outlet recruited the International Consortium of Investigative Journalists (ICIJ) to comb through the data.

Highlights of the leak include efforts of the wealthy to potentially shield their large estates from tax officials. For one, debate is stirring in the U.K. now, after the papers revealed that £10 million ($13 million) of Queen Elizabeth II’s estate was invested offshore. The money was placed into funds in the Cayman Islands and Bermuda by the Duchy of Lancaster, but there is no indication of any wrongdoing.

See related: USB Drive With Int’l Airport Security Info Found On Street

Others referenced in the papers include U.S. Commerce Secretary Wilbur Ross, who allegedly has a stake in a company which transports oil and gas for a Russian energy firm. Other shareholders include Russian President Vladimir Putin’s son-in-law, and others sanctioned by the U.S.

Responding to the leaks, the bruised Appleby said it was “satisfied that there is no evidence of any wrongdoing, either on the part of ourselves or our clients.” 

“We do not tolerate illegal behavior,” the firm added.

Microcosm Of A Larger Issue

While the Paradise and Panama Papers deal with geopolitics, monarchical assets and alleged high-level conflicts of interest, it boils down to one word: breach.

No matter the size of an enterprise – SMB, global corporation or insulated government agency – it no doubt relies on best practices in the cyber security space.

Being aware of vulnerabilities and gaps in a network, mobile app, online database, passwords, etc., is a part of improving your cyber security etiquette. When charged with wider oversight, this encompasses a large deal of data points, devices, networks, endpoints and physical inspections.