Can your off-shore account information be ‘leaked’?


Revelations in the Panama Papers about off-shore accounts held by the prime minister’s children might have shaken Pakistani politics, but it is another question that computer network security experts across the world are scratching their heads to fully understand: how was such a massive amount of data stolen from the law firm, Mossack Fonesca, in Panama?

Was it an inside job where a disgruntled employee of the firm physically stole the computer hardware or copied data from the company’s computer? Not so, according to Ramon Fonesca, founding partner of Mossack Fonesca, who claims that his firm was hacked from the outside and that it was not an inside job.

The jury is still out as to how nearly two terabytes of data was transferred out of Mossack Fonesca’s computers, but the Panama Papers have also forced common citizens to think about why we should care about computers’ and network security.

We live in an age where computers, smart devices (mobile phones, tablets, laptops, smart watches, etc) and internet-enabled TVs have become integral to going about our daily tasks. We use these devices to access our bank accounts, medical history, make purchases (order food and merchandise online), communicate via email, to connect and communicate with friends and family, to entertain ourselves, and to complete other jobs and chores that need to be performed.

These are all our “digital belongings” — we store a lot of personal information (name, CNIC, passport number, bank account details) on our computers or share sensitive personal information via email or on social media. Anyone with access to our computer, mobile device or home computer network can potentially steal all this information and cause financial harm or embarrassment.

You lock the main gate and doors to keep your physical assets safe; are you doing enough to secure your digital assets?

Most of these “digital belongings” can be safeguarded with a digital key: a “password” or “PIN code” that grants or denies access to your computer or mobile device. Below are simple steps you can follow to make sure that your digital key is strong, secure and remains safe.

Lock all your devices with a key: Create a password for computer and a PIN code for all mobile devices such as phones and tablets. Setting up and updating password / PIN code on a device typically requires simple-to-follow steps. You should check with the shop from where you purchased the device or simply search for steps using a search engine.

Use strong keys (passwords / PINs): Easy for you to remember but impossible for others to guess. Never use simple phrases such as your name, city you live in, or easy to guess PIN numbers such as “1111”, “0000”, “1234”, “5678”. For passwords, always use a combination of numbers (0-1) and letters (A-Z), mix uppercase and lowercase letters (a-z, A-Z) and preferably use special characters (!@#$%^&*()_+=, etc). Also, do not use the same phrase for username and password.

Keep your key in a safe place: Do not write down the password (and username) / PIN code on the computer or mobile device or on a piece of paper left in the carry case. It is akin to parking your car on the street with keys left on the dashboard — an open invitation to steal! It is advisable not to write down the password and PIN code anywhere from where it can be physically stolen. Also, never share the password and PIN code with anyone — computer security experts strongly advise against sharing the password and login credentials even with close family and friends.

Do not use the same key (password / PIN codes) for all locks. For example, if you have set up the username “heAlth43” for your personal computer and password as “shU_b5#s,” do not use the same username and password combination for your online bank account. Make an entirely different username and password for your bank account.

Physically secure your devices, both inside your home and while travelling: Do not leave the computer or phone inside the car, where it is visible and invites someone to break the window and steal it. If you must leave it in the car, then put it in the trunk.

Protect your computer network with a key (password): Many homes these days use wireless networks (Wi-Fi), which allows them to connect the devices to the network without wires. At the heart of the computer network is a wireless connectivity device called a modem or router or Wireless Access Point (WAP).

In addition to securing your computers and mobile handheld devices, you must also secure the wireless connectivity devices with a password. You should create a password (also known as SSID) for the computer network, and use password recommendations provided earlier. Your wireless network is visible and accessible to your neighbours; not having a password or having a weak password can allow your neighbours to hack into your computer networks, use it or even access and steal you data or hijack your devices.

The writer is an information systems professional. [email protected]