Inside administrators who hold the keys to an organization’s data kingdom are a much greater threat to security than outside hackers.
Now it appears another technical insider may be connected to a leak at Mossack Fonseca, the law firm at the heart of the massive Panama Papers scandal. A computer technician employed by Mossack Fonseca’s Geneva office was arrested this week on suspicion of removing “large amounts of data” from the law firm’s network, according to Swiss newspaper Le Temps. Le Temps reported that the worker was arrested after the law firm filed a complaint accusing him of unauthorized access and breach of trust, and of stealing a large amount of confidential data. Investigators also seized computers in the law firm’s Swiss office.
The paper did not name the suspect and was unable to confirm if the data theft involved the millions of records that have come to be known as the Panama Papers leak, considered to be the biggest leak in whistleblower history, or a different data theft.
Bastian Obermayer, one of the primary reporters behind publication of the Panama Papers stories, tweeted today that the person arrested is not the “John Doe” who leaked him the Panama Papers. “According to our information,” he wrote, “the #mossackfonseca IT person arrested in Geneva is not #panamapapers” source ‘John Doe’.”
That’s not to say, however, that the suspect arrested this week is not connected in some way with the leak. He may have assisted the “John Doe” who passed the documents to Obermayer. Or he may be responsible for a different earlier leak at the law firm, that preceded the massive Panama Papers leak.
The Backstory
On April 3, the International Consortium of Investigative Journalists and more than a hundred media partners around the world revealed that a whistleblower had gifted them with more than 11 million documents, including emails, databases and PDFs, exposing the offshore accounts of the Panamanian law firm’s customers. The accounts were designed to hide money belonging to celebrities, world leaders and corporate officials around the world.
ICIJ Director Gerard Ryle told WIRED that in late 2014 an unknown source contacted Obermayer, a reporter for the German newspaper Suddeutsche Zeitung, after the paper had published stories related to a different, smaller leak of Mossack Fonseca documents. Those documents had been given to German government regulators. The source contacted the paper via encrypted chat, offering “more [data] than you have ever seen” from the Panamanian law firm that would “make these crimes public.” The source indicated that his or her life was in danger and refused to meet in person with Obermayer.
Their communication methods over the following months indicated that the source was well-versed in operational security and took careful steps to protect his or her identity. Each time the source communicated with Obermayer, they deleted their correspondence. They also conducted an authentication check each time they resumed their communication.
“I’d say ‘is it sunny?’ You’d say ‘the moon is raining’ or whatever nonsense, and then both of us can verify it’s still the other person on the device,” Obermayer told WIRED.
The source leaked the documents piecemeal over time until the paper had amassed more than 11 million records stolen from Mossack Fonseca. Obermayer wouldn’t tell WIRED how the source transmitted what must have been hundreds of gigabytes of data at a time.
John Doe’s Motives
Obermayer’s “John Doe” revealed the motive for his leak in a lengthy statement published last month, stating that the secret offshore accounts weren’t just being used to evade taxes but to commit other more serious crimes.
“I decided to expose Mossack Fonseca because I thought its founders, employees and clients should have to answer for their roles in these crimes, only some of which have come to light thus far. It will take years, possibly decades, for the full extent of the firm’s sordid acts to become known,” he wrote.
He went on to implicate Mossack Fonseca’s IT staff in the firm’s crimes. “At the very least we already know that Mossack personally perjured himself before a federal court in Nevada, and we also know that his information technology staff attempted to cover up the underlying lies. They should all be prosecuted accordingly with no special treatment,” he wrote.
WIRED