End of the road for DigiNotar as bankruptcy declared

DigiNotar, the Dutch certificate authority which hackers compromised and used to generate hundreds of bogus web security certificates, has filed for bankruptcy.
The announcement that DigiNotar has filed for voluntary bankruptcy was made today by its US parent company VASCO Data Security International.
And, quite frankly, there aren't many who will be mourning its loss.

VASCO's CEO, T. Kendall Hunt, seemed keen to disassociate the parent firm from the security problems seen at its subsidiary:

"We would like to remind our customers and investors that the incident at DigiNotar has no impact on VASCO's core authentication technology. The technological infrastructures of VASCO and DigiNotar remain completely separated, meaning that there is no risk for infection of VASCO's strong authentication business."

Cliff Bown, Vasco's chief financial officer, said the losses associated with DigiNotar "were expected to be significant."
It's unlikely that many people are going to shed many tears over the demise of DigiNotar. The firm lost all trust when when it was discovered that it had known that it had suffered a security breach weeks before coming clean about the problem.
But it does serve as a chilling reminder of just how fatal a hack can be for an organisation, especially if the way your corporation decides to respond to it is woefully insufficient.
The fraudulent certificates were issued in the name of major web properties such as Facebook, Twitter, Microsoft and Google; and even in the name of intelligence agencies such as the Mossad and the CIA).
For more background on the DigiNotar security scandal, make sure to take the time to listen to a recent Sophos podcast which discussed the issue featuring Sophos experts Chester Wisniewski and Mike Wood:
You can also download the podcast directly in MP3 format: Sophos Security Chet Chat 72

China denies hacking high-tech weapon maker

When news of a hack against Japan's biggest weapons maker, Mitsubishi Heavy Industries, broke earlier this week an obvious question was - who might be responsible?
In all, more than 80 computers and servers at the firm - which manufactures everything from warships to space rockets - were infected by malware at a variety of sites. According to some local newspaper reports, a Chinese language script was found in one of the attacks which left computers at a submarine manufacturing plant and a missile manufacturing facility compromised.
The Guardian reports that the claims of Chinese involvement were firmly denied by a spokesman from China's foreign ministry:

"The Chinese government has consistently opposed hacking activities. The law strictly prohibits this. China is one of the main victims of hacking... criticising China as being the source of the hacking attacks is not only baseless, it is also not beneficial for promoting international co-operation for internet security."

Defence officials in Tokyo are reported to be fuming that they learnt about the attacks against Mitsubishi Heavy via local media reports more than a month after they took place, rather than directly from the firm itself.
Of course, as we all know, China is routinely blamed for cyberattacks and accused of using the internet to spy on other countries. Just as routinely, China denies its involvement.
Most famously, in January 2010 Google blamed China for an attack (dubbed "Operation Aurora") after discovering that someone in the country had tried to hack into the Gmail accounts of human rights activists.
In other incidents, accusations of China-backed hacking have come from a variety of directions including India, Belgium, the Dalai Lama, the British Secret Service, the US Defense Secretary and the Australian Prime Minister.
The truth is, however, that proving the origin of a hack attack is complicated by the fact that cybercriminals can use compromised PCs owned by innocent people to act as a go-between when trying to break into someone's computer. In other words - yes, a Chinese computer might have tried to connect to yours, but it may be under the control of someone in, say, Great Britain.
We'd be naive to think that the Chinese (and just about every other country around the world) isn't using the internet for its political, commercial and military advantage, but we should be very cautious about making assumptions without having all the proof in front of us.
So far there are no reports of classified information having been exposed by the hack attack at Mitsubishi Heavy Industries.