Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, August 14, 2008

Complete DHS Daily Report for August 14, 2008

Daily Report

• According to USA Today, five years after the worst blackout in U.S. history, the nation’s electrical system is far better equipped to prevent another big outage, but significant shortcomings remain, federal officials, grid operators, and consultants agree. (See item 5)

• KSN 3 Wichita reports that four people have been arrested on felony explosives charges after a bomb squad found four acid bombs that had detonated on the grounds of a high school in Wichita, Kansas. (See item 30)

Banking and Finance Sector


12. August 13, Associated Press – (National) U.S. Federal Reserve auctions $25B in loans. The U.S. Federal Reserve has auctioned another $25 billion in loans to U.S. banks and given them more time to pay the money back in an effort to combat a serious credit squeeze. The central bank has loaned billions since the credit squeeze hit a year ago. The Fed announced Tuesday that the money would be loaned at a rate of 2.754 percent. In the latest auction, the Fed offered the loans for an extended period of 84 days, rather than the 28-day period for the previous loans. The latest Fed auction was held on Monday with the results announced Tuesday. It saw 64 bidders seeking a total of $54.8 billion in funds. The Fed had announced that it would auction off $25 billion for 84 days. In two weeks the Fed will auction $75 billion in loans for 28 days. Source: http://www.cnn.com/2008/US/08/12/fed.auction.ap/index.html


13. August 13, Xinhua – (International) China central bank to blacklist foreign bankcards involved in fraud. The People’s Bank of China will blacklist foreign bankcards found involved in fraud cases, as one of the country’s efforts to curb bankcard crimes and create an Olympics-friendly payment environment. The list would help the card issuer banks, merchants and other agencies to stop service for suspects, the director general of the Payment and Settlement Department of the People’s Bank of China, told a press conference on Wednesday. A joint action between the central bank and police started in April. The authorities have registered 1,600 cases and arrested 342 suspects, implicating more than 40 million yuan. Source: http://news.xinhuanet.com/english/2008-08/13/content_9278360.htm


14. August 13, Associated Press – (National) 2 North Texas men accused of securities fraud. Two North Texas men face securities fraud charges in connection with an alleged “pump and dump” stock-fraud scheme that resulted in more than $32 million in losses for duped investors. The two are charged with fraud, according to court documents filed July 15 in the U.S. Northern District Court in Dallas by the Securities and Exchange Commission. One of the suspects was president of Sniffex Inc., which the SEC alleges was a shell company that produced a hand-held bomb detector called the Sniffex. Its 50-year-old Bulgarian inventor allegedly designed it to emit an electromagnetic field to

detect gunpowder and other explosives as far away as 300 feet and the device was promoted as an anti-terror breakthrough. But the device did not live up to its claim. The SEC says the suspects created a fake promotional campaign designed to inflate the share price and trading volume of the company’s stock, between May 17, 2005 and April 6, 2006. The SEC is investigating Sniffex’s partners in Bulgaria and Denmark. Sniffex Inc. is now Homeland Safety International. Source: http://www.chron.com/disp/story.mpl/ap/tx/5940626.html


15. August 13, Reuters – (National) Countrywide sued by West Virginia over mortgages. Countrywide Financial, now owned by Bank of America Corp, has been sued by West Virginia, which accused the lender of making risky and costly loans to consumers who could not afford them. West Virginia is at least the fifth U.S. state to sue Countrywide over its business practices, joining California, Connecticut, Florida and Illinois. Another state, Washington, has threatened to revoke Countrywide’s lending license. Countrywide had been the largest U.S. mortgage lender before Bank of America bought it on July 1 for $2.5 billion. A copy of the lawsuit was not immediately available. Source: http://www.reuters.com/article/fundsFundsNews/idUSN1331914320080813


Information Technology


32. August 13, VNUNet – (National) Bug shuts down VMware servers. A software bug is leaving VMware customers unable to log in to virtualized servers. The issue began early on Tuesday when users attempted to power up virtual systems running the company’s ESX 3.5 software. The user is greeted with an error message indicating that the machine’s “power on” function failed due to an expired license. The company said that the issue is due to a timeout mechanism that had been left on and set to expire on August 12. This, said the company, caused the system to lock out users and believe that the license had expired. The issue only affects systems that run ESX 3.5 Update 2 and ESXi 3.5 Update 2. The timeout feature is often used by developers to when distributing test builds to users in order to prevent them from running and distributing test versions of the software indefinitely. In a blog posting, VMware assured users that the issue was not a security risk, and that the cause of the problem had been found. Source: http://www.vnunet.com/vnunet/news/2223784/bug-shuts-vmware-servers


33. August 12, Science News – (National) Microsoft issues massive security update for Windows, Office. On Tuesday Microsoft Corp. released its largest security in 18 months to patch 26 vulnerabilities in Windows, Office, Internet Explorer (IE), Windows Messenger and other software. “Today is a perfect storm of client-side issues,” said the manger of Qualys Inc.’s vulnerabilities research lab. “Most or all of Microsoft’s client-side applications are affected or patched.” At least two of the vulnerabilities have already been exploited in the wild, Microsoft acknowledged. Those two, plus another pair, said one security researcher, should be considered “zero-day” bugs because technical details about the flaws had been circulating prior to today. Even though today’s updates – 11 total bulletins, six of which were tagged as “critical,” Microsoft’s highest threat rating – set a 2008 record, Microsoft left one expected fix off the table. Last week, it said it would patch one or more critical flaws in Windows Media Player 11, the version bundled with Windows Vista. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9112450&taxonomyId=17&intsrc=kc_top


34. August 12, New York Times – (International) Before the gunfire, cyberattacks. Weeks before bombs started falling on Georgia, a security researcher at Arbor Networks in suburban Massachusetts was watching an attack against the country in cyberspace. Other Internet experts in the United States said the attacks against Georgia’s Internet infrastructure began as early as July 20, with coordinated barrages of millions of requests — known as distributed denial of service (D.D.O.S.) attacks — that overloaded and effectively shut down Georgian servers. Researchers at Shadowserver, a volunteer group that tracks malicious network activity, reported that the Web site of the Georgian president had been rendered inoperable for 24 hours by multiple D.D.O.S. attacks. They said the command and control server that directed the attack was based in the United States and had come online several weeks before it began the assault. As it turns out, the July attack may have been a dress rehearsal for an all-out cyberwar once the shooting started between Georgia and Russia. According to Internet technical experts, it was the first time a known cyberattack had coincided with a shooting war. The Georgian government blamed Russia for the attacks, but the Russian government said it was not involved.

Source: http://www.nytimes.com/2008/08/13/technology/13cyber.html?_r=2&oref=slogin&oref=slogin


35. August 12, Computerworld – (International) Russian hacker ‘militia’ mobilizes to attack Georgia. Security researchers Tuesday disputed claims that a well-known Russian hacker-hosting network is responsible for cyberattacks against sites belonging to Georgia, the former Soviet republic that has been battling Russian military forces since Friday. Rather than blame the notorious Russian Business Network researchers said that it appears that the attacks originated from a “hacker militia” of Russian botnet herders and volunteers. A Bulgarian security researcher said he and others have found evidence that points to a self-starting militia composed of volunteer hackers and cybercriminals who control large-scale bots, or collections of previously-compromised computers, as being behind the escalating attacks that have knocked Georgian sites offline. “A lot of it started with posting on blogs,” said a senior threat analyst at VeriSign Inc.’s iDefense Labs. “A bunch of youth groups posted something that was almost a manifesto that called on supporters to ‘wage an information war’ against Georgia.” That call to arms was only one of many, said the researchers, both whom noted similarities to the attacks against several hundred Lithuanian Web sites early last month. But while the forces assembled only appear to be uncoordinated to the untrained eye, they are in fact very coordinated, both researchers argued. In a lengthy blog post on ZDNet, one spelled out the coordinated steps that someone – or some group – took to rally the hacker troops and turn them against specific targets. That coordination was sophisticated enough to launch DDoS attacks against one of the most popular hacker forums in Georgia as a preemptive strike. Source: http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=cybercrime_and_hacking&articleId=9112443&taxonomyId=82&intsrc=kc_top


Communications Sector


36. August 13, VNUNet – (National) U.S. broadband growth and speeds disappointing. Two pieces of research have painted a grim picture of the U.S. broadband industry. Leichtman Research Group has produced a report showing that broadband take-up halved in the second quarter of 2008 compared to the same period last year, the lowest level of growth in seven years. A second piece of research, from a study sponsored by the Communications Workers of America (CWA) found that the U.S. is slipping behind other industrialized nations in terms of broadband speeds. The group set up and online speed test and took data from nearly 230,000 internet users. It found poor speeds across the whole country and found a median speed of just 2.3 Mbps for American internet users. “This isn’t about how fast someone can download a full-length movie. Speed matters to our economy and our ability to remain competitive in a global marketplace,” said the president of the Communications Workers of America. Source: http://www.vnunet.com/vnunet/news/2223779/broadband-growth-speeds-US


37. August 12, Washington Post – (National) Some broadcasters agree to extend signals after digital transition. The National Association of Broadcasters (NAB) said that its member companies have agreed, on a voluntary basis, to continue to make local broadcast signals available to distribution partners – cable, satellite, and telecom TV operators – for an extra couple of weeks after the official switch to all-digital TV takes place on February 17. NAB’s Television Board of Directors said it is also working to reach the same agreement with all television members, the networks and the network affiliate stations. The initiative is intended to provide a buffer period for consumers during the transition period, so they will not have to worry about losing any programming as stations move from analog to digital signals. Broadcasters negotiate with cable and satellite operators in order to be included in the channel packages offered to consumers.

Source: http://voices.washingtonpost.com/posttech/2008/08/some_broadcasters_agree_to_ext.html?nav=rss_blog


38. August 12, Washington Post – (International) Hacker claims Java bug affects millions of Nokia phones. A Polish hacker and self-professed security expert claims to have discovered vulnerabilities in the mobile Java technology implemented by Nokia in its mid-range S40 devices, potentially putting millions of handsets at risk. The hacker claims the bugs affect around 140 different models of Nokia phone. But given the proliferation of the latest version of Sun’s Java ME, the number of vulnerable devices could run to 1.5 billion including other makes of handset. He also claims the mobile Java vulnerabilities allow hackers to completely bypass security restrictions and install malicious applications on a victim’s device, without their knowledge. Source: http://www.telecoms.com/itmgcontent/tcoms/news/articles/20017560920.html

No comments: