Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, July 22, 2008

Complete DHS Daily Report for July 22, 2008

Daily Report

The U.S. government was one of the lenders giving out high-interest, subprime mortgages, some of them predatory, according to government documents filed in federal court. (See item 9)

Researchers in South Dakota report progress toward the first Kevlar fabrics that can kill a wide range of infectious agents, including bacteria, viruses, and the spores that cause anthrax. (See item 29)

Banking and Finance Sector

9. July 21, Wall Street Journal – (National) FDIC faces mortgage mess after running failed bank. Federal officials heap much of the blame for the subprime mortgage mess on lenders, claiming they recklessly made too many high-cost home loans to borrowers who could not afford them. It turns out that the U.S. government itself was one of the lenders giving out high-interest, subprime mortgages, some of them predatory, according to government documents filed in federal court. The unusual situation, which is still bedeviling bank regulators, stems from the 2001 seizure by federal officials of Superior Bank FSB, then a national subprime lender based in Hinsdale, Illinois. Rather than immediately shuttering or selling Superior, as it normally does with failed banks, the Federal Deposit Insurance Corp. (FDIC) continued to run the bank’s subprimemortgage business for months as it looked for a buyer. With FDIC people supervising day-to-day operations, Superior funded more than 6,700 new subprime loans worth more than $550 million, according to federal mortgage data. The FDIC then sold a big chunk of the loans to another bank. That loan pool was afflicted by the same problems for which regulators have faulted the industry. The report said that many of the loans never should have been made in the first place. Hundreds of borrowers who took out Superior subprime loans on the FDIC’s watch – some with initial interest rates higher than 12 percent – have lost their homes to foreclosure, data on the loans indicate. The FDIC, one of the chief U.S. bank regulators, manages a giant insurance fund that compensates customers of failed banks, and it takes charge of banks seized by the government. It has taken over hundreds of failed banks over the years, and generally has a good track record handling the difficult job. Source:

10. July 21, USA Today – (National) Regulators try to thwart ‘bear raids’ on stocks. An emergency order by Wall Street regulators to combat “bear raids” on vulnerable financial stocks, launched by traders that profit when stocks go down, goes into effect Monday. But the rule’s main intent — to help stem quick, steep stock declines that create financial panic — actually kicked in right after the Securities and Exchange Commission (SEC) announced investor protections on Tuesday night. Wall Street pros credit the ruling, which makes it harder to engage in a trading technique known as “naked” short selling, with helping fuel a 534-point three-day rally on the Dow Jones industrials and a 21 percent gain for the S&P 500 financial sector. The SEC crackdown targets short sellers, who hope to make money by selling borrowed shares and buying them back at lower prices. A naked short sale occurs when the trader does the trade without actually borrowing the shares, which can intensify the downward pressure on a stock. The SEC order requires short sellers to take possession of the stock. Previously, a short seller could simply ask a broker to locate the shares, which made it easier and faster to profit in a falling market. Source:

11. July 20, Rocklin & Roseville Today – (National) Vishing attacks increase. The IC3 has received multiple reports on different variations of this scheme known as “vishing”. These attacks against U.S. financial institutions and consumers continue to rise at an alarming rate. A new version recently reported involved the sending of text messages to cell phones claiming the recipient’s on-line bank account has expired. The message instructs the recipient to renew their on-line bank account by using the link provided. Due to rapidly evolving criminal methodologies, it is impossible to include every scenario. Therefore, be cognizant and protect your PII. Beware of e-mails, telephone calls, or text messages requesting your PII. Source: neid=4

Information Technology

31. July 21, IDG News Service – (International) Georgia president’s Web site falls under DDOS attack. The Web site for the president of Georgia was knocked offline by a distributed denial-of-service (DDOS) attack over the weekend, yet another in a series of cyber attacks against countries experiencing political friction with Russia. Georgia’s presidential Web site was down for about a day starting early Saturday until Sunday, according to the Shadowserver Foundation, which tracks malicious Internet activity. Network experts said the attack was executed by a botnet, or a network of computers that can be commanded to overwhelm a Web site with too much traffic. The command-and-control server for the attack is based in the U.S., Shadowserver said. The botnet appears to be based on the “MachBot” code, which communicates to other compromised PCs over the HTTP, the same protocol used for transmitting Web pages. The tool used to control this kind of botnet “is frequently used by Russian bot herders,” according to Shadowserver. “On top of that, the domain involved with this C&C [command-andcontrol] server has seemingly bogus registration information but does tie back to Russia.” Source:

32. July 21, Computerworld – (International) DBA gets jail time for data thefts. A former database administrator (DBA) at Certegy Check Services Inc. who admitted that he stole and then sold the personal data of about 8.5 million consumers was sentenced to 57 months in prison by a federal judge in Florida this month. In addition, the judge ordered the man, who pleaded guilty to felony fraud charges last November four months after the thefts were disclosed by Fidelity National Information Services Inc., Certegy’s parent company, to pay almost $4 million in restitution to consumers victimized by the data thefts. According to court records, the man stole a variety of personal data from the company’s databases over a five-year period that started in February 2002. The information was sold to data brokers through an intermediary. Source: myName=security&articleId=322462&taxonomyId=17&intsrc=kc_top

33. July 20, DaniWeb – (International) Fake UPS invoices deliver Pushdo botnet package. Security researchers within the Marshal TRACE Team have warned that malicious spammers are using fake United Parcel Service (UPS) invoices in order to deliver a malware payload. This new attack utilizes the Pushdo botnet to distribute fake UPS invoices requiring printing in order to claim an ‘undelivered’ package from the local office. The attached executable file called ‘’ which has an MS Word icon in an attempt to add authenticity, is not an invoice at all but rather installs some malware which “seeks to download more malicious components from the web” according to Marshal. Upon a little closer inspection you might notice that the message is full of spelling mistakes and grammatical errors that would be unlikely to escape from any official UPS outlet. Source:

Communications Sector

34. July 20, SitNews – (Alaska) Subsea work begins on fiber optic cable network in Southeast. Engineers skilled in laying undersea telecommunications cable will begin working in Southeast Alaska waters this month, placing 750 miles of fiber optic cable on the ocean floor, GCI officials announced Thursday. For residents in Ketchikan, Wrangell, Petersburg, Angoon, and Sitka this means high-speed connections for Internet, phone, and video. In Juneau, residents will benefit from additional fiber optic cable creating a self-healing fiber ring within Southeast Alaska. Shore-end operations were scheduled to commence Friday, July 18 in Ketchikan. Shore-end operations in Wrangell will be about four days later; in Petersburg about three days later; and in Sitka about 15 days later. The $33 million project will connect five more communities to the Alaska United West line that currently connects Alaska to the Lower 48, providing alternate routing and overflow traffic handling capabilities for residents of these Southeast communities. GCI expects the system to be complete by November 2008. Source:

35. July 20, WVNS 59 Beckley – (National) More phone customers cutting the cord. Mediamark Research says that more than 32-million people rely only on their cell phones with the younger generation leading this growing trend. A West Virginia service provider says many of their customers are switching to wireless simply because it is cost effective. Source: