Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, August 12, 2008

Complete DHS Daily Report for August 12, 2008

Daily Report

• The U.S. Nuclear Regulatory Commission says it is conducting a special inspection at the Palisades Nuclear Power Station in Michigan to review operational and equipment problems that prevented personnel from exiting the plant containment area on August 5. (See item 8)

• According to Record Searchlight, about 600 customers of the Lassen Pines Mutual Water Co. in eastern Shasta County, California, were notified Saturday not to drink their water because of a break-in at a water plant, where the chlorination system was tampered with. (See item 32)

Banking and Finance Sector


11. August 11, Wall Street Journal – (National) Some stores quiet over card breach. Most states mandate that companies tell their customers when their credit-card data is stolen from the stores. The laws are designed to give consumers a chance to protect themselves against fraud or identity theft. But when federal prosecutors disclosed last week that computer hackers swiped more than 40 million credit-card numbers from nine retailers in the biggest such heist ever, it was the first time that many shoppers had heard about it. That is because only four of the chains clearly alerted their customers to breaches. Two others – Boston Market Corp. and Forever 21 Inc. – say they never told customers because they never confirmed data were stolen from them. The other retailers – OfficeMax Inc., Barnes and Noble Inc., and Sports Authority Inc. – would not say whether they made consumer disclosures. Computer searches of their Securities and Exchange Commission filings, Web sites, press releases and news archives turned up no evidence of such disclosures. The other companies allegedly targeted by the ring charged last week were: TJX Cos., BJ’s Wholesale Club Inc., shoe retailer DSW Inc., and restaurant chain Dave and Buster’s Inc. They each disclosed to customers they were breached shortly after the intrusions were discovered. The disclosure issue emerged after the government charged 11 men in five countries, including the U.S., Ukraine and China, with orchestrating a high-tech operation to steal credit-card numbers from 2003 to 2008. After an increasing number of such thefts in recent years, more than 40 states have adopted laws requiring companies to give consumers an early warning when their personal information is stolen. Source:

http://online.wsj.com/article/SB121842142123128889.html?mod=googlenews_wsj

12. August 11, Reuters – (National) National City says faces SEC probe. National City Corp, a U.S. Midwest regional bank struggling with mortgage losses, said on Friday the U.S. Securities and Exchange Commission (SEC) had opened an informal investigation into the company. In its quarterly report filed with the agency, the Cleveland-based bank said the SEC’s Chicago regional office notified it of the probe on June 30. It said the SEC requested documents concerning its loan underwriting, dividends and bank regulatory matters, as well as the 2006 sale of its First Franklin Financial Corp subprime mortgage unit to Merrill Lynch & Co. The bank said it would cooperate with the SEC. Source: http://www.reuters.com/article/bankingFinancial/idUSN0850516920080811

13. August 11, Bloomberg – (National) FDIC Fund strained by bank failures may have to raise premiums. The failure of IndyMac Bancorp Inc. and seven other banks this year may erase as much as 17 percent of a government insurance fund and raise premiums for all banks, from Franklin National of Minneapolis to Bank of America Corp. The pace of bank closings is accelerating as financial firms have reported almost $495 billion in writedowns and credit losses since 2007. The Federal Deposit Insurance Corporation’s “problem” bank list grew by 18 percent in the first quarter from the fourth, to 90 banks with combined assets of $26.3 billion. A revised list is due this month. The insurance fund had $52.8 billion as of March 31. The FDIC estimated its shutdown of California-based mortgage lender IndyMac might drain as much as 15 percent from the fund. Seven other banks will take about $1.16 billion, or about 2 percent. The 90 banks the FDIC reported on its “problem” list as of March, up from 76 in the fourth quarter, had a combined $26.3 billion in assets, or about 0.2 percent of total assets in FDIC- insured banks. Source: http://www.bloomberg.com/apps/news?pid=20601087&sid=abahg9z7p4wU&refer=home

Information Technology


40. August 11, Computerworld – (International) Cyberattacks knock out Georgia’s Internet presence. Hackers, perhaps affiliated with a well-known Russian criminal network, have attacked and hijacked Web sites belonging to Georgia, the former Soviet republic now in the fourth day of war with Russia, a security researcher claimed on Sunday. Some Georgian government and commercial sites are unavailable, while others may have been hijacked, said a researcher who tracks the notorious Russian Business Network (RBN), a malware and criminal hosting network. “Many of Georgia’s Internet servers were under external control from late Thursday,” he said early Saturday in an entry on his Web site. According to his research, the government’s sites dedicated to the Ministry of Foreign Affairs, the Ministry of Defense, and the country’s president have been blocked completely, or traffic to and from those sites’ servers have been redirected to servers actually located in Russia and Turkey. Statements from Georgia’s foreign ministry have appeared in a blog hosted on Google, perhaps in an attempt to circumvent attacks. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9112201&intsrc=hm_list


41. August 10, Red Orbit – (International) Hackers leverage Olympics in new attacks. Internet and computer security firms report that the Summer Olympics have presented cyber criminals with an opportunity to leverage public interest in the games to launch new attacks. Olympic themed junk emails spiked before the games’ opening ceremony, with hackers sending malicious messages aiming to trick unsuspecting recipients into opening booby-trapped attachments or to visit phony Web sites. Some of the messages were disguised as fake award notifications, telling users that they had won an Olympic lottery and needed to respond to claim their prize. Source: http://www.redorbit.com/news/technology/1517292/hackers_leverage_olympics_in_new_attacks/


42. August 9, Associated Press – (National) Hackers mull physical attacks on a networked world. Hackers at the DefCon conference demonstrated novel techniques for infiltrating facilities. For example, a hacker could ship a hacked iPhone to a nonexistent employee and hope the device sits in the mailroom, scanning for nearby wireless connections in order to break into a computer network in an ultra-secure building. Their talks served as a reminder of the danger of physical attacks as a way to breach hard-to-crack computer networks. As technology gets cheaper and more powerful, from cell phones that act as personal computers to minuscule digital bugging devices, it is enabling a new wave of clever attacks that, if pulled off properly, can be as effective and less risky for thieves than traditional computer-intrusion tactics. Source: http://ap.google.com/article/ALeqM5jKgmXi1T0ImM-DGNK7j2d2BrjsJwD92EE0100


Communications Sector


43. August 10, New York Times – (National) Verizon and 2 unions agree on 3-Year contract, averting strike. Verizon Communications and its two major unions announced on Sunday that they had reached tentative three-year contracts with raises totaling nearly 11 percent and with the company continuing to pay 100 percent of current workers’ and retirees’ health premiums. The settlements, announced seven days after the old contracts expired, averted a strike threatened by 65,000 Verizon workers from Maine to Virginia. On Friday, with negotiations dragging past the contract deadline, Verizon’s two main unions — the Communications Workers of America and the International Brotherhood of Electrical Workers — set a strike deadline for Monday. The two unions had originally threatened a strike for Aug. 3, but postponed any job action because the talks were making progress. The tentative contracts, which must be ratified by union members, call for a 3.25 percent raise in the first year, 3.5 percent in the second year and 3.75 percent in the third, yielding raises of 10.9 percent compounded over the three years. Source: http://www.nytimes.com/2008/08/11/nyregion/11verizon.html


44. August 10, Associated Press – (National) Union workers authorize strike at Qwest. Members of the largest employee union at Qwest Communications International voted on Sunday to authorize a strike if talks fail to produce a new contract. Qwest is providing communication services at the Democratic and Republican conventions and has committed $6 million worth of cash and in-kind services to each. The Communications Workers of America District 7 union said 93 percent of voting members had authorized its leaders to call a strike if needed. The talks cover workers in 13 states: Arizona, Colorado, Idaho, Iowa, Minnesota, Nebraska, New Mexico, North Dakota, Oregon, South Dakota, Utah, Washington, and Wyoming. Source: http://www.nytimes.com/2008/08/11/technology/11phone.html?ref=business


45. August 10, IDG News Service – (Nevada) Covert operation floats network-sniffing balloon. Hidden in the back of a 22-foot moving truck, a rocket scientist and his team of about a dozen volunteers launched the balloon Friday morning, sending it 150 feet into the air for about 20 minutes to use special antennas and scanning software to scope out the Las Vegas skyline for unsecured wireless networks, an activity he calls “warballooning.” Hackers have practiced wardriving for years, driving around in cars with computers and specialized software that sniffs for networks. The team says it got a pretty good look at about 370 wireless networks, while scanning up and down the Las Vegas Strip. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9112200&taxonomyId=17&intsrc=kc_top