Department of Homeland Security Daily Open Source Infrastructure Report

Friday, September 5, 2008

Complete DHS Daily Report for September 5, 2008

Daily Report


 Reuters reports that aerial inspection of Entergy’s power lines showed extensive damage in the Baton Rouge area. Entergy’s vice president of transmission said the lines will take weeks to restore. (See item 1)

Department of Homeland Security Daily Open Source Infrastructure Report

1. September 4, Reuters – (Arkansas; Louisiana; Mississippi) Full recovery of Entergy grid weeks away. Entergy Corp. officials were able to restore two critical transmission lines overnight, allowing the state’s largest utility to reconnect New Orleans to the statewide power grid, officials said on Wednesday. The return of two 230-kilovolt lines knocked out by Hurricane Gustav will allow more power to be restored to homes and businesses in New Orleans and communities along the Mississippi River; full recovery of the state’s largest utility grid is weeks away, Entergy’s vice president of transmission said Wednesday. Aerial inspection of Entergy’s power lines showed extensive damage in the Baton Rouge area, with many steel towers down, he said. “Those lines will take weeks to restore,” he said. Entergy also restored another major line, but at least 10 of 14 of Entergy’s transmission paths to move power from generation north of Baton Rouge to New Orleans remained shut on Wednesday, officials said. More than 180 transmission lines and 138 substations remain out of service. Power had been restored to more than 75,000 customers late Wednesday, leaving Entergy with 774,000 customers in Louisiana, Mississippi, and Arkansas that lacked power. That is down from the storm peak of 850,000. New outages were reported as remnants of the storm moved inland. Source:

 According to the Minneapolis Star, members of a self-described anarchist group began planning ways to disrupt the Republican National Convention over a year ago. Plans included kidnapping delegates, sabotaging air vents at the Xcel Energy Center, blocking bridges, and “capturing federal buildings” in Minneapolis and St. Paul. (See item 34)

34. September 2, Minneapolis Star Tribune – (Minnesota) Kidnapping, sabotage was part of anarchists’ plan to disrupt convention. Almost a year to the day before the Republican National Convention (RNC) began, members of a self-described anarchist group gathered to talk about ways to disrupt it, including kidnapping delegates, sabotaging air vents at the Xcel Energy Center, blocking bridges, and “capturing federal buildings” in Minneapolis and St. Paul. Two police informants and an undercover investigator had infiltrated the RNC Welcoming Committee ranks, according to an affidavit and search warrant application filed Tuesday. According to the document, the RNC Welcoming Committee held two “pReNC” gatherings, one from August 31 through September 1, 2007, and another on May 3. At the first, 150 to 200 people, including one of the informants, talked about tactics to “shut down the RNC.” At the second, St. Paul was divided into seven sectors for various anarchist groups to claim. The affidavit also said that group e-mails from the Welcoming Committee talked about leaving abandoned or overturned vehicles at intersections, pulling a single officer from a police line and beating him, using liquid sprayers filled with urine or chemicals, “unarresting” techniques to free people arrested by police, obtaining fake credentials, and dozens of other tactics. In addition to buckets of urine, investigators seized homemade devices used to disable buses and other vehicles, weapons, gas masks, flammable liquids, and rags that could be used to make Molotov cocktails, computer storage devices, documents, pamphlets, and banners. Some materials, such as banners and signs, were returned Monday for demonstrators to use during the protest marches. Source:


Banking and Finance Sector

13. September 3, Rapid City Journal – (South Dakota) New scam targets cell phone users. The South Dakota Consumer Protection Division is warning South Dakota cell phone users to be cautious of an ongoing scam that lures consumers into giving out personal information. The scam begins with a call to a consumer’s cell phone and a recorded message that states that their credit card account at a credit union or bank has been de-activated. The recorded message then requests them to hit the number “1” on their cell phone and leave their account number. All messages are recorded and at no time does the victim talk with a live person. The caller’s id typically shows up as a 6 digit number such as 206-766, 208-788. People, who have provided any personal account information to an unsolicited source like this, need to immediately contact your bank or credit union. Source:

14. September 3, Associated Press – (National) 2 Wall St. brokers accused of $1B subprime fraud. A former Wall Street broker pleaded not guilty Wednesday to charges he and a colleague duped investors into purchasing more than $1 billion in high-risk securities by making it look as though the trades were protected by the federal government. An indictment unsealed in federal court in Brooklyn said because the securities actually were tied to subprime mortgages, the two former Credit Suisse Securities brokers stood to pocket higher commissions. The scheme was exposed when the subprime market collapsed. Credit Suisse said the two resigned last September “after we detected their prohibited activity and promptly suspended them.” The New York investment firm said it immediately informed the Securities and Exchange Commission (SEC) of their activities and has continued to assist the agency in its investigation. The indictment and a related SEC civil lawsuit alleged that the two led corporate customers to believe that auction rate securities being purchased in their accounts were backed by federally guaranteed student loans and were safe like cash. In reality, the securities were backed by subprime mortgages, collateralized debt obligations and other high-risk investments, the authorities said. Because of their higher risk, they brought a higher yield and much larger commissions for the brokers. The SEC is seeking unspecified restitution and civil fines against the brokers. Source:

Information Technology

30. September 3, ComputerWorld – (National) Google Chrome at risk from ‘carpet bomb’ bug. Attackers can combine a months-old “carpet bomb” bug with another flaw disclosed last month to trick people running Google Inc.’s brand-new Chrome browser into downloading and launching malicious code, a security researcher said today. The attacks are possible because Google used an older version of WebKit, an open-source rendering engine that also powers Apple Inc.’s Safari, as the foundation of Chrome, said a researcher on Wednesday. He posted a proof-of-concept exploit to demonstrate how hackers could create a new “blended threat,” so-named because it relies on multiple vulnerabilities, to attack Chrome, the browser Google released this week. Source:

31. September 3, InformationWeek – (International) The steady rise of targeted trojan attacks. Reports out of South Korea say that North Korean spyware made its way onto the computer of a South Korean army colonel. “A North Korean spyware e-mail was reportedly transmitted to the computer of a colonel at a field army command via China in early August. The e-mail contained a typical program designed automatically to steal stored files if the recipient opens it. It has not been confirmed whether military secrets were leaked as a result of the hacking attempt, but their scale could be devastating given that the recipient is in charge of the South Korean military’s central nervous system – Command, Control, Communication, Computer & Information (C4I).” Source:

Communications Sector

32. September 4, Wall Street Journal – (National) FCC likely to cut back on phone data. Federal regulators are on the verge of cutting back on the amount of information they collect from the country’s largest phone companies about service quality and customer complaints. On Friday, the Federal Communications Commission (FCC) is expected to approve a request from AT&T Inc. to allow the company to stop filing yearly reports on service quality, customer satisfaction and infrastructure investment. Similar requests by Verizon Communications Inc. and Qwest Communications International Inc. are also expected to be approved soon. Consumer groups and state regulators have objected to the proposal, saying the quality data are valuable. The FCC will open up a related notice of proposed rulemaking that looks at how to improve the collection of data on complaints and other issues from phone companies, including wireless and Internet phone providers. Source: