Department of Homeland Security Daily Open Source Infrastructure Report

Monday, September 29, 2008

Complete DHS Daily Report for September 29, 2008

Daily Report


 Reuters reports that Washington Mutual Inc. was closed by the U.S. government in the largest failure of a U.S. bank. Its banking assets were sold to JPMorgan Chase for $1.9 billion. (See item 16)

See the details in the Banking and Finance section

 According to the Associated Press, two laptop computers and other equipment were stolen from a federal center in New Haven, Connecticut, that processes applications for a program that provides identification cards to workers with access to seaports. (See item 18)

18. September 25, Associated Press – (Connecticut) FBI investigates break-in at ID card contractor. Two laptop computers and other equipment were taken from a federal center in New Haven, Connecticut, that processes applications for a program that provides identification cards to workers with access to seaports, federal officials said. Authorities say the computers, a camera, and biometrics collection equipment were taken from the Grand Avenue site over the weekend. The FBI is assessing whether there was a threat to national security, said a spokesman. A spokesman for the Transportation Security Administration (TSA) said the stolen laptops do not pose a security risk. He says data is wiped clean daily and is encrypted, so it is not accessible to thieves. A TSA spokesman said one laptop was used for enrollment information and the other computer was used for administrative purposes and is passport protected with no personal identifying information. Source:


Banking and Finance Sector

16. September 26, Reuters – (National) WaMu is largest U.S. bank failure. Washington Mutual Inc. was closed by the U.S. Government in by far the largest failure of a U.S. bank, and its banking assets were sold to JPMorgan Chase for $1.9 billion. Washington Mutual is the largest U.S. savings and loan and was shut by the Federal Office of Thrift Supervision (OTS). The Federal Deposit Insurance Corp. (FDIC) was named receiver. This followed $16.7 billion of deposit outflows at the Seattle-based thrift since September 15, OTS said. The FDIC chairman said the bailout happened on Thursday night because of media leaks and to calm customers. Customers should expect business as usual on Friday, and all depositors are fully protected, the FDIC said. It vaults JPMorgan past Bank of America to become the nation’s second-largest bank, with $2.04 trillion of assets, just behind Citigroup. Bank of America will go to number one once it completes its planned purchase of Merrill Lynch. FDIC said the acquisition does not cover claims of Washington Mutual equity, senior debt, and subordinated debt holders. It also said the transaction will not affect its roughly $45.2 billion deposit insurance fund. Source:

17. September 26, Reuters – (National) Investor in Lehman preferred stock sues for fraud. An asset manager has sued a group of Wall Street firms that underwrote a $1.9 billion Lehman Brothers preferred stock offering in February, accusing them of misleading investors about Lehman’s financial health. The lawsuit contends that the prospectus issued ahead of the offering was false and misleading because it did not reveal Lehman’s significant exposure to the subprime mortgage market and also did not disclose that Lehman was in desperate need of capital because of deteriorating market conditions and rapidly falling values of its assets. Lehman itself was not named as a defendant in the lawsuit because it is in bankruptcy protection, though its chairman and chief executive and several other Lehman directors were named as individual defendants. The lawsuit, filed on Wednesday in U.S. District Court in Manhattan by institutional investors Fogel Capital Management, contends that investors who bought the preferred stock were misled about the risks of investing in Lehman. The suit seeks class-action status. Defendants include subsidiaries of Bank of America, Citigroup, Merrill Lynch, and several other firms that underwrote the offering, the lawsuit said. A Lehman spokesman said that the firm believed the lawsuit was without merit and “we will defend against it vigorously.” Source:

Information Technology

37. September 25, Times Online – (International) Father of the internet: ‘web is running out of addresses’. The world is about to run out of the internet addresses that allow computers to identify each other and communicate, the man who invented the system has told The Times. The “father of the internet” and one of the world’s leading computer scientists, said that businesses and consumers needed to act now to switch to the next generation of net addresses. Unless preparations were made now, he said, some computers might not be able to go online and the connectivity of the internet might be damaged. IP addresses are as crucial to websites as street addresses are for businesses but some network engineers predict that we will run out of them in two years. What is the solution? Every computer and online device is assigned a unique IP address, but the pool of unallocated numbers is about to dry up. When the internet system was founded in 1977, he set in place “internet protocol version four” (IPv4) which provided 4.2 billion addresses. With the number of internet-enabled devices, particularly mobile phones, soaring, less than 14 per cent of those addresses remain vacant. It is estimated that IPv4 addresses, each of which is a series of 32 binary digits, will run out in 2010 and possibly as early as next year. A new system, called IPv6, has been ready for implementation for more than a decade. Under IPv6, each address has 128 bits and so provides 340 trillion, trillion, trillion different addresses - that is 340,000,000,000,000,000,000,000,000,000,000,000,000. It is assumed that this will meet humanity’s needs for decades to come. The two protocol systems will run in tandem and IPv4 addresses will still work as normal. But if the IPv6 is not widely adopted, then those using it may find themselves unable to connect across the whole internet. Source:

38. September 25, Computerworld– (National) Hackers resurrect notorious attack tool kit. Neosploit, the notorious hacker exploit kit that some thought had been retired months ago, has not only returned from the dead, but is responsible for a dramatic increase in attacks, a security researcher claimed today. “Neosploit’s back,” said the director of security research at Aladdin Knowledge Systems Inc. In July, researchers at RSA’s FraudAction Research Lab said that they had evidence that the creators of Neosploit were abandoning the business. For proof, RSA quoted a going-out-of-business message said to have originated with Neosploit’s authors. Neosploit, which first appeared in 2007, was a follow-on to the earlier MPack and a contemporary to another infamous exploit kit, WebAttacker. Those kits, including Neosploit, were used by cybercriminals to launch attack codes aimed at new vulnerabilities in Windows, Internet Explorer or third-party software such as Apple Inc.’s QuickTime. But Neosploit also boasted features new to the click-to-attack business, including sophisticated statistical analysis and management tools. Source:

Communications Sector

39. September 25, Orange County Register – (California) KFI/640 AM flips switch on much-debated tower. A much-debated radio tower — on the same site where two previous towers crashed to the ground in the past four years — is standing tall and beaming a 50,000-watt signal throughout southern California as of Thursday evening. Officials at KFI/640 AM held a private ceremony to flip the switch and restore full power to a radio tower next to the I-5 freeway that reaches a potential audience of 11 million listeners. In 2004, a small plane crashed into a 760-foot-tall tower on approach to Fullerton Municipal Airport — less than two miles southeast of the tower. The La Mirada City Council eventually approved a plan to rebuild the tower on the original site at 654 feet tall. That approval came despite objections from the city of Fullerton, Fullerton Airport management, and a handful of pilots who said anything over 500 feet would again pose a serious safety risk to planes taking off and landing. La Mirada officials said they support having the tower in their city, because it would broadcast emergency information to millions of southern Californians after a natural disaster. Source:

40. September 24, BBC News – (International) Solar wind blows at 50-year low. The solar wind — the stream of charged particles billowing away from the Sun — is at its weakest for 50 years. Scientists made the assessment after studying 18 years of data from the Ulysses satellite which has sampled the space environment all around our star. Scientists expect the weakened wind to have a wide range of impacts. The charged wind particles carry with them the Sun’s magnetic field, and this has a protective role in limiting the number of high-energy cosmic rays that can enter the Solar System. More of them will probably now make their way through. The rays can damage satellite electronics, and if current solar wind conditions persist, engineers would have to take this into account when deciding how to “harden” their spacecraft. “Reduced solar activity also leads to the cooling of Earth’s upper atmosphere and if Earth’s upper atmosphere is cooler then there is less drag up there on satellites and this means we are left with much more debris up there,” said a professor from Boston University. Some researchers have attempted to link the intensity of cosmic rays at Earth to cloudiness and climate change. Source: