Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, September 17, 2009

Complete DHS Daily Report for September 17, 2009

Daily Report

Top Stories

 According to WBIR 10 Knoxville, five tanker cars each with 30,000 gallons of holding capacity overturned in a train derailment on Tuesday near downtown Knoxville, Tennessee. Two of the five tanker cars leaked about 1,500 gallons of ethanol, and several businesses and residents evacuated themselves from the area after the spill. (See item 4)

4. September 15, WBIR 10 Knoxville – (Tennessee) 3 tankers back on track, now working on overturned cars. Authorities said three tankers are now back on the tracks, following a train derailment near downtown Knoxville. Crews are now focusing on the five cars that were actually overturned. They will likely work until about 4 a.m. Wednesday, according to a Knoxville Fire Department spokesman. Everyone has been cleared to return to their homes and businesses. The businesses on Cooper Street between Bernard and Fifth avenues remained evacuated until late Tuesday, but they should be ready to reopen Wednesday morning. No one has yet arrived to ask for help at a Red Cross Shelter set up at West View Wesleyan Church on Joyce Avenue. Volunteers plan to stay into the early evening hours just in case. The R.J. Corman company headed to Knoxville from West Virginia, with a piece of equipment known as a sidewinder, to right five tanker cars that overturned near downtown Knoxville. Two of those five tanker cars leaked ethanol. This particular ethanol is normally added to gasoline at around a 10 percent blend. Each of the tankers holds 30,000 gallons. About 1,500 gallons of ethanol spilled overall. The Corman workers arrived around 6 p.m. Tuesday night. The sidewinder is a counter-weighted piece of equipment that can pick up the tankers and move them to where they need to be. Several businesses and residents evacuated themselves from the area after the spill, but no one reported to a Red Cross shelter set up on Joyce Avenue. Source:

 KATU 2 Portland reports that vandals threw acid or paint stripper Sunday overnight on 15 expensive SUVs at the Vic Alfonso Cadillac Dealership in Portland, Oregon, damaging the exteriors. The FBI is helping in the investigation of the vandalism, which could be the effort of an eco-terrorism group. (See item 43)

43. September 15, KATU 2 Portland – (Oregon) Hummers vandalized at local dealership’s lot, FBI stepping in. Vandals in Portland targeted over a dozen expensive SUVs overnight Sunday, throwing acid or paint stripper that damaged the exteriors. Police said no one has claimed responsibility and there is no indication of how many people were involved. The damage is to as many as 15 cars, mostly Hummer models for sale at the Vic Alfonso Cadillac Dealership in Northeast Portland. Paint could be seen peeling off the exterior of one car and others were streaked and stained. The Portland Police Bureau has confirmed that 15 vehicles were damaged. Detectives investigating the case have not released any suspect information. However, they did confirm that agents from the Federal Bureau of Investigation are helping in the investigation. A sociology professor at Portland State University indicated that this could be the effort of an eco-terrorism group. “The environmental groups don’t typically kill anybody,” he said, “but they can cause millions of dollars in damages to property so they get the full attention of federal law enforcement for that reason.” The Earth Liberation Front said on its Web site that it is not claiming responsibility, but said that the act is “an evident response to the impact SUVs and Hummers have on the environment.” Police said there is a possibility that the incident was not an act of so-called eco-terrorism and that anyone could have damaged the vehicles. Source:


Banking and Finance Sector

14. September 16, New York Times – (International) Billion-dollar pyramid scheme rivets Lebanon. Money disappeared, judicial authorities say, in a billion-dollar pyramid scheme that has riveted Lebanon, a New York Times writer writes from Tura. Its mastermind, a businessman, was charged with fraud on September 12. Bankers say it is the biggest fraud of its kind this country has ever seen. Although the scandal is not likely to affect Lebanon’s broader economy, it could create real problems in the Shiite community, where some major real estate owners and businessmen went into debt to finance their investments. The full extent of the alleged swindle remains unclear, but the judicial official said the amount lost appeared to be at least $700 million, and possibly more than $1 billion. Source:

15. September 15, U.S. Department of Justice – (International) California court bars four men from promoting alleged stock-loan tax fraud scheme. A federal judge in San Francisco has issued permanent injunctions barring four individuals from promoting what a government lawsuit describes as a complex tax-fraud scheme involving several entities located around the globe, the Justice Department announced on September 15. A U.S. District Judge signed the injunction orders against two individuals of South Carolina; one from New York; and one from Jilin, China. The four agreed to the injunctions without admitting the government’s allegations against them. The government complaint filed in the case alleges that these four men and other defendants promoted a so-called “90% Stock Loan” program, using entities located in the United States, Hong Kong and the Isle of Man, that falsely purported to enable customers to contribute appreciated stocks or other securities in exchange for payments equal to 90% of the securities’ value without paying income tax on capital gains. Through this scheme, also known as the “Derivium” scheme, named after one of the companies involved, customers were allegedly told that they could avoid income tax because the transaction was a loan rather than a sale. But in fact, the government alleges, customers’ securities were actually sold to raise the funds to pay the customers. According to the complaint, the defendants sold the scheme to approximately 1,700 customers nationwide, in transactions totaling over $1 billion. The complaint alleges that the scheme cost the U.S. Treasury an estimated $230 million or more. The same court barred another defendant from promoting the 90% loan program last year, after he agreed to a permanent injunction without admitting the government’s allegations. Source:

16. September 15, Bloomberg – (New York) House panel to examine SEC, FDIC roles in takeover of Merrill. The Federal Deposit Insurance Corp. chairman and two U.S. Securities and Exchange Commission chairmen will be questioned by lawmakers over their roles in Bank of America Corp.’s takeover of Merrill Lynch & Co. The House Oversight and Government Reform Committee at a September 30 hearing will seek “to better understand the nature and extent of their involvement,” the committee chairman said on September 15 in a statement. The New York Democrat’s panel also will probe Bank of America’s proposed settlement with the SEC on claims the bank misled investors about Merrill Lynch bonuses. The SEC chairman and her predecessor, who led the agency during the Merrill takeover, will also testify, according to the statement. The committee previously questioned the Bank of America Chief Executive Officer, the Federal Reserve Chairman and the former Treasury Secretary. A U.S. District Judge in New York on September 14 rejected a proposed $33 million settlement that would have resolved the SEC’s claim that the company deceived investors about bonuses to be paid Merrill executives. The Judge said the accord appeared to be a “contrivance” between the regulator and Bank of America and questioned why executives or their lawyers were not being sanctioned for the disclosures. Source:

Information Technology

39. September 15, Tech Herald – (International) Study: IT focused on the wrong network threats. A new report that looks at data collected from March-August 2009, from the SANS Institute, TippingPoint, and Qualys, essentially says IT security teams are misdirected. Security operations within IT are focused on operating system issues, leaving the two largest security problems, client-side software and web applications, on the back burner. The attack data in the report comes from IPS appliances deployed by TippingPoint at some 6,000 companies and government agencies. Vulnerability data comes from Qualys, via various appliances and software that monitored more than 9,000,000 systems, running over 100,000,000 scans. The combined information from Qualys and TippingPoint was then vetted by the SANS Institute, and the Internet Storm Center. The report focuses on three things. The first is that IT operations for the most part are making great strides in patching and securing the infrastructure from operating system threats. Other than the issues with Conficker, there were no new Worms based on operating system flaws during the time the data was collected. With that said, the other side of the operating system coin is that the number of buffer overflow attacks tripled from May-June to July-August, accounting for more than 90-percent of the attacks against Windows. The other two issues, mostly ignored by IT security, are the reason buffer overflow attacks worked so well during the testing period. The jump in the overflow based attacks correlated with the increase in the number of client-side software and web application vulnerabilities. “Waves of targeted email attacks, often called spear phishing, are exploiting client-side vulnerabilities in commonly used programs such as Adobe PDF Reader, QuickTime, Adobe Flash and Microsoft Office. This is currently the primary initial infection vector used to compromise computers that have Internet access,” the report says while discussing client-side software. Source:

40. September 15, The Register – (International) Australia mulls botnet takedown scheme. Australia is considering the adopting of a code that would oblige ISPs to contact, and in extreme cases perhaps even disconnect, customers with malware-infested computers. The voluntary eSecurity Code is designed to put a squeeze on the estimated 100,000 zombies in Australia, each of which might be capable of kicking out 10,000 junk emails a day. Pilot data sharing schemes in Australia are praised for resulting in the reduction of malware-infected systems. Around 68 ISPs were involved in a 2007 Australian Internet Security Initiative (AISI) programme credited with reports of 10,000 compromises every day. The scheme cost a relatively modest A$4.7 million over four years. Australia’s Internet Industry Association (IIA) is hoping to extend this scheme via a draft code of conduct, set to be applied from December onwards. A consultation scheme on the programme is due to run until 30 October 2009. Once an ISP following the code has detected a compromised computer, it should contact the customer and offer a clean-up advice. The scheme also covers a reporting system. ISPs that adhere to the scheme gain the right to display an IIA tortoise logo on their site. Technology for identifying and blocking compromised clients and for delivering “clean feed” internet traffic exists, but is not cheap. Whether ISPs will be able to create a business model for getting customers to pay the cost of security-enhanced services is a potential obstacle to the scheme. ISPs would be doing the cause of internet hygiene a favour in taking part in a zombie-clampdown scheme, but that’s not going to happen if it places them at a competitive disadvantage to those who carry on regardless. Source:

Communications Sector

41. September 16, Sky News – (International) Businesses without phones for a week. Thousands of homes and businesses in Sydney’s CBD have lost phone and internet connections after a contractor accidentally severed crucial cables. Contractors working for Energy Australia cut through a bundle of 10,000 Telstra copper wires and some multiple-fiber optical cables near the corner of York and Erskine streets about 9.30pm (AEST) on September 15. The contractors have told Energy Australia they used ‘Dial Before You Dig’ plans before digging, but an audit of the contractors, work equipment and procedures is being carried out. A Telstra spokesman said thousands of customers across the northeast of the CBD would be without mobile, fixed and wireless services for about a week. “There will be many thousands, the exact number we don’t know because we’re still plotting where this cable serves in the city,” the spokesman told reporters in Sydney on September 16. Source:

42. September 16, Ventura County Star – (California) Outage upsets customers of Verizon. A small fire turned into a big headache this week for thousands of Conejo Valley residents in the incorporated Lynn Ranch area who have been left without telephone and Internet service. The fire burned some bushes on September 13 in an industrial park about a mile west of Lynn Ranch, going up a utility pole and damaging telephone and Internet copper lines in two cables. The cables are owned by Verizon, which said the fire disrupted service for 2,400 of its customers. About 900 of them should have their service restored by September 16, and the company hopes the rest will have service by September 18, a spokesman said. A Verizon spokesman said restoring service to thousands of customers is a labor-intensive process since workers must manually resplice both ends of each cable, including two wires going to each household. The outage has affected schools and other organizations. Madrona Elementary School, in the 600 block of Camino Manzanas, has been without phone service. No one could be reached at the school on September 15 by landline. Source:

No comments: