Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, January 6, 2009

Complete DHS Daily Report for January 6, 2009

Daily Report

Headlines

 Reuters reports that eight people died and one was injured in Sunday’s crash in Louisiana of a helicopter carrying oilfield workers. (See item 11)

11. January 5, Reuters – (Louisiana) 8 die in U.S. oilfield services helicopter crash. Eight people died and one was injured in Sunday’s crash in Louisiana of a helicopter carrying oilfield workers, the U.S. Coast Guard said. The crash, about 75 miles southwest of New Orleans, involved an aircraft operated by Petroleum Helicopters Inc. of Lafayette, Louisiana, a news release said. The U.S. Coast Guard responded to a distress signal and found the downed aircraft in a marsh. A Coast Guard helicopter took the survivor to a hospital in critical condition, local news reports said. Eight bodies were recovered by the Terrebonne Parish Sheriff’s Department, the Coast Guard said. The cause of the crash was under investigation. Source: http://uk.reuters.com/article/oilRpt/idUKN0535022920090105

 According to eFluxMedia, the social networking Web site Twitter announced over the weekend that it has detected a phishing scam on its Web site. (See item 32)

See Item 32 in the Information Technology Sector below

Details

Banking and Finance Sector

8. January 5, Wall Street Journal – (National) Madoff chasers dug for years, to no avail. Bernard L. Madoff Investment Securities LLC was examined at least eight times in 16 years by the Securities and Exchange Commission and other regulators, who often came armed with suspicions. The serial regulatory failures were on display Monday when Congress holds a hearing to probe why the alleged fraud went undetected. Among the key witnesses is an SEC inspector who was asked last month by the agency’s chairman to investigate the mess. SEC examiners seemed to be looking in the right places, yet still were unable to unmask the alleged scheme. For example, investigators were led astray by concerns that the defendant was placing orders for favored clients ahead of others to get a better price, a practice known as “front running.” Concern that the SEC lacks the expertise to keep up with fraudsters is the latest criticism of the agency. Source: http://online.wsj.com/article/SB123111743915052731.html?mod=googlenews_wsj


9. January 3, Maryville Daily Times – (Tennessee) Feds charge Whitehouse in $17M bank fraud scheme. An assistant U.S. attorney filed against the Maryville businessman Tuesday in U.S. District Court in Knoxville that accuses him of three counts of defrauding banks of a total of $16,935,025. The defendant was owner of the now defunct Maryville-based firms of Medical Data Specialists, Resource Imaging, Data Management Services and Procynet, along with Direct IS in Knoxville and Basic Communications in Nashville. The firms, which abruptly collapsed in June 25, 2008 were primarily engaged in medical and computer hardware services. The first count charges the defendant executed a scheme to defraud AmSouth Bank and its successor, Regions Bank, causing a loss of $14,189,749. The information claims the defendant provided the bank with bogus serial numbers for fraudulently represented licences for medical management software. Count 2 charges the defendant defrauded BankEast of $950,567. The charges involve bogus software licenses as well as bogus service agreements. Count 3 claims Clayton Bank and Trust lost $1,794,709 due to a scheme by the defendant involving nonexistent software licenses and service agreements that also never existed. Source: http://www.thedailytimes.com/article/20090103/NEWS/301039990


10. January 2, American Banker – (International) Data hackers shift to phishing for domain name credentials. Security experts are warning financial companies of a relatively new type of computer attack in which hackers gain control of a bank’s domain name. The technique gained widespread attention last month when hackers briefly took over the domain names of Fiserv Inc.’s CheckFree bill payment unit, and observers say they have seen signs that this form of attack will be used more widely this year. The domain name system, or DNS, attack “in late 2008 has started getting a lot of attention from attackers, as opposed to past years, when this area was pretty quiet,” said the chief technology officer at Trusteer Ltd. of Tel Aviv. “The major reason” for the trend, he said, “is that attackers found out that it is much easier to get users to browse to so-called legitimate sites rather than direct users to sites that are obviously not legitimate.” Most phishing attacks involve fake sites that replicate a bank’s site but must be hosted elsewhere. In some cases, fraudsters are able to register domain names that include the brand of the site they are imitating, but people who type banks’ domain names into the browser each time they visit would typically not be directed to fake sites. Source: http://www.americanbanker.com/usb_article.html?id=20081231QS6OX4TQ



Information Technology


32. January 5, eFluxMedia – (International) Twitter detected phishing scam. The social networking Web site Twitter announced over the weekend that it has detected a phishing scam on its Web site. A message on the Web site warns users to be suspicious about links that redirect them to Web sites looking similar to those on Twitter.com and request them to enter their log in credentials. The co-founder of Twitter posted a message on its blog in which it admitted that there is a phishing swindle “directed at Twitter users” which consists of emails that are automatically sent to users’ inboxes and look very similar to personal notification messages. The emails contain texts such as “hey! check out this funny blog about you?” and “Hey, i found a website with your pic on it? LOL check it out here.” He added that users should always log on Twitter through the homepage only, as it is the most secure way to do it. However, many of them use third party services or other Web pages to do this, so they will not be so mistrustful when they will have to enter their user name and password on the Web site provided by the fake email message. Twitter announced that it would reset passwords of users that have been scammed, but it also recommends that all users should do the same in order to be sure that their information is not stolen and used to defraud others, too. Source: http://www.efluxmedia.com/news_Twitter_Detected_Phishing_Scam_32582.html


33. January 5, ComputerWeekly – (International) Security risk in Windows 7 pirates. Installing leaked copies of Microsoft’s Windows 7 operating system is highly risky. Pirate versions of an early build of Microsoft’s latest operating system are available on file-sharing networks. Windows 7 is under final developer testing ahead of an expected commercial release later this month. But security firm Fortify Software says there is no way of knowing whether or not hackers have tampered with the 2.44Gbyte file. Anyone downloading and installing the operating system could find their PC generating malware, denial of service attacks, and spam, said Fortify. It is highly unlikely that any IT security application will protect users from internally coded malware in the operating system, said the director of product marketing at Fortify. “Fall-out from using an unofficial version of the new operating system could be quite severe,” he said. Microsoft has extended its Bitlocker encryption technology to support portable storage devices. Microsoft said users will also be able to connect securely to Windows Server 2008 networks without the need for a VPN. Source: http://www.computerweekly.com/Articles/2009/01/05/234051/security-risk-in-windows-7-pirates.htm

34. January 5, IDG News Service – (International) Bangalore IT companies receive e-mail threats. IT companies in Bangalore, including Infosys Technologies and Wipro, received an e-mail last week threatening to blow up their facilities, according to police officials. The e-mail was addressed to six companies in Bangalore, said Bangalore’s joint commissioner of police on January 5. The mail was sent from a locate on in Bangalore, and police are working on tracking the sender, he said. Infosys has received a threatening e-mail, also addressed to various other companies, said a spokeswoman for the company. Local authorities have been contacted and are investigating, while security continues to be on alert in all Infosys campuses, she added. Wipro declined to comment on the e-mail threat. Source: http://www.pcworld.com/article/156313/bangalore_it_companies_receive_email_threats.html

Communications Sector

Nothing to report