Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, January 7, 2009

Complete DHS Daily Report for January 7, 2009

Daily Report


 According to WIRED, an audit has found that nearly 60 percent of the air traffic control towers and other key aviation facilities run by the Federal Aviation Administration are more than 30 years old and plagued by leaks, mold, and foggy windows that can make it difficult to see the aircraft. (See item 18)

18. January 5, WIRED – (National) Air traffic control towers go from bad to worse. Nearly 60 percent of the air traffic control towers and other key aviation facilities run by the Federal Aviation Administration (FAA) are more than 30 years old and plagued by leaks, mold, and foggy windows that can make it difficult to see the aircraft, an audit has found. The audit of 16 FAA facilities selected at random by the Department of Transportation’s Office of the Inspector General found “obvious structural deficiencies and maintenance-related issues.” The most severe problem was condensation-clouded windows that made it difficult to see the airfield. Age is to blame for most of the problems, the audit states. The FAA has 420 staffed air traffic control centers, each with a useful life of 25 to 30 years. But 59 percent of the buildings are more than 30 years old, and the average age of the system’s control towers is 29. Up to now, the FAA has said only that it will take action to address the issues and recommendations raised by the audit. They include coming up with a method for consistently funding ongoing maintenance operations, determining which FAA facilities will be needed once a new GPS-based air traffic control system is put in place, and ensuring that those facilities are equipped to handle the new system when it finally becomes a reality. Source:

 Government Technology reports that hackers compromised the U.S. President-elect’s Twitter account on Monday. (See item 31)

31. January 6, Government Technology (National) Obama’s twitter account hacked. Hackers compromised 33 Twitter accounts on Monday, including that of the U.S. President-elect, according to multiple news sources and Twitter. The Washington Times reported that at about 12:30 p.m., a message was sent to the President-elect’s followers asking them to participate in a survey. The message read, “What is your opinion on Barack Obama? Take the survey and possibly win $500 in free gas.” The message contained a link to a two-question survey on another Web site. A January 5 post on Twitter’s blog titled Monday Morning Madness said, “These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the e-mail address associated with their Twitter account when they can’t remember or get stuck. We considered this a very serious breach of security and immediately took the support tools offline. We’ll put them back only when they are safe and secure.” Security experts say it is likely the President-elect will have to give up some of the technological trappings he became accustomed to on the campaign trail. Source:


Banking and Finance Sector

9. January 6, USA Today – (National) U.S. considers costly switch to international accounting rules. In a regulatory sea change that could cost billions of dollars, thousands of U.S. companies — plus foreign corporations that do business here — will adopt global financial reporting rules within five years if regulators have their way. The impact is likely to surpass that of the Sarbanes-Oxley Act of 2002, the tough anti-corporate fraud law of the Enron era that cost individual businesses millions of dollars in accounting fees. Whether U.S. companies like it or not, the new era of global accounting appears unstoppable, and businesses that ignore the International Financial Reporting Standards (IFRS) will fall behind. The long march to IFRS would be grueling and the preparations expensive to carry out. Companies would need two to three years to upgrade their communications and software systems and to train many thousands of financial professionals. Regulators, CPAs, and investors would need to intensely study global accounting principles. Business schools would have to teach students the new accounting. The U.S. Securities and Exchange Commission hopes to give companies plenty of time to adjust to IFRS. In November, the SEC issued a “road map” that could lead to regulations requiring U.S. businesses to file their financial statements using international rules by 2014, or by 2011 for companies that volunteer. The SEC is seeking public comment and has said it will decide in 2011 whether to keep that timetable. Source:

10. January 6, Senatobia Democrat – (Mississippi) AG warns of text scam. A scam text message has apparently been circulating that targets area credit union members, announced the attorney general of Mississippi. The text message alerts the phone customer that they need to verify their Credit Union Account by calling a certain toll free number. “We received our first report of this apparent scam from the Mississippi Credit Union Association which tells us that they have had several complaints from Jackson area credit union members who had received this text message,” said the attorney general. “So far, we have confirmed that one person actually fell for the scam and his account had to be closed.” Investigators with the Consumer Protection Division of the Attorney General’s Office are looking into the complaints. Source:

11. January 6, WAFB 6 Baton Rouge – (Louisiana) Local bank warns customers of phishing scam. American Gateway Bank is urging their customers and others of a scam involving a text message sent out. A viewer from Gonzales says she received a text message that said, “This is an automated message from American Gateway Bank. Your ATM card has been suspended. To reactivate call urgent at 1-866-371-XXXX.” American Gateway Bank says they never call to request information such as account numbers, debit card, ATM pin information, or security code printed on the back of most cards. A spokesperson with AGB says they are just the latest bank to be hit by these phishing scams. Source:

12. January 5, Reuters – (National) GE’s finance arm launches $10 bln FDIC-backed debt. General Electric Co.’s finance arm on Monday launched a $10 billion sale of FDIC-backed debt, the largest sale under the government guarantee program since its inception last November. The General Electric Capital Corp. sale will push total issuance under the government program to over $115 billion, according to Thomson Reuters data. Before GE Capital’s deal, the largest sale under the program was $9 billion on December 1 from Bank of America, according to Thomson Reuters data. The so-called Temporary Liquidity Guarantee Program was created in November to fill a financing gap for banks shut out of the corporate bond market by skyrocketing yields. The new asset class is being sold to a combination of traditional corporate, agency, and Treasury investors, strategists said. Source:

13. January 5, Investment News – (National) NY Fed to begin buying MBS. The Federal Reserve Bank of New York Monday kicked off its initiative to support the U.S. housing market by purchasing mortgage backed securities. “The New York Federal Reserve is buying fixed-rate MBS guaranteed by mortgage lenders Fannie Mae of Washington, Freddie Mac of McLean, Va., and Washington-based Ginnie Mae,” the Fed bank said in a statement Monday. It was not revealed the amount of money the New York Federal Reserve will spend to buy the mortgage backed securities, but that figure and the number of purchases will be released on the New York Federal Reserve’s Web site beginning January 8, with weekly updates to be provided each Thursday thereafter. The firms selected by the central bank to manage the $500 billion purchase of MBS are BlackRock Inc. and Goldman Sachs Asset Management, both of New York; Newport Beach, Calif.-based Pacific Investment Management Co. LLC; and Boston-based Wellington Management Co. LLP. The New York Federal Reserve’s program was first announced November 25 and is designed to improve mortgage and housing conditions, and enhance the financial markets. Source:

Information Technology

35. January 5, – (International) The dangers of Web access. As companies rely more heavily on the Web in their move toward Enterprise 2.0, they face an increasing number of security and network problems. A Web survey of companies with an average of 1,000 employees conducted by Osterman Research on behalf of PureWire, a Web security software as a service vendor, found the majority of the 139 respondents concerned about the Internet. Fears that the Internet is an entry point for malware topped their list of concerns, with the impact of the Web and Web security on network bandwidth coming in second, and enforcement of Web usage coming in third. While many companies have established corporate policies against downloading certain types of files and have deployed systems that will block such downloads, they are not adequate solutions, the survey found. The security problem is partly due to the outdated enterprise approach to Web security and partly due to Web 2.0 technologies, a chief technology officer at PureWire told Source:

36. January 5, Softpedia – (International) New critical XSS flaw plagues Facebook. A new cross-site scripting vulnerability affecting the Facebook social networking Web site has been disclosed on the XSSed project’s website. The flaw allows for injection of potentially malicious code. The XSSed report credits security researcher DaiMon with the discovery of this latest threat. According to Alexa, Facebook currently has a global page rank of 5 and, as one of XSSed Project’s co-founders, points out, this significantly increases the flaw’s attack potential. “Malicious users can inject code to phish credentials and other sensitive personal information from millions of Facebook members,” he explains. Source:

37. January 5, The Register – (International) Boffin brings ‘write once, run anywhere’ to Cisco hijacks. A researcher has discovered a way to reliably exploit a known security vulnerability in a wide class of Cisco System routers, a finding that for the first time allows attackers to hijack millions of devices with a single piece of code. The discovery by an employee of Recurity Labs in Berlin brings the write-once-run-anywhere approach of software development to the dark art of compromising routers that form the core of the Internet. Previously, reliable exploit code had to be specifically fashioned to one of more than 15,000 different supported builds of IOS, or Internet Operating System, which run various Cisco devices. “What FX has shown, conclusively, is that when something comes out that can potentially compromise your router, you have to get on it as you would get on a remote vuln, for, say, your domain controllers or database servers,” said a fellow researcher who has reviewed the findings. “Router infrastructure has been conclusively proven to be as generically vulnerable as commodity operating systems.” By using small chunks of ROMmon, the finding has shown that it is possible to drop code into specific memory locations and then execute it. Source:

38. January 5, SC Magazine – (International) Web defacements escalate as Israel moves farther into Gaza. The number of Web sites defaced in protest of the Israeli invasion of Gaza dramatically spiked over the weekend. More than 10,000 sites have been compromised by hackers, who are gaining control of the sites to scrawl anti-Israeli, anti-American, and pro-Palestinian messages, said the director of research in computer forensics at the University of Alabama at Birmingham. The number of victim sites significantly jumped from the time the director first reported the campaign last week. In fact, a number of high-profile Israel-based sites, including and, recently fell victim to defacement when a Moroccan-based hacker team illegally accessed a New York-based domain registrar, Domain The Net Technologies. The intruders were able to redirect traffic by changing the domain name servers. A representative at the registrar, which hosted the sites, could not immediately be reached for comment. The anti-Israeli attacks are being launched from Egypt, Turkey, Iran, Syria, Lebanon, Algeria, Iraq, Saudi Arabia, and Morocco, the director said. No sites appear off limits, he said. In fact some appear entirely unrelated to the conflict in Gaza, such as the U.S.-based Georgia Young Farmers Association, which was defaced on January 5. Source:

Communications Sector

39. January 5, Techworld – (International) DECT phones and POS terminals are vulnerable. German security experts have built a cheap laptop-based sniffer that can break into cordless phones, debit card terminals, and security door mechanisms — and the same gear will also work on the next generation of Digital Enhanced Cordless Telecommunications (DECT), known as Cordless Advanced Technology-internet and quality, or CAT-iq. It can intercept calls and information directly, recording it in digital form. Even if encryption is switched on, the system can bypass encryption — simply by pretending to be a base station that does not support it. The DECT protocol is used in many millions of cordless phones, as well as in wireless debit card readers, security doors, and traffic management systems. It has encryption built in, but the protocol is kept secret. If they cannot get encryption to work, all the most popular phones will happily revert to unencrypted communications, said one researcher: “A phone should break the connection if the encryption is rejected, but the priority from the manufacturer lies on interoperability not on security, so this is accepted to make the phones work with more (unsecure) stations.” A cryptographer working in the group that demonstrated the DECT problems said it is not clear whether the same method would work on debit card reading systems, since these may enforce the use of encryption, or employ higher level encryption such as Secure Socket Layer (SSL). “We haven’t been able to verify whether any POS terminals actually do reject unencrypted communications,” he said. “If however the UAK - the master secret shared between the base station and the terminal - generated during the pairing of the POS terminal with the base station is weak, then all communications can be decrypted anyway.” Source:

40. January 5, FierceTelecom – (National) The pull of home networks for telecom. This week Telcordia is promoting two white papers mapping out what it calls the “intricacies of telecom’s newest frontier - the home network.” Understanding the home network is a big challenge for service providers of all types. If a service does not work, the first organization to get the call will typically be the service provider, followed by a call to the equipment manufacturer, and a lot of finger-pointing all around if calls #1 and #2 do not resolve the problem to the end user’s satisfaction. In “Broadband Home Network Infrastructure - Viewing the Future,” Telcordia analyzes the importance of a home network infrastructure in the era of high-bandwidth networks and the move from multiple, autonomous home networks to integrated, broadband home networks that support multiple HDTV streams, including voice, video, and data. The second report, “Enabling and Ensuring QoS in the Future Broadband Home Network,” addresses the issues in providing and assuring Quality of Service for multimedia services throughout the home network. Source: