Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, January 20, 2009

Complete DHS Daily Report for January 20, 2009

Daily Report


 According to the New York Times, plans for a statewide wireless network for emergency workers in New York have been canceled, after years of delays and numerous technological snags. (See item 26)

26. January 16, New York Times – (New York) Wireless network for emergency workers is canceled. Plans for a statewide wireless network for emergency workers have been canceled, after years of delays and numerous technological snags. New York State had a $2.1 billion contract with M/A-COM, a subsidiary of Tyco Electronics, which was chosen in 2005 to build the network. It was meant to link workers who would be the first to respond to an emergency. The state’s chief technological officer sent a letter by express mail postmarked Wednesday to the president and lead legal counsel for M/A-COM. The letter, a copy of which was reviewed by the New York Times, included a 10-page summary of the deficiencies that M/A-COM did not remedy. The termination of the contract came after months of growing tension between the state and the company, which had missed several deadlines to repair its network in two counties upstate, where trials were under way. With the state facing a yawning fiscal gap, the governor was leaning toward shutting down the network, which has already cost New York more than $50 million, the New York Times reported on January 9. In its letter, the state said it wanted to recover the money it had already spent on the project. The state is considering a number of alternative technologies, though it was unclear when one or more of them might be selected. Source:

 Greater Milwaukee Today reports that the spilling of a substance in Wal-Mart Supercenter in Germantown, Wisconsin Thursday afternoon, which sent nearly 50 people to area hospitals, has been called a criminal act and is under investigation. (See item 32)

32. January 16, Greater Milwaukee Today – (Wisconsin) Dozens sent to hospitals after spill at Germantown Wal-Mart. The spilling of a substance spilled on the floor of the Wal-Mart Supercenter in Germantown Thursday afternoon, which sent nearly 50 people to area hospitals, has been called a criminal act and is under investigation by police, the FBI and the Bureau of Alcohol, Tobacco and Firearms. The Germantown police chief announced that the discount department store is being treated as a crime scene and will remain closed until test results on the substance found on the floor of a main aisle are obtained from the state crime lab. He declined to go into detail about the substance found and removed during a sweep of the store Thursday afternoon by the Washington County hazmat team, assisted by the Milwaukee County hazmat team. “We got the stuff (out) but there could be contamination issues,” the chief of police said. Source:


Banking and Finance Sector

7. January 16, Maryville Daily Times – (Tennessee) Whitehouse pleads guilty to $16.9M bank fraud. A Maryville businessman, whose companies put more than 100 people out of work when they abruptly closed in June, pleaded guilty to almost $17 million in bank fraud Thursday in federal court in Knoxville. According to a statement from the Department of Justice, Eastern District of Tennessee, he admitted to engaging in schemes to defraud Regions Bank of $14.2 million, BankEast of $950,000, and Clayton Bank and Trust of $1.8 million. The chief executive officer of Clayton BanCorp, Inc. said Clayton Bank and Trust had protected itself by requiring adequate collateral in its dealings with the man’s firms and had not lost any money in the schemes. According to court documents, the man admitted that from May 2005 through June 18, 2008 he defrauded the financial institutions by obtaining loans based on nonexistent collateral. His firms that participated in the scheme included Procynet, doing business as Direct Integration Specialists, also known as Direct IS, Medical Data Specialists, Data Control, and Eagle Investment. Source:

8. January 15, Bloomberg – (Georgia) Georgia firm accused of ponzi scam before stock sale. A Georgia currency trader and his firm cheated investors in a $25 million Ponzi scheme and planned to raise $100 million in a stock offering, U.S. regulators said in lawsuits today. CRE Capital Corp. and its 48-year-old owner falsely promised investors 10 percent monthly profits on U.S. and Japanese currency bets, the Securities and Exchange Commission said in a suit at federal court in Atlanta. In reality, money from new investors was used to pay returns to early participants, while the firm’s trading lost more than $12 million since June, the agency said. More than 120 investors were lured into the scheme, it said. Source:

9. January 15, Central Valley Business Times – (National) Phishing attack disguised as message from FDIC. The Federal Deposit Insurance Corporation (FDIC) reports fraudulent e-mails claim that a phishing attack has affected the Fedwire system and that restrictions are in place. The e-mails further instruct recipients to click on links within the e-mail for additional information. That is where the trouble starts. Once clicked, the links actually unleash malicious Trojan horse programs onto end users’ computers. The real FDIC says consumers, businesses, and financial institutions should be aware that Fedwire operations are not restricted and are operating as normal. Source:

Information Technology

28. January 15, Red Orbit – (International) More chip cores can mean slower supercomputing. The worldwide attempt to increase the speed of supercomputers merely by increasing the number of processor cores on individual chips unexpectedly worsens performance for many complex applications, Sandia simulations have found. A Sandia team simulated key algorithms for deriving knowledge from large data sets. The simulations show a significant increase in speed going from two to four multicores, but an insignificant increase from four to eight multicores. Exceeding eight multicores causes a decrease in speed. Sixteen multicores perform barely as well as two, and after that, a steep decline is registered as more cores are added. The problem is the lack of memory bandwidth as well as contention between processors over the memory bus available to each processor. Source:

29. January 14, eWeek – (International) Botnets’ landscape changes as spammers get back in the swing of things. It has been roughly two months since the much-heralded shutdown of McColo, yet spam levels have remained below where they were previously. While the amount of spam hitting enterprise networks is building as botnet operators regain their momentum, the botnet landscape has changed significantly. Some of the former kings of the hill, botnets such as Srizbi, were badly hurt by the shutdown. In its place, botnets such as Cutwail have gained steam. According to SecureWorks, Cutwail now has 175,000 compromised computers under its control, and is the top botnet to watch in 2009. Behind it on SecureWorks’ list is Rustock, which still claims 130,000 bots. The lesser-publicized Donbot is third with 125,000 bots. “Rustock seems to be using more domain names instead of hard-coded IP addresses,” the director of malware research at SecureWorks told eWEEK. “Srizbi has not done anything; it is still down. The others were not really impacted for very long.” The list is further rounded out by Ozdok, Xarvester, Grum, Gheg, Cimbot and Waledac. Together, those botnets are responsible for at least 90 percent of spam, the director said. Source:

30. January 13, eWeek – (International) Oracle releases critical patch update with 41 fixes. Oracle delivered 41 security fixes to its customers in its first CPU (Critical Patch Update) of 2009. Among those fixes are patches for serious flaws affecting Oracle WebLogic Server and Windows versions of Oracle Secure Backup. According to Oracle, a vulnerability in the WebLogic Server plug-ins for Apache, Sun Microsystems and IIS (Internet Information Services) Web servers received a CVSS (Common Vulnerability Scoring System) rating of 10 and can be exploited remotely without authentication. There are also three other vulnerabilities affecting WebLogic Server and an additional vulnerability in WebLogic Portal. The highest CVSS rating among them is 6.8. Four of the nine vulnerabilities affecting Oracle Secure Backup received a CVSS score of 10. All nine of these flaws, however, can be exploited remotely without authentication. The CTO of Imperva said the lack of technical details provided by Oracle — particularly for the vulnerabilities rated 10 — makes it difficult for customers to assess their exposure. Source:

Communications Sector

31. January 15, eWeek – (International) Cloaking device may make cell phone static vanish. A new light-bending material has brought scientists one step closer to creating a cloaking device that could hide objects from sight. Beyond possible military applications, it also might have a very practical use by making mobile communications clearer, they said on January 15. “Cloaking technology could be used to make obstacles that impede communications signals ‘disappear,’” said an individual who worked on the study published in the journal Science. He was part of the same research team that in 2006 proved such a device was possible. He said the new material is easier to make and has a far greater bandwidth. It is made from a so-called metamaterial — an engineered, exotic substance with properties not seen in nature. Source: