Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, January 27, 2009

Complete DHS Daily Report for January 27, 2009

Daily Report

Headlines

 According to Canwest News Service, nearly 60,000 turkeys from a British Columbia farm will be killed after Saturday’s positive test result for avian flu. (See item 19)


19. January 25, Canwest News Service – (International) Avian flu found on BC farm; 60,000 turkeys to be killed. Nearly 60,000 turkeys from a British Columbia farm will be killed after positive test results for avian flu. The Canadian Food Inspection Agency (CFIA) confirmed the presence of H5 avian flu virus after initial tests showed the turkeys from E&H Farms, in Abbotsford, British Columbia, were infected. Abbotsford is about 43 miles southeast of Vancouver, near the U.S. border. The CFIA said further tests will be done to confirm the precise subtype of the virus; some subtypes of H5are more virulent than others. Twenty-two farms within a 2-mile radius of E&H Farms have been under quarantine since January 21. “In order to limit any potential virus spread, the CFIA is applying restrictions on the movement of poultry and poultry products within three kilometers of the infected premises,” said the CFIA news release. Any recent movement of birds, bird products, and equipment involving the infected property will be probed by the CFIA, which is also conducting a thorough epidemiological investigation of the farm. Source: http://www.nationalpost.com/news/story.html?id=1216692


 IDG News Service reports that Monster.com is advising its users to change their passwords after the company recently learned that its database had been illegally accessed. (See item 31)


See item 31 in the Information Technology Sector below.


Details


Banking and Finance Sector

11. January 24, Pittsburgh Tribune Review – (National) National phishing scam targets Sprint cell customers. Pittsburgh police investigators warned cell phone customers on January 23 about a text-messaging scam that they say is reaching “epidemic” proportions nationwide. People are receiving text messages as part of a phishing scam, in which victims are asked for their bank account numbers and PINs, said a detective of the Computer Crimes Unit. The scam affects Sprint cell-phone customers and involves dozens of banks, police said. The scam has affected customers in dozens of states, including New York, Michigan, Missouri, and Texas, police said. Source: http://hdvoice.tmcnet.com/news/2009/01/24/3937014.htm


12. January 23, Idaho Press Tribune – (Idaho; Oregon) Idaho attorney general warns of text message scam. The Idaho attorney general warned consumers not to respond to text messages claiming to be from Bank of the Cascades. Idaho consumers have been contacting the attorney general’s consumer protection division to report suspicious text messages, purporting to be from Bank of the Cascades. But Bank of the Cascades is not sending the messages. “Bank of the Cascades does not contact customers by text messaging,” the bank president said. “The criminals involved in this activity are sending messages to random cell phone numbers. They do not know who is a customer of the bank and who is not. None of the bank’s security systems have been breached and, as long as the consumer has not responded, there is no danger to their account.” The text messages ask customers, as part of a “protection program,” to call a telephone number “to verify your account info.” Consumers who call the telephone number reach a recorded message that asks them to enter their credit card number. The bank’s security division believes this scam is coming from outside the United States. A scam text message purporting to be from Bank of the Cascades also popped up on cell phones across the Rogue Valley in Oregon. Source: http://www.idahopress.com/news/?id=19072

See also: http://www.mailtribune.com/apps/pbcs.dll/article?AID=/20090123/NEWS/901230330


13. January 23, CNNMoney – (California) FDIC closes 1st Centennial Bank. California banking officials closed the 1st Centennial Bank on January 23, the FDIC said; in announcing the third bank failure this year. The bank, which has just six branches, will be purchased by First California Bank of Westlake Village, California, the FDIC said. As of January 9, 2009, 1st Centennial had total assets of $803.3 million and total deposits of $676.9 million. Approximately $12.8 million of that exceeded the insurance limits, the FDIC said. Source: http://money.cnn.com/2009/01/23/news/companies/fdic_1stcentennial.reut/index.htm


Information Technology


30. January 26, United Press International – (International) Virus strikes 15 million PCs. A virulent computer virus has infected as many as 15 million computers around the world so far, according to various estimates. The virus — a self-replicating computer worm known as Downadup, Conficker, or Kido — spreads across computer networks using Microsoft Windows software which have not been patched or updated properly. The Independent on Sunday newspaper said in London by the weekend of January 24-25 more than 3,000 British organizations had been hit by the virus. But U.S. computer security firm Symantec noted on its blog last week that very few computers in North America had been infected, a trend which it attributed to the greater prevalence of legal and fully patched software. The Independent on Sunday said as many as 15 million computers worldwide had been infected, but most other estimates are in the 8 million to 12 million range. Helsinki-based Internet security software firm F-Secure said on its blog that infections may have peaked. Source: http://www.upi.com/Top_News/2009/01/26/Virus_strikes_15_million_PCs/UPI-19421232924206/


31. January 24, IDG News Service – (International) Monster.com reports theft of user data. Monster Worldwide Inc. is advising its users to change their passwords after data, including e-mail addresses, names and phone numbers, was stolen from its database. The break-in comes just as the swelling ranks of the unemployed are turning to sites such as Monster.com to look for work. The company disclosed on its Web site that it recently learned that its database had been illegally accessed. Monster.com user IDs and passwords were stolen, along with names, e-mail addresses, birth dates, gender, ethnicity and, in some cases, users’ states of residence. The information does not incluresumes or Social Security numbers, which Monster.com said it does not collect. Monster.com posted the warning about the breach on January 23 morning and does not plan to send e-mails to users about the issue, said a Monster.com spokeswoman. The SANS Internet Storm Center also posted a note about the break-in on January 23. USAJobs.com, the U.S. government Web site for federal jobs, is hosted by Monster.com and was also subject to the data theft. USAJobs.com also posted a warning about the breach. Monster.com has been checking for misuse of the stolen information but has not yet found any, said a company spokeswoman. The company has made changes since discovering the break-in but will not discuss them because it does not discuss security procedures publicly and because it is still investigating the incident, the spokeswoman said. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126738&intsrc=hm_list


Communications Sector

Nothing to report