Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, April 28, 2009

Complete DHS Daily Report for April 28, 2009

Daily Report

Top Stories

 According to Reuters, a car accident triggered a power outage that shut two refineries on Puget Sound in Washington State, electric utility Puget Sound Energy said on Friday. (See item 3)

3. April 24, Reuters – (Washington) Car wreck triggered power outage at refineries. A car accident triggered a power outage that shut two refineries on Puget Sound in Washington State, electric utility Puget Sound Energy said on April 24. A car struck a power pole the evening of April 23 along Washington State Highway 20 as maintenance was being done at another location on a transformer bank that would have re-routed electrical supply to the refineries and about 100,000 other customers, said a Puget Sound Energy spokeswoman. “Because of very unusual circumstances, we lost power,” she said. Electricity was restored within about two hours to most customers. On April 24, Shell Oil Co said it was restarting its 145,000 barrel per day (bpd) Anacortes, Washington, refinery. Tesoro Corp said power was restored at its 120,000 bpd Anacortes refinery where workers were checking for damage before beginning the restart process. Source:

 WJW 8 Cleveland reports that police say 53 people were arrested when an end of the year party near the Kent State University campus in Kent, Ohio turned into a riot on Saturday. The university secured campus buildings in the area as a preventive measure. (See item 42)

42. April 26, WJW 8 Cleveland – (Ohio) 53 people arrested after off-campus party turns into riot in Kent. Police say 53 people were arrested when an end of the year party in Kent, Ohio, known as College Fest on East College Street, turned into a riot on April 25. The event attracted thousands of students and heavy alcohol consumption. Tensions began escalating after police arrested an underage girl for drinking alcohol in the middle of the street and then arrested one of the girl’s acquaintances. A local resident said people started throwing bottles at officers because he forcefully pushed the girl. Kent Police responded by bringing in reinforcements from multiple agencies in full riot gear. Police officials declined requests for interviews on April 26 but said in a written statement that officers announced a dispersal order and arrested a number of people who failed to leave with multiple warnings. The crowd continued to throw objects such as bottles at officers and even firefighters who arrived to put out bonfires in the middle of the street. Paint balls filled with pepper spray were fired at some of the students. Most of the people arrested were charged with failure to disperse. They have been ordered to appear in Kent Municipal Court on either April 29 or April 30. A Kent University press statement released on the night of April 25 read in part that: The university secured campus buildings in the area as a preventive measure. There have reportedly been approximately 125 arrests. It is unknown at this time how many of the arrest are students. No injuries have been reported. Source:,0,3290409.story


Banking and Finance Sector

16. April 24, MarketWatch – (National) Four banks closed by regulators as credit crunch shakes out. Four banks in Georgia, Michigan, California and Idaho were closed by regulators on April 24, costing the Federal Deposit Insurance Corp.’s deposit insurance fund nearly $700 million as the effects of the credit crisis continued rippling throughout the U.S. economy. Kennesaw, Georgia-based American Southern Bank marked the 26th bank failure of the year and the fifth in the state of Georgia, the FDIC said. Farmington Hills, Michigan-based Michigan Heritage Bank then became the 27th failure of 2009, followed by the closure of Calabasas, California-based First Bank of Beverly Hills. Alpharetta, Georgia-based Bank of North Georgia has agreed to assume American Southern Bank’s deposits, the FDIC said in a statement. American Southern’s one office will reopen as a branch of Bank of North Georgia on April 27. American Southern had roughly $112.3 million in assets and $104.3 million in deposits as of March 30, according to the FDIC. Bank of North Georgia has also agreed to buy roughly $31.3 million of the failed bank’s assets, the FDIC said. The FDIC estimated the cost of American Southern’s failure to its deposit insurance fund will be $41.9 million. American Southern’s collapse marks the 51st bank failure since the credit crisis began last year. Source:{982438DE-54E6-4F2E-84FF-FA3F1556A589}

17. April 24, National Credit Union Administration – (Florida) Eastern Financial Florida Credit Union placed in conservatorship. The National Credit Union Administration (NCUA) on April 24 assumed control of the operations of Eastern Financial Florida Credit Union, a state-chartered, federally insured credit union headquartered in Miramar, Florida. The Florida Office of Financial Regulations, Bureau of Credit Union Regulation appointed NCUA as conservator on April 24 after placing Eastern Financial Florida Credit Union into conservatorship. NCUA has assumed control of the credit union and has appointed officials from Space Coast Credit Union of Melbourne, Florida to temporarily manage Eastern Financial Florida Credit Union’s day-to-day operations. NCUA’s goal is to continue credit union service to the members and ensure safe and sound credit union operations. Service continues uninterrupted at Eastern Financial Florida Credit Union and members are free to make deposits, access funds, make loan payments and use share drafts. While the credit union was placed into conservatorship because of declining financial condition, the decision to conserve a credit union enables the institution to continue normal operations with expert management in place. Source:

18. April 24, KDAF 33 Dallas (Texas) Duncanville police warn of scam. The Duncanville Police Department has received more than 20 calls from citizens regarding a possible scam. Citizens reported that they started receiving phone calls on April 23 and 24. The phone call was of a recording advising individuals that their credit card had been compromised and asked them to enter a number on the phone. It is unknown at this time if the subjects committing this scam were attempting to take over the individual’s phone service or if they were attempting to gather personal information from the individuals they called. The Duncanville Police Department continues to advise citizens that if they receive a phone call — be it a recording or a live person — asking for personal information or directing them to enter credit card numbers on the phone, to just hang up and do not call the number back. At this time, Duncanville Police do not have any reports of any criminal offenses taking place. Source:

Information Technology

50. April 27, CNET News – (International) Google plugs PC power into cloud computing. Google has released experimental but still very much real software that brings in some of the power of the PC, where people often use Web applications. Google Native Client, first released in 2008 but updated with a new version on April 23, is a browser plug-in for securely running computationally intense software downloaded from a Web site. And on April 21, Google released O3D, a plug-in that lets Web-based applications tap into a computer’s graphics chip, too. The projects are rough around the edges, to say the least. Native Client (NaCl) is more security research project than usable programming foundation right now, and O3D exists in part to try to accelerate the arrival of some future, not necessarily compatible, standard for building 3D abilities into Web applications. But both fundamentally challenge the idea that Web apps necessarily are stripped-down, feeble counterparts to the software that runs natively on a personal computer, and they come from a company that has engineering skill, a yen for moving activity to the Internet, and search-ad profits that can fund projects that do not immediately or directly make money. Source:

51. April 27, The H – (International) Vulnerability patched in Symantec Brightmail Gateway. Symantec has released an update for its Brightmail Gateway email security appliance to fix a cross-site scripting and privilege escalation vulnerability in the appliance’s Web based Control Center. Attackers could exploit the vulnerabilities from the internal network as the Control Center failed to properly filter client input from authorized users of the Control Center console. The update is available via the Software Update feature of Brightmail and is also available to registered users to download. Source:

52. April 26, Detroit Observer & Eccentric News – (Michigan) Patterson’s phishing bill breezes through senate. A bill sponsored by a Michigan state senator that is pushing tougher punishments for Internet crimes sailed through the senate on April 23. In particular the legislation targets phishing, or fraudulently acquiring personal information over the Internet. Phishing is a unique form of identity theft where criminals use e-mails or pop-up ads to lead consumers to counterfeit Web sites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Because the criminals highjack the names and logos of reputable banks, e-retailers and credit card companies, they convince consumers to respond. If the bill becomes law it would increase to a maximum of 10 years in prison and $500,000 in fines from the current five years and $25,000. The bill also would allow the attorney general or the Internet provider to file civil actions against the phishing site operators. Source:

53. April 24, IDG News Service – (International) Worm solves Gmail’s CAPTCHA, creates fake accounts. A Vietnamese security company has detected what it believes is a new worm that thwarts Google’s security protections in order to register new dummy Gmail accounts from which to send spam. Bach Koa Internetwork Security (BKIS) said the worm was discovered earlier the week of April 20 in one of its honeypots, the term for a computer set up to catch samples of malicious software. BKIS has named the malware “W32.Gaptcha.Worm.” Once a computer is infected with Gaptcha, the worm launches the Internet Explorer browser and goes to Gmail’s new account registration page. It begins to fill in random names of fictitious users. When confronted with a CAPTCHA, the worm sends the image to a remote server for processing, wrote a senior malware researcher, on the BKIS blog. A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is the distorted text that a person must solve before a new account can be created. It used to be hard for computers to translate the text, but improvements in OCR (optical character recognition) technology have overcome that barrier. In some cases, spammers are believed to employ people in low-income countries to figure out the CAPTCHA in order to gain new e-mail accounts. Once a new registration is complete, the account details are then e-mailed to a spammer. After too many account registrations, Google will eventually block the particular computer creating the accounts. The worm then removes itself, the researcher wrote. Source:

Communications Sector

54. April 27, WGRZ 2 Buffalo – (New York) Regional outage affected Time Warner phone, Internet customers. A spokeswoman for Time Warner Cable says an outage at the company’s regional headquarters caused customers across the Northeast to lose telephone and Internet services early April 26. Crews worked to bring the Northeast Regional Office in Syracuse back online, thousands of customers from Buffalo to Portland, Maine were without phone and Internet access. However, the outage did not affect cable TV services. It took several hours to get the regional high-speed data network back up and running. Source: