Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, May 5, 2009

Complete DHS Daily Report for May 5, 2009

Daily Report

Top Stories

 Aviation Week reports that U.S. Naval Air Systems Command has issued a temporary grounding bulletin on six UH-1Y Hueys and one AH-1Z Cobra due to extensive damage to the main rotor gearbox on two of the new Hueys. The problem was identified by pilots mid-flight. (See item 10)


10. May 1, Aviation Week – (National) U.S. Navair grounds new Hueys, one Cobra. U.S. Naval Air Systems Command (Navair) has issued a temporary grounding bulletin on six UH-1Y Hueys and one AH-1Z Cobra due to extensive damage to the main rotor gearbox on two of the new Hueys. The problem was identified by pilots mid-flight. “Warning lights indicated chips were present in the gear box of the aircraft,” a Navair spokesman said. The first time the problem occurred was on April 7. The second incident, on April 24, resulted in grounding all of the aircraft. The two affected UH-1Ys, stationed at Camp Pendleton, California, sustained “significant damage” to their gear boxes, which need to be replaced. Navair and manufacturer Bell Helicopter Textron have determined the problem to be faulty lower roller bearing retainers in the high-speed bearing assembly in the gearbox. However, the investigation is still ongoing. “They know what caused it, they have to determine why,” he said. The repairs — which could take up to two months — will be performed at Camp Pendleton. Bell is under contract to supply the Marine Corps with 349 new helicopters —123 are UH-1Ys and 226 are AH-1Z Cobras. Only last month, a Navy Rear Admiral, the program executive officer overseeing the H-1 upgrade program, said he was encouraged by what he considers to be improved performance by Bell on the Huey/Cobra program after a host of management problems prompted the Navy and Marines to evaluate other platforms in 2006. Source: http://www.aviationweek.com/aw/generic/story.jsp?id=news/GROUND050109.xml&headline=U.S.%20Navair%20Grounds%20New%20Hueys,%20One%20Cobra&channel=defense


 According to the Associated Press, government inspectors sorted through the Dallas Cowboys’ flattened practice facility in Irving, Texas on Monday, trying to figure out why fierce winds sent the tentlike structure crashing during a rookie workout session, hurting twelve people. (See item 44)


44. May 4, Associated Press – (Texas) Inspectors examine Cowboys’ flattened facility. Government inspectors sorted through the Dallas Cowboys’ flattened practice facility in Irving on Monday, trying to figure out why fierce winds sent the tentlike structure crashing during a rookie workout session. Twelve people were hurt. The most seriously hurt was the team’s 33-year-old scouting assistant who was permanently paralyzed from the waist down after his spine was severed. Inspectors were at the collapse site, said a spokeswoman for the U.S. Occupational Safety and Health Administration. Records obtained by the Associated Press show that the city of Irving granted a request by the Cowboys to replace the fabric roof last year, five years after the structure was built. The team listed itself as the contractor for the roof replacement, but a Cowboys spokesman said the team would not comment about the work. The company that built the $4 million facility — Summit Structures LLC of Allentown, Pennsylvania — said in a statement that proper engineering was used during the original construction and the installation of the new roof. The Summit president said he was in Irving on Monday, working with team and local officials to “fully assess this severe weather event.” The company said it has few answers now on precisely what happened. About 70 people, including 27 players at a rookie minicamp, were inside when the storm hit. Winds were clocked at 64 mph, 1 mph shy of the threshold for a weak tornado. A “microburst” may have pushed the wind beyond 70 mph at the top of the structure, National Weather Service officials said. Source: http://www.google.com/hostednews/ap/article/ALeqM5h33PBb6ZTeDU4DawZhEWsaUmgcxAD97VKOM81


Details

Banking and Finance Sector

12. May 4, Associated Press – (Connecticut) FBI arrests Conn. hedge fund manager. A Connecticut man who runs two hedge fund companies from his Stamford home is being held on mail fraud charges. The twenty-seven-year-old is being held pending a court hearing in Bridgeport federal court on May 4. The defendant is already the subject of a federal investigation involving an alleged $30 million fraud. He was arrested by FBI agents on May 1 at his home on the mail fraud charges. The defendant is accused of raising money for two hedge funds and defrauding victims by overstating and misrepresenting his background, his experience and his success and historic performance. Prosecutors say the mail fraud charges involve a New York investor who gave the defendant $500,000. He remains the focus of an investigation by the U.S. Securities and Exchange Commission. Source: http://www.businessweek.com/ap/financialnews/D97VD0AG2.htm


13. May 4, Courthouse News Service – (New York) Magazine touted Ponzi scam, investors say in $178m claim. Entrepreneur Magazine put Agape World on its “Hot 100” list of “fast-growth businesses,” inducing 87 “unsuspecting investors” to lose money on Agape’s Ponzi scheme, the 87 say in a $178 million demand in Nassau County Court. The plaintiffs say Entrepreneur regurgitated Agape’s claims about its business without investigating them. Irvine, California-based Entrepreneur featured Agape World in its May 2008 issue, after swallowing Agape’s claims without a reasonable investigation, the plaintiffs say. The complaint states: “Entrepreneur was aware that its Hot 100 lost would be used by Agape to attract unsuspecting investors, and that such investors would rely on the list and its criterion [sic] in their decision(s) to invest, maintain their investment, and/or recommend investment to others. Notwithstanding this knowledge and awareness, Entrepreneur did not attempt to verify the information received from Agape; at no time did Entrepreneur visit Agape headquarters, meet with its principals or request and/or conduct an examination of Agape’s books and records. Instead, Entrepreneur relied exclusively on the information provided by Agape in drawing its conclusions and making its recommendation. “In January 2009, after months of financial distress and following the arrest of Agape’s Chief Executive Officer, it was publicly revealed that Agape was merely an elaborate Ponzi scheme.” Source: http://www.courthousenews.com/2009/05/04/Magazine_Touted_Ponzi_Scam_Investors_Say_in_$178M_Claim.htm


14. May 2, Bloomberg – (New York) Former Brean Murray trader pleads guilty in $16 million fraud. A former trader at New York brokerage Brean Murray & Co. pleaded guilty to charges of stealing $16 million from friends and clients to support a lavish lifestyle. A former managing director of equity trading pleaded guilty April 30 in New York State Supreme Court in Manhattan and will be sentenced on September 22, according to electronic court records. The former manager had pleaded not guilty in May 2008 to charges of grand larceny and scheming to defraud. He spent the money on a Porsche, an Aston Martin, Rolex watches and a trip to Africa, prosecutors said. Brean Murray was a Manhattan-based securities and banking firm. Source: http://www.bloomberg.com/apps/news?pid=20601103&sid=a_EpU1vUzeeg&refer=us


15. May 1, CNN Money – (Georgia; New Jersey; Utah) Three more banks fail. The Federal Deposit Insurance Corp. said in a statement that it created a bridge bank to take over the operations of Silverton Bank, National Bank, headquartered in Atlanta. Unlike the other 30 banks that have failed so far in 2009, Silverton Bank did not take deposits directly from the general public or make loans to consumers. Instead, it was a “bankers’ bank,” offering a wide variety of services, such as foreign wire transfers, as well as clearing and cash management, to other banks. Silverton was cooperatively owned by community banks throughout the Southeast and was heavily invested in loans to real estate developments in Florida, Georgia, and other parts of the Southeast, according to the managing principal of financial firm FIG Partners LLC based out of Atlanta, Georgia. State regulators shut down Citizens Community Bank on May 1, and named the FDIC as the receiver. The Ridgewood, New Jersey-based bank had total assets of approximately $45.1 million and total deposits of $43.7 million as of December 31. North Jersey Community Bank of Englewood Cliffs, New Jersey has agreed to assume all of the deposits of the failed bank. The failed bank’s single office will reopen on May 4 as the North Jersey Community Bank. On May 1 the FDIC also became the receiver of America West Bank, after the Utah regulators closed the institution. The Layton, Utah-based bank had total assets of approximately $299.4 million and total deposits of $284.1 million as of Dec. 31. Cache Valley Bank, based in Logan, Utah, is assuming all deposits, paying discounted price of $352,000. It also agreed to buy nearly $11 million worth of America West’s assets and took a 30-day option to purchase loans at book value. The FDIC estimates that the cost to the Deposit Insurance Fund will be $119.4 million. America West’s three branches will reopen on May 4 as Cache Valley Bank outposts. Source: http://money.cnn.com/2009/05/01/news/companies/bank_failure/?postversion=2009050120


16. May 1, CBS News – (National) USPS probes security breach. CBS News has learned of another data breach potentially compromising the personal information of thousands of people. Companies Lexis Nexis and Investigative Professionals have notified up to 40,000 people whose “sensitive and personally identifiable” information may have been viewed by individuals who should not have had access. The United States Postal Inspection Service is investigating a data breach at both companies that resulted in sensitive information being used in a crime. Those individuals have been notified. Sources tell CBS News that the data breach is linked to a Nigerian Scam artist who used the information to incur fraudulent charges on victims’ credit cards. A spokesman for the Postal Inspectors Service said that of the 40,000 individuals whose information was accessed, up to 300 were compromised and used to obtain fraudulent credit cards. In a letter sent to those whose personal information was compromised, Lexis Nexis said that the unauthorized access took place between June 14, 2004 and October 10, 2007 and the private information viewed included names, dates of birth and possibly even social security numbers It also cautions customers to review their credit reports for any inaccuracies, to report any errors or suspicious activity to creditors as soon as possible, and to contact the United States Postal Service if they believe their personal information may have been compromised. Source: http://www.cbsnews.com/stories/2009/05/01/cbsnews_investigates/main4982989.shtml


Information Technology


42. May 2, PC World – (International) Disable Javascript for safety, Adobe Advises. Adobe Systems Inc. the week of April 27 acknowledged that all versions of its popular PDF software, including editions for Windows, the Mac and Linux, contain at least one, and possibly two, critical vulnerabilities. “All currently supported shipping versions of Adobe Reader and Acrobat, [versions] 9.1, 8.1.4, and 7.1.1 and earlier, are vulnerable to this issue,” said the company’s security program manager, in a blog entry on April 28. The manager was referring to a bug in Adobe’s implementation of JavaScript that went public on April 28. “Adobe is also currently investigating the issue posted on SecurityFocus as BID 34740,” he added. That “Bugtraq ID,” or BID number has been assigned to a second JavaScript vulnerability in Adobe’s Reader. Proof-of-concept attack code for both bugs has already been published on the Web. According to the manager, Adobe will patch Reader and Acrobat, though he did not spell out a timetable for the fixes. “We are working on a development schedule for these updates and will post a timeline as soon as possible,” he said. In lieu of a patch, the manager recommended that users disable JavaScript in Reader and Acrobat by selecting Preferences from the Edit menu, choosing “JavaScript,” then unchecking the “Enable Acrobat JavaScript” option. That recommendation is identical to what he offered two months ago when Adobe owned up to a different critical vulnerability, one that was already being used by attackers at the time. Source: http://www.pcworld.com/businesscenter/article/164253/disable_javascript_for_safety_adobe_advises.html

Communications Sector

43. May 1, Verizon Wireless – (Florida) Verizon Wireless fine tunes Florida network for 2009 hurricane season. Verizon Wireless announced May 1 that it has completed its network preparations for the 2009 Hurricane Season. To ensure Floridians have comprehensive, reliable wireless coverage in case of severe weather, the company has invested nearly $190 million since the start of last year’s Hurricane Season to strengthen and enhance its wireless network throughout the state. Highlights of these enhancements include expanding capacity in the company’s regional switching facilities throughout Florida, erecting new digital cell sites with on-site back-up power, and deploying a team of “test men” across the state in high-tech vehicles to fine tune the company’s network. The company has a fleet of Cells on Wheels (COWs), Cells on Light Trucks (COLTs), and Generators on Trailers (GOaTs) that can be rolled into hard-hit locations or areas that need extra network capacity. Source: http://www.yourcommunicationnews.com/verizon+wireless+fine+tunes+florida+network+for+2009+hurricane+season_31261.html

Department of Homeland Security Daily Open Source Infrastructure Report

Monday, May 4, 2009

Complete DHS Daily Report for May 4, 2009

Daily Report

Top Stories

 According to the Anchorage Daily News, Trident Seafoods Corp. has agreed to pay the U.S. Environmental Protection Agency more than $112,000 for failing to properly report its storage of thousands of pounds of ammonia at three of its Alaska plants as well as at a Seattle plant. (See item 22)


22. April 30, Anchorage Daily News – (Alaska; Washington) Trident agrees to $112,000 fine. One of Alaska’s biggest seafood processors has agreed to pay more than $112,000 for failing to properly report its storage of a toxic gas at three of its Alaska plants as well as at a Seattle plant. Trident Seafoods Corp. agreed to pay the U.S. Environmental Protection Agency $61,354 for violating federal law by not reporting thousands of pounds of ammonia, implicated in many leaks and dangerous explosions, to emergency planners. The company also agreed to provide more than $51,000 in emergency equipment to accident responders in Kodiak and Akutan. The Alaska violations occurred at Trident’s Kodiak, Akutan and Petersburg plants in 2006, according to the federal consent order Trident signed in April. Ammonia is often used in refrigeration at food plants and on fishing boats, and leaks over the past few years have caused evacuations at Alaska fish plants. Source: http://www.adn.com/news/alaska/story/779612.html


 The Washington Post reports that two Montgomery County, Maryland teenagers have been charged with arson and conspiracy to commit murder in an alleged plot to kill the principal at their White Oak high school with a nail-filled bomb and then trigger a major explosion inside the school, authorities said on April 29. (See item 34)


34. April 30, Washington Post – (Maryland) 2 students charged with explosion, slaying plot. Two Montgomery County, Maryland teenagers have been charged with arson and conspiracy to commit murder in an alleged plot to kill the principal at their White Oak high school with a nail-filled bomb and then trigger a major explosion inside the school, authorities said April 29. The Springbrook High School students are suspected of having set three fires at the school, including one April 28 before the discovery of the plot that led to their arrests, police said. According to police, the students planned “in the near future” to throw the bomb into the principal’s office, and then puncture a gas pipe in the school’s auditorium and use an incendiary device to set off an explosion. The Montgomery Police Chief said investigators think the students “really had an intention of doing this.” “They were surely doing things that made one believe they were going to try,” he said. Over the past month, the students “constructed and experimented with several different incendiary devices,” said a police spokesman. They had also attempted to puncture pipes in the boys’ locker room to determine whether they were gas lines, he said. Each is charged with conspiracy to commit first-degree murder, three counts of first-degree arson and other offenses. They were scheduled to appear in court for bond hearings April 30. Source: http://www.washingtonpost.com/wp-dyn/content/article/2009/04/29/AR2009042902520.html?hpid=moreheadlines


Details

Banking and Finance Sector

14. May 1, Indiana Star – (Indiana) Feds charge 7 in $19.7M Central Indiana mortgage scam. Federal investigators say they have cracked a massive mortgage fraud scheme in Central Indiana: a sprawling web of forged documents, inflated property values and fraudulent loans adding up to nearly $20 million. Three people were charged on April 30 with wire fraud and money laundering, and four with conspiracy to commit wire fraud and money laundering. If convicted, each faces 15 to 30 years in prison and fines of $1 million. The scheme, involving 149 loans worth $19.7 million, led to the foreclosures of 97 Eastside homes in Windsor Village, where duplexes were sold at the inflated price of $120,000 each, only to be foreclosed when no payments were made. Many were later resold for $3,500 to $15,000 apiece. The scheme took place from 2003 to 2005, according to the U.S. attorney for the Southern District of Indiana. He called it the largest fraud case his department has handled in the past decade. Source: http://www.indystar.com/article/20090501/NEWS02/905010335


15. April 30, Financial Advisor – (California) Beverly Hills fund scam nets $38M. The Securities and Exchange Commission has shut down two Beverly Hills hedge funds that allegedly used a web of lies to raise $38 million from 20 investors. The funds lost millions of dollars over the years and had less than $650,000 in assets at the end of 2008, but the key figure in the scheme doctored the funds’ account statements, bragging of more than $800 million in assets and annual returns of between 15 percent and 60 percent, according to the SEC. He convinced one prospect to invest in the funds by falsely claiming the funds’ investors included a member of the Milken Family Foundation and the CEO of Oracle Corp., according to the SEC. The lies also included claims that the funds held positions in companies such as Apple, Microsoft Corp. and Wal-Mart Stores, according to the SEC. The funds, Ruderman Capital Partners and Ruderman Capital Partners A, has been taking investors funds since at least 2002, according to SEC, with two investors putting $1 million into the funds as recently as January, money that was used by the mastermind to make a “Ponzi-like” payment to an investor who requested a $750,000 withdrawal. The scheme collapsed in April when the mastermind’s attorney sent a letter to investors stating that “there is currently very little value in the assets held by the [funds],” according to the SEC. As of March 31, 2009, the funds had total remaining assets of about $387,000, according to the SEC complaint. Source: http://www.fa-mag.com/fa-news/4122-beverly-hills-fund-scam-nets-38m.html


16. April 30, MarketWatch – (National) Senate rejects bill to modify troubled homeowner loans. A controversial provision that would allow bankruptcy judges to modify mortgages for troubled homeowners was rejected by the Senate on April 30. The provision, known as “cram-down,” failed on a vote of 51-45. A similar measure was approved by the House earlier this year. Citigroup Inc. endorsed a version of the measure earlier this year that would have allowed bankruptcy judges to modify loans that existed prior to the measure becoming law. However, since then most other financial institutions have lobbied furiously on Capitol Hill to make sure it was not adopted. The provision, would have allowed bankruptcy judges to rewrite the terms of a mortgage contract by changing interest rates or extending the loan payment periods. The rejection is a setback for the U.S. Presidential Administration, which endorsed it. A similar measure was removed from a $700 billion bank bailout bill approved by Congress in October with the expectation by many Senators that lawmakers would return to approve it at a later date. The American Bankers Association, which had lobbied heavily on Capitol Hill against the measure, was satisfied with the result. Source: http://www.marketwatch.com/news/story/senate-rejects-controversial-cramdown-measure/story.aspx?guid={2CFA8AA2-A7FD-4606-B945-A0323284741F}&dist=msr_1


17. April 30, Computerworld – (International) New standard for encrypting card data in the works; backers include Heartland. The same organization that led the development of security standards for payment-card magnetic stripe data and PIN-based transactions will soon begin work on a new specification for encrypting cardholder data while it is in transit between systems during the transaction process. And among the companies in the forefront of the effort is Heartland Payment Systems Inc., the Princeton, New Jersey-based payment processing firm that announced in January what some analysts think could end up being the largest data breach involving credit-card information thus far. The Accredited Standards Committee X9, which is accredited by the American National Standards Institute, is set to launch an initiative formally known as the Sensitive Card Data Protection Between Device and Acquiring System program. ASC X9 develops and maintains numerous standards for the financial services industry in the United States, and participants said the week of April 27 that the goal of the new effort is to develop a data encryption standard to protect information from the moment a card is swiped at a payment register to the end of the transaction chain at a so-called acquiring bank. The need for such “end-to-end” protection has become increasingly apparent within the payment card industry in the wake of the continuing breaches at companies such as Heartland and RBS WorldPay Inc., another payment processor that disclosed a system intrusion last December. But while proprietary tools are available from a few vendors for achieving that type of protection, there currently is no standard approach, said the director of security engineering at ACI Worldwide Inc., a vendor of payment processing software in New York. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9132420&intsrc=news_ts_head


Information Technology


39. May 1, eWeek – (International) Facebook targeted in spam scam. The popular social networking site Facebook successfully fought off an attack from a piece of malware on April 30, the second attack this week. Facebook, which claims 200 million users, said the phishing scam tricked users into clicking on a link in the messages inbox that took them to a false Facebook Website here cyber-criminals were able to access their login information. The company said on April 30 it was able to shut down the two malicious links at the core of the attack, fbstarter.com and fbaction.net. Facebook said it is also in the process of removing messages that refer to the link, which tricks users with the message “Look at this!” as well as resetting passwords for affected members. The April 29 attack, a similar worm, directed users to the site BAction.net. In the wake of the attacks, Facebook and brand protection firm MarkMonitor announced that Facebook is using MarkMonitor’s AntiFraud Solutions to supplement Facebook’s own in-house security efforts in protecting users against malware attacks. Facebook, which already uses MarkMonitor AntiFraud Solutions to help combat phishing attacks, is expanding its use of MarkMonitor to further protect Facebook and its users from ongoing malware attacks. A Facebook threat analyst said the company’s deep commitment to the safety of its millions of users requires a strong, proactive security strategy, best-of-breed technology and active engagement with industry leaders. “MarkMonitor demonstrated that it understood the complexity of the phishing issue we were facing so it was a natural next step for us to bolster our own security systems with their anti-malware solution,” he said. Source: http://www.eweek.com/c/a/Midmarket/Facebook-Targeted-in-Spam-Scam-603252/


40. May 1, American Free Press – (International) Cyber crooks churning out trick flu emails. Cyber crooks are capitalizing on influenza fears with torrents of email promising “swine flu” news but delivering malware or dubious offers for potency drugs or penis enlargement. An alert posted on April 30 at the U.S. Food and Drug Administration also warns that scammers have launched websites hawking bogus products “that claim to prevent, treat, or cure” the H1N1 flu virus. The FDA said it is “informing offending websites that they must take prompt action to correct and/or remove promotions of these fraudulent products or face immediate enforcement action.” “Zombie” computers infected with a dreaded Conficker virus that became an online scourge this year are among machines being used to spew flu spam crafted to trick email recipients, according to computer security firm Trend Micro. “The thing making it worse is the misinformation out there about swine flu,” a Trend Micro threats research manager said April 30. “These guys have picked up on all the fears people have. With all the hysteria of swine flu, some people click on these emails.” Subject boxes of spam email feature lines such as “Swine Flu Outbreak!” and “Madonna Catches Swine Flu!” in order to grab people’s interest, a tactic referred to by hackers as “social engineering.” Source: http://www.google.com/hostednews/afp/article/ALeqM5jS9HKAwJcLh5wRxYV1KGlBog3ygQ


41. April 30, HS Daily Wire – (National) Experts: U.S. military’s cyberwar rules “ill-formed.” An experts panel criticized U.S. plans for cyberwarfare as “ill-formed,” “undeveloped,” and “highly uncertain”; as a result, many nuances of cyberwar have remained poorly understood, even as the military actively prepares for it. The U.S. government has yet to form a coherent policy for engaging in warfare that involves attacks on a country’s electrical power grids and other critical infrastructure, according to a non-profit group of scientists and policy advisers. They called on policy makers to actively forge rules for how and when the military goes about mounting offensive and defensive acts of cyber warfare. “The current policy and legal framework for guiding and regulating the U.S. use of cyberattack is ill-formed, undeveloped, and highly uncertain,” the report, published by the National Academy of Sciences, states. “Secrecy has impeded widespread understanding and debate about the nature and implications of U.S. cyberattack.” The many nuances of cyberwar have remained poorly understood, even as the military actively prepares for it. They include the high degree of anonymity of those who carry out such attacks, making it hard to identify those who perpetrate them. Such attacks also result in much more uncertain outcomes than traditional warfare, making it hard to predict success and collateral damage. Source: http://www.hsdailywire.com/single.php?id=7889

Communications Sector

42. April 30, HS Daily Wire – (International) Making quantum cryptography’s promise a reality. Quantum cryptography, in theory, is a completely secure means of communication. It is now much closer to being used practically as researchers from Toshiba and Cambridge University’s Cavendish Laboratory have developed high speed detectors capable of receiving information with much higher key rates, thereby able to receive more information faster. The journal paper, “Practical Gigahertz Quantum Key Distribution Based on Avalanche Photodiodes,” as part of New Journal of Physics’ “Focus Quantum Cryptography: Theory and Practice” issue, details how quantum communication can be made possible without having to use cryogenic cooling or complicated optical setups, making it much more likely to become commercially viable soon. Source: http://www.hsdailywire.com/single.php?id=7883 See also: http://www.iop.org/EJ/abstract/1367-2630/11/4/045005