Monday, July 6, 2009

Complete DHS Daily Report for July 6, 2009

Daily Report

Top Stories

 According to the Associated Press, fire department officials say a New York City ferry boat hit a Staten Island pier while docking on July 1, injuring 14 people. (See item 17)

17. July 1, Associated Press – (New York) 14 injured when Staten Island ferry hits pier. Fire department officials say a New York City ferry boat has hit a pier while docking, injuring 14 people. The injuries are minor. The fire department says it appears the boat lost power before hitting the Staten Island dock the evening of July 1. There is no damage to the boat but some damage to the pier. The Staten Island Ferry has nine vessels that carry commuters between Staten Island and lower Manhattan. Source:

 The Associated Press reports that at least 12 people have been hospitalized in connection with a possible E. coli outbreak in beef suspected of having sickened people in nine states, federal health officials said on July 1. The victims may have become ill after eating beef produced by JBS Swift Beef Co. of Greeley, Colorado. (See item 21)

21. July 1, Associated Press – (National) 12 hospitalized in connection with E. coli in beef. At least 12 people, two of them suffering kidney failure, have been hospitalized in connection with a possible E. coli outbreak in beef suspected of having sickened people in nine states, federal health officials said on July 1. The victims may have become ill after eating beef produced by JBS Swift Beef Co. of Greeley, Colorado, the Centers for Disease Control and Prevention (CDC) reported. The number of people reported ill so far is 23. The company recalled about 380,000 pounds of beef on June 28 after some illnesses were reported and a government investigation showed a possible connection to the company’s product. That recall expanded a June 24 recall of just over 41,000 pounds. The CDC said health officials in several states investigating the strain of E. coli found that most ill persons had consumed ground beef, and many reported that it was undercooked. Ground beef with the strain of E. coli was obtained from the home of one person infected. “At least some of the illnesses appear to be associated with products subject to these recalls,” the CDC said in a statement on its Web site. Wisconsin and Michigan appear to be the hardest hit by the outbreak so far, with six ill people in each state identified by the CDC. Other cases were reported in California, Maine, Minnesota, New Hampshire, New Jersey, New Mexico and New York. Source:


Banking and Finance Sector

9. July 2, ABC News – (International) Fake plastic scam foiled, 23 arrests. Twenty-three people have been arrested in Melbourne, Sydney and Spain over a huge credit card scam that police say has cost the Australian economy close to $5 million. The federal police say the group was run out of Sydney and spent about $6 million on 1,200 fake credit cards since March 2009. They say the group made and distributed more than 200 fake credit cards a week. After investigating since December, officers carried out 11 raids in Sydney and Melbourne on July 1 and allegedly uncovered credit card making facilities. Five men were arrested in Sydney, as well as a man and a woman in Melbourne. Among them was a 53-year-old from Homebush Bay, in western Sydney, who police say was running the syndicate. The ringleader allegedly obtained credit card numbers stolen from people in Spain, the United Kingdom, and Malaysia, using skimming machines at ATMs and online. Police say he then passed the details onto a 35-year-old in Potts Point, in inner Sydney, who made credit cards using fake names. Police say the ringleader handed the credit cards on to 11 people in Sydney and Melbourne, who were directed to buy about $500,000 worth of goods per week, including gift cards, electronics, phone cards, stamps, cigarettes and alcohol. Officers say the goods were then sold overseas, and the shoppers were given a percentage of the value of the goods they bought. Source:

10. July 2, United Press International – (New York) Five SEC investigations missed Madoff. The U.S. Securities and Exchange Commission failed to uncover the largest Ponzi scheme in history on five occasions in 20 years, a source close to the agency said. The perpetrator of the Ponzi scheme was sentenced on June 29 to 150 years in prison after pleading guilty to 11 counts of fraud. The SEC is investigating how it may have missed detecting the massive fraud that may have lost as much as $50 billion, the Washington Post reported on July 1. On one occasion in 2004, the SEC investigator in the Office of Compliance Inspections and Examinations warned supervisors that the perpetrator’s paperwork and electronic data were full of irregularities. She took her concerns to her supervisor, who was working under the assistant director of the department. The assistant director, who is no longer with the SEC, later married the perpetrator’s niece. The investigator’s claims turned out to be consistent with the case the Justice Department eventually brought against the perpetrator. When the investigator brought her concerns to her supervisor, however, he directed her to concentrate on an investigation of mutual funds, which was a pressing need at the time. Source:

11. July 2, New York Times – (National) FDIC to issue private equity deal rules. The Federal Deposit Insurance Corporation (FDIC) plans to issue new rules that could make it slightly easier for private equity firms to buy failed banks, the New York Times reported, citing people familiar with the agency’s deliberations. Under a directive to be issued on July 1, the agency is expected to demand that investment firms like the Carlyle Group or Kohlberg Kravis Roberts provide follow-up support to the banks they acquire if the banks get into more trouble and need additional capital. The new rules represent a difficult balancing act for the FDIC, which is responsible for protecting depositors from losses. On the one hand, government officials have been eager to recruit private investors and stretch out the limited money that Congress has approved for bailing out troubled financial institutions. On the other hand, bank regulators remain leery about letting comparatively high-risk investor groups take control of banks with billions of dollars in government-guaranteed deposits. Source:

12. July 1, San Francisco Business Times – (International) Stanford Financial Group CFO to plead guilty. Stanford Financial Group’s chief financial officer will plead guilty to three criminal counts for his part in an alleged $7 billion Ponzi scheme, according to news reports. Bloomberg reported that the CFO’s attorney said in a statement that the CFO will continue to cooperate with the investigation and “assist the prosecution’s attempts to find the billions that Stanford Financial Group’s chairman sent to Switzerland and other banks in Europe.” The CFO headed up the Memphis and Tupelo, Mississippi, offices for Stanford Financial Group’s chairman. The Baldwyn, Mississippi, native was a college friend of Stanford’s chairman and had been with the company for more than 20 years. The Stanford Financial Group chairman’s chief investment officer, also a native of Baldwyn, worked from the Tupelo and Memphis offices and has pleaded not guilty. In April, the CFO agreed to cooperate with federal investigations, and was charged separately from the Houston company’s chief executive officer who on June 30 was denied bail and will remain in jail until his trial, set for August 25. Source:

Information Technology

35. July 2, IDG News Service – (International) Apple patching serious SMS vulnerability on iPhone. Apple is working to fix an iPhone vulnerability that could allow an attacker to remotely install and run unsigned software code with root access to the phone. The attack in question exploits a weakness in the way iPhones handle text messages received via SMS (Short Message Service), said a security researcher, during a presentation at the SyScan conference in Singapore on July 2. He did not provide a detailed description of the SMS vulnerability, citing an agreement with Apple. The SMS vulnerability allows an attacker to run software code on the phone that is sent by SMS over a mobile operator’s network. The malicious code could include commands to monitor the location of the phone using GPS, turn on the phone’s microphone to eavesdrop on conversations, or make the phone join a distributed denial of service attack or a botnet, the researcher said. Apple is working to patch the vulnerability and expects to have a fix ready later this month, before the researcher discusses the attack in greater detail during a planned presentation at the Black Hat USA conference in Las Vegas. Source:

36. June 30, Federal Computer Week – (National) Cyber command in urgent need of strategy, military leaders say. Military leaders from the Army, Navy, Air Force and Marine Corps expect the Defense Department’s new unified Cyber Command to rationalize military cybersecurity efforts. However, at the same time, the increasing complexity of cyberspace and ongoing workforce issues remain pressing challenges, adding urgency, they said, for the new command to articulate its strategy soon. “We made conscious decision a year ago, knowing Cybercomm was coming, to [ensure the Army’s] direction was in sync with expected plans — and wait for the guidance,” said the Army’s assistant deputy chief of staff. “Now that [the Cyber Command] is here, my sense is now is the right time to move forward,” the assistant deputy added. But he cautioned it will be important to “get guidance from Cyber Command” soon, in terms of “what are the definitions, what are the forces and the structure, and not get ahead of that and create more confusion.” The assistant deputy, speaking at a cybersecurity conference held in Washington by the D.C. chapter of the Armed Forces Communications and Electronics Association June 25, noted that cyberspace has become a complex operating environment that requires increasingly sophisticated skills. Source:

37. June 30, DarkReading – (International) ‘Mafiaboy’: cloud computing will cause Internet security meltdown. A reformed black-hat hacker, better known as the 15-year-old “mafiaboy” who, in 2000, took down Websites CNN, Yahoo, E*Trade, Dell, Amazon, and eBay, says widespread adoption of cloud computing is going to make the Internet only more of a hacker haven. “It will be the fall of the Internet as we know it,” the hacker said on June 30 during a Lumension Security-sponsored Webcast event. “You’re basically putting everything in one little sandbox…it’s going to be a lot more easy to access,” he added, noting that cloud computing will be “extremely dangerous. This is not the last you’re going to hear of this,” he said. A security and forensics expert for Lumension says cloud computing, indeed, will open up new avenues of risk. “We haven’t even handled the fundamentals of [securing it] in our existing environments,” the expert said during an interview after the Webcast. “Now we’re going to push it up to the cloud?” “Aside from the fact that the fundamental protocols are easily manipulated…social networking and dumpster diving have been going on a long time and are still extremely effective. The scariest aspect for business owners is their own employees compromising [them],” the hacker said. “Dumpster diving, social networking, and internal corporate sabotage will be the No. 1 threat. It’s imperative that corporations take a closer look at their employees.” Source:

For another story, see item 38 below

Communications Sector

38. July 1, The Register – (International) Torrentreactor breach serves potent exploit cocktail. Torrentreactor has long been regarded as one of the top bit torrent search engines, and with the demise of The Pirate Bay, it is likely bigger than ever. Now, it has been breached and is serving a potent cocktail of exploits to people browsing the site, Websense Security Labs says. Attackers have managed to inject an iframe into the site that scours Torrentreactor visitors’ computers from a long list of vulnerable applications, including Adobe’s Reader and Shockwave programs and Microsoft’s Internet Explorer and Office Snapshot Viewer. When it finds one, it downloads and runs a malicious file. According to Websense, the malware has an extremely low detection rate, with just two of 32 anti-virus engines identifying the threat. Once executed, it installs a rootkit on victims’ machines. This is not the first time that security researchers have reported Torrentreactor is foisting malware on its users. In March 2008, the site suffered a similar iframe attack. The malicious file in the latest compromise communicates with a server at, an IP address that Web searches suggest has ties to the Russian Business Network. Source:

39. July 1, Associated Press – (International) Satellite for U.S. cell phone service launched. The world’s largest commercial satellite was launched into space on June 30, with a mission to provide phone service to cellular “dead zones” in North America. The satellite, owned by TerreStar Corp. of Reston, Virginia, blasted off from Kourou in the South American territory of French Guiana shortly before 2 p.m. Eastern time, carried through pink clouds. Half an hour later, French satellite launcher Arianespace announced that the TerreStar-1 had separated successfully from the rocket, on its way to an orbit 22,000 miles above the Earth. There, the satellite is designed to unfurl an umbrella-like antenna of gold mesh 60 feet across, so it can pick up and relay signals from phones that are not much larger than regular cell phones. TerreStar has shown prototypes of the phones, which are similar to BlackBerrys, and like them, would have access to data and e-mail. The phones are not on sale yet. TerreStar plans to have the system running before the end of the year. To connect to the satellite, the handsets will need a clear view of the southern sky, just like a satellite dish. When that is not available, the sets will be able to connect to regular ground-based cellular networks. TerreStar has a roaming agreement with AT&T Inc. The TerreStar-1 satellite, built by Loral Space & Communications Ltd., was originally scheduled to launch in 2007, but was delayed several times because of manufacturing problems. The satellite is due to be followed by two similar, even larger ones from a competitor, SkyTerra Communications Inc., next year. Source: