Department of Homeland Security Daily Open Source Infrastructure Report

Friday, October 9, 2009

Complete DHS Daily Report for October 9, 2009

Daily Report

Top Stories

 The FBI announced that 100 people have been indicted in an investigation conducted in the United States and Egypt that uncovered a sophisticated “phishing” operation that fraudulently collected personal information from thousands of victims that was used to defraud American banks. It is the largest number of defendants ever charged in a cyber crime case. (See item 13)


13. October 7, Federal Bureau of Investigation – (International) One hundred linked to international computer hacking ring charged by the United States and Egypt in Operation Phish Phry. The largest number of defendants ever charged in a cyber crime case have been indicted in a multinational investigation conducted in the United States and Egypt that uncovered a sophisticated “phishing” operation that fraudulently collected personal information from thousands of victims that was used to defraud American banks. Authorities in several United States cities arrested 33 of 53 defendants named in an indictment returned last week by a federal grand jury in Los Angeles. Several defendants charged in the indictment are being sought on October 7 by law enforcement. Additionally, authorities in Egypt have charged 47 defendants linked to the phishing scheme. Operation Phish Phry marks the first joint cyber investigation between Egyptian law enforcement authorities and United States officials, which include the FBI, the United States Attorney’s Office, and the Electronic Crimes Task Force in Los Angeles. Phish Phry also marks the largest cyber crime investigation to date in the United States. Operation Phish Phry commenced in 2007 when FBI agents, working with United States financial institutions, took proactive steps to identify and disrupt sophisticated criminal enterprises targeting the financial infrastructure in the United States. Intelligence developed during the initiative prompted the FBI and Egyptian authorities to agree to pursue a joint investigation into multiple subjects based in Egypt after investigators in both countries earlier this year uncovered an international conspiracy allegedly operating an elaborate scheme to steal identities through a method commonly called “phishing.” The group is accused of conspiring to target American-based financial institutions and victimize an unknown number of account holders by fraudulently using their personal financial information. The 51-count indictment accuses all of the defendants with conspiracy to commit wire fraud and bank fraud. Various defendants are charged with bank fraud; aggravated identity theft; conspiracy to commit computer fraud, specifically unauthorized access to protected computers in connection with fraudulent bank transfers and domestic and international money laundering. Source: http://losangeles.fbi.gov/pressrel/2009/la100709.htm


 According to the Associated Press, scuffles erupted at downtown Detroit’s Cobo Center as several thousand residents jockeyed, pushed, and shoved Wednesday to get free money being offered to only 3,500 of the city’s recently or soon to be homeless. Members of the Detroit Police Department’s Gang Squad and other tactical units were called in for crowd control. (See item 36)


36. October 7, Associated Press – (Michigan) Thousands mob Detroit center in hopes of free cash. Scuffles erupted as several thousand Detroit residents jockeyed, pushed and shoved Wednesday to get free money being offered to only 3,500 of the city’s recently or soon to be homeless. Several received medical treatment for fainting or exhaustion while frantically trying to obtain the applications for federal housing assistance. The long lines and short tempers highlighted the frustration and desperation that Detroit residents feel struggling through an economic nightmare. The line around Cobo Center, a downtown convention center, started forming well before daybreak. Anger flared within a few hours as more people sought out a dwindling number of applications for the program. Members of the Detroit Police Department’s Gang Squad and other tactical units were called in for crowd control. Several people reportedly passed out from exhaustion and had to be treated by emergency medical personnel. Some minor injuries were reported, and no arrests were made. “It’s a sign of the times, and we can’t deny we have people here who are in need,” said the communications director for Detroit’s mayor. “It’s scary and very disappointing. It also shows a need for redirection for our city.” The city distributed more than 50,000 applications for the Homelessness Prevention and Rapid Re-Housing program over the past several days before running out Wednesday morning. Only 3,500 people who qualify will receive the money — a maximum $3,000 per applicant, the communications director said. Source: http://www.google.com/hostednews/ap/article/ALeqM5jMf-Peoqc-Aa8Tr2VSC2VIH3qY6gD9B6HC880


Details

Banking and Finance Sector

13. October 7, Federal Bureau of Investigation – (International) One hundred linked to international computer hacking ring charged by the United States and Egypt in Operation Phish Phry. The largest number of defendants ever charged in a cyber crime case have been indicted in a multinational investigation conducted in the United States and Egypt that uncovered a sophisticated “phishing” operation that fraudulently collected personal information from thousands of victims that was used to defraud American banks. Authorities in several United States cities arrested 33 of 53 defendants named in an indictment returned last week by a federal grand jury in Los Angeles. Several defendants charged in the indictment are being sought on October 7 by law enforcement. Additionally, authorities in Egypt have charged 47 defendants linked to the phishing scheme. Operation Phish Phry marks the first joint cyber investigation between Egyptian law enforcement authorities and United States officials, which include the FBI, the United States Attorney’s Office, and the Electronic Crimes Task Force in Los Angeles. Phish Phry also marks the largest cyber crime investigation to date in the United States. Operation Phish Phry commenced in 2007 when FBI agents, working with United States financial institutions, took proactive steps to identify and disrupt sophisticated criminal enterprises targeting the financial infrastructure in the United States. Intelligence developed during the initiative prompted the FBI and Egyptian authorities to agree to pursue a joint investigation into multiple subjects based in Egypt after investigators in both countries earlier this year uncovered an international conspiracy allegedly operating an elaborate scheme to steal identities through a method commonly called “phishing.” The group is accused of conspiring to target American-based financial institutions and victimize an unknown number of account holders by fraudulently using their personal financial information. The 51-count indictment accuses all of the defendants with conspiracy to commit wire fraud and bank fraud. Various defendants are charged with bank fraud; aggravated identity theft; conspiracy to commit computer fraud, specifically unauthorized access to protected computers in connection with fraudulent bank transfers and domestic and international money laundering. Source: http://losangeles.fbi.gov/pressrel/2009/la100709.htm


Information Technology


31. October 7, Infosecurity.com – (International) SSE 2009: Geographically targeted attacks could be future of social network threats. Just as social networks such as Facebook are seeing advertisement targeted depending on users’ settings and geographical location, so could malware and other threats be targeted specifically, said a senior security researcher at Kaspersky Lab, Romania, at the ISSE 2009 conference on October 7. He told the audience that messages on social networks could read along the lines of “a bomb has just gone off in xxx”, where the location is filled in on a city near the user based on geographical IP information. The researcher said it is only a matter of time before these targeted attacks will become automated. The same logic of fooling victims by using geographical information is being used by Nigerian phishing scammers that use translation software to target potential victims in their own language. In the ISSE 2009 presentation, the researcher demonstrated the increasing popularity, and importance placed on, social networks and how this makes them attractive to cybercriminals. Recently, Facebook reached over 300 million users world wide, and with such a wide user base, social networks become more and more attractive to malware writers and cybercriminals. According to Kaspersky figures, there were 43 000 samples of social networking malware at the end of 2008 and the number more than doubled every year. A particular trait of social networking malware is that it tends to exploit the human factor luring users to infect their own computers. Source: http://www.infosecurity-magazine.com/view/4412/isse-2009-geographically-targeted-attacks-could-be-future-of-social-network-threats/


32. October 6, Philadelphia Legal News Examiner – (National) FBI issues fraudulent email warnings. On October 5, 2009, the FBI’s cyber investigations unit released warnings to the public concerning three fraudulent emails currently making the rounds on the Internet. The first email, which has been circulating since August 15, 2009, is titled “New Patterns in Al-Qaeda Financing” and has the subject title “Intelligence Bulletin No. 267.” It has also an attachment, “bulletin.exe” that if opened, may contain files which are harmful to the recipient’s computer or may try to obtain user credentials. The second fraudulent email purportedly comes from the Department of Homeland Security and the FBI’s counterterrorism division and has as a subject line “New DHS Report.” It also has been circulating since August 15, 2009 and claims to contain via an attachment an audio speech by “Usama Bin Laden.” If opened, the attachment, “audio.exe” contains malicious software that will try to obtain information from the recipient’s computer. The final email claims to be a report from the FBI’s “Weapons of Mass Destruction Directorate.” It contains an attachment, “reports.exe” that, if opened, could execute trojan software related to ‘W32.Waledac” that is designed to steal user authentication credentials or send out spam. The public is advised not to click on these emails or anything similar as they are hoaxes. Source: http://www.examiner.com/x-15953-Philadelphia-Legal-News-Examiner~y2009m10d6-FBI-issues-fraudulent-email-warnings


33. October 6, IndiaDaily – (International) More than 150,000 Indian paramilitary troops ready to fight terrorists if they attack IT outsourcing firms. Software exporters have bolstered security due to concerns that militants might target their headquarters as symbols of the country’s economic success and to deter foreign investors. India’s nerve center of the nation’s $60 billion outsourcing industry that runs services from software coding to managing computer networks and call centers are the recent targets of Pakistani and Bangladeshi terrorists. But Indian CISF (Central Industrial Security Force) is waiting for the terror operators. The CISF has 112,000 personnel manning nearly 300 public spaces, and will recruit about 10,000 every year, a CISF spokesman said. The CISF will first consider applications from critical sectors such as software and oil and gas, including Reliance Industries’ Jamnagar refinery complex, the world’s largest. Paramilitary troops in combat fatigues will reassure foreign investors, although some experts say that it will extend the CISF’s manpower resources and that the government should instead better train police and allow more private security firms. Source: http://www.indiadaily.com/editorial/20954.asp

Communications Sector

34. October 8, RTT News – (National) FCC Chairman Genachowski outlines plan to address spectrum crisis. The Federal Communications Commission, or FCC, chairman stated on October 7 at the International CTIA Wireless I.T. & Entertainment conference in San Diego, California that no sector of the communications industry other than mobile holds greater potential to enhance America’s economic competitiveness, spur job creation, and improve the quality of lives. He also laid out a plan to drive wireless growth and prevent spectrum crisis. According to the chairman, in recent years, the wireless sector has averaged a 16% annual rate of growth. The wireless industry needs to continue driving economic growth and job creation, he noted. He also said that his goals with regard to mobile are fostering innovation and investment, promoting competition, empowering and protecting consumers. He also outlined a four-part ‘Mobile Broadband Agenda’ to promote a world-leading wireless landscape in the US. The plan involves unleashing spectrum for 4G broadband, removing obstacles to 4G deployment like delays in tower siting, developing fair rules of the road to preserve the openness of the Internet, and empowering consumers by supporting a transparent and competitive mobile marketplace. The chairman said that the biggest threat to the future of mobile in America is the looming spectrum crisis. “Spectrum is the oxygen of our mobile networks. While the short-term outlook for 4G spectrum availability is adequate, the longer-term picture is very different,” he stated. Source: http://www.rttnews.com/Content/BreakingNews.aspx?Node=B1&Id=1088355 &Category=Breaking News


35. October 8, FierceWireless – (National) AT&T allows VoIP apps to run over 3G on iPhone. AT&T Mobility has decided to change its stance on banning VoIP over 3G applications on Apple’s iPhone. The carrier said that it had informed both Apple and the FCC of its decision. The change in policy means users of VoIP applications on the iPhone, such as Skype, will no longer be relegated to using the device’s WiFi connection for VoIP calling. It is also a significant turnaround for AT&T, which said earlier this year that allowing VoIP apps on the iPhone to run over its 3G network could cripple the network. AT&T has openly discussed the strain iPhone usage, in general, has placed on its network. VoIP already runs on other AT&T devices. The move is seen as peremptory as the FCC determines how net neutrality guidelines will apply to the wireless industry. Source: http://www.fiercebroadbandwireless.com/story/t-allows-voip-apps-run-over-3g-iphone/2009-10-08